| Previous | Table of Contents | Next |
The smb.conf file layout consists of a series of named sections. Each section starts with its name in brackets, as in [global]. Within each section, the parameters are specified by key = value pairs, such as comment = RedHat Samba Server.
smb.conf contains three special sections and one or more custom sections. The special sections are [global], [homes], and [printers].
The [global] section controls parameters for the entire smb server. The section also provides default values for the other sections.
[global] ; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4 workgroup = WORKGROUP ; comment is the equivalent of the NT Description field comment = RedHat Samba Server ; volume = used to emulate a CDRom label (can be set on a per share basis) volume = RedHat4
The first line from the global section in Listing 15.1 defines the workgroup that this machine will belong to on your network. Next the file specifies a comment for the system and identifies a volume label.
; printing = BSD or SYSV or AIX, etc. printing = bsd printcap name = /etc/printcap load printers = yes
The next entry tells the Samba server what type of printing system is available on your server, and the line after that indicates where the printer configuration file is located.
• See “Understanding the /etc/printcap File,” p. 411
The next line instructs Samba to make available on the network all the printers defined in the printcap file.
; Uncomment this if you want a guest account ; guest account = pcguest log file = /var/log/samba-log.%m ; Put a capping on the size of the log files (in Kb) max log size = 50
The next entry indicates a username for a guest account on your sever. This account is used to authenticate users for Samba services available to guest connections.
The log file entry specifies the location of the log file for each client who accesses Samba services. The %m parameter tells the Samba server to create a separate log file for each client. The max log size entry sets a maximum file size for the logs created.
The [homes] section allows network clients to connect to a user’s home directory on your server without having an explicit entry in the smb.conf file. When a service request is made, the Samba server searches the smb.conf file for the specific section corresponding to the service request. If it does not find the service, Samba checks to see if there is a [homes] section. If the [homes] section exists, Samba searches the password file to find the home directory for the user making the request. When it’s found, this directory is shared with the network.
[homes] comment = Home Directories browseable = no read only = no preserve case = yes short preserve case = yes create mode = 0750
The comment entry is displayed to the clients to let them know which shares are available. The browseable entry instructs Samba how to display this share in a network browse list. The read-only parameter controls whether a user can create and change files in his home directory when it is shared across the network. The preserve case and short preserve case parameters instruct the server to preserve the case of any information written to the server. This is important because Windows filenames are not typically case-sensitive, but Linux filenames are case-sensitive. The final entry sets the file permissions for any files created on the shared directory.
• See “File Permissions,” p. 310
The [printers] section defines how printing services are controlled if no specific entries are found in the smb.conf file. Thus like the [homes] section, if no specific entry is found for a printing service, Samba uses the [printers] section (if it’s present) to allow a user to connect to any printer defined in /etc/printcap.
[printers] comment = All Printers path = /var/spool/samba browseable = no printable = yes ; Set public = yes to allow user ‘guest account’ to print public = no writable = no create mode = 0700
The comment, browseable, and create mode entries mean the same as discussed above in the [homes] sections. The path entry indicates the location of the spool file to be used when servicing a print request via SMB.
• See “Selecting a Printer to Work with Linux,” p. 406
The printable value, if set to yes, indicates that this printer resource can be used to print. The public entry controls whether the guest account can print.
After configuring your defaults for the Samba server, you can create specific shared directories limited to just certain groups of people or to everyone. For example, suppose you want to make a directory available to only one user. To do so you would create a new section and fill in the needed information. Typically you’ll need to specify the user, the directory path, and configuration information to the SMB server as shown here:
[jacksdir] comment = Jack’s remote source code directory path = /usr/local/src valid users = tackett browsable = yes public = no writable = yes create mode = 0700
This sample section creates a shared directory called jacksdir. The path to the directory on the local server is /usr/local/src. Because the browsable entry is set to yes, jacksdir will show up in the network browse list. However, because the public entry is set to no, only the user named tackett can access this directory using Samba. You can grant access to other users by listing them in the valid users entry.
After creating the configuration file you should test it for correctness with the testparm program. testparm is a very simple test program to check the /etc/smb.conf configuration file for internal correctness. If this program reports no problems, you can use the configuration file with confidence that smbd will successfully load the configuration file.
CAUTION:
Using testparm is NOT a guarantee that the services specified in the configuration file will be available or will operate as expected.
testparm has the following command line:
testparm [configfile [hostname hostip]]
where configfile indicates the location of the smb.conf file if it is not in the default location (/etc/smb.conf). The hostname hostIP optional parameter instructs testparm to see if the host has access to the services provided in the smb.conf file.
| Previous | Table of Contents | Next |