From a70c8f95c4f0cc69f3f358482c628eccf0aaf198 Mon Sep 17 00:00:00 2001 From: Britney Fransen Date: Thu, 10 Apr 2014 23:15:00 +0000 Subject: system-templates: update smb.conf.template for samba 4.1 --- abs/core/system-templates/PKGBUILD | 2 +- .../templates/samba/smb.conf.template | 127 +++++++++++++++------ 2 files changed, 92 insertions(+), 37 deletions(-) diff --git a/abs/core/system-templates/PKGBUILD b/abs/core/system-templates/PKGBUILD index 7a66e82..0013ab4 100755 --- a/abs/core/system-templates/PKGBUILD +++ b/abs/core/system-templates/PKGBUILD @@ -1,6 +1,6 @@ pkgname=system-templates pkgver=2.0 -pkgrel=27 +pkgrel=28 conflicts=( ) pkgdesc="Templates used for system configuration" depends=() diff --git a/abs/core/system-templates/templates/samba/smb.conf.template b/abs/core/system-templates/templates/samba/smb.conf.template index 478ea6b..773315a 100644 --- a/abs/core/system-templates/templates/samba/smb.conf.template +++ b/abs/core/system-templates/templates/samba/smb.conf.template @@ -1,14 +1,24 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. # #======================= Global Settings ===================================== [global] +# workgroup = NT-Domain-Name or Workgroup-Name workgroup = home_lan - server string = MythVantage -# Security mode. Defines in which mode Samba will operate. Possible -# values are share, user, server, domain and ads. Most people will want -# user level security. See the Samba-HOWTO-Collection for details. - security = share +# server string is the equivalent of the NT Description field + server string = LinHES # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The @@ -17,49 +27,73 @@ # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. - load printers = no - printing = bsd +# if you want to automatically load your printer list rather +# than setting them up individually then you'll need this printcap name = /dev/null -# you may wish to override the location of the printcap file -; printcap name = /etc/printcap + load printers = no + +# It should not be necessary to spell out the print system type unless +# yours is non-standard. Currently supported print systems include: +# bsd, sysv, plp, lprng, aix, hpux, qnx +; printing = bsd +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects - log file = /var/log/samba/log.%m + log file = /var/log/samba/%m.log # Put a capping on the size of the log files (in Kb). max log size = 50 +# Security mode. Most people will want user level security. See +# security_level.txt for details. + security = user # Use password server option only with security = server -# The argument list may include: -# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] -# or to auto-locate the domain controller/s -# password server = * ; password server = -# Use the realm option only with security = ads -# Specifies the Active Directory realm the host is part of -; realm = MY_REALM - -# Backend to store user information in. New installations should -# use either tdbsam or ldapsam. smbpasswd is available for backwards -# compatibility. tdbsam requires no further configuration. -; passdb backend = tdbsam +# Password Level allows matching of _n_ characters of the password for +# all combinations of upper and lower case. +; username level = 8 + +# You may wish to use password encryption. Please read +# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. +# Do not enable this option unless you have read those documents +; encrypt passwords = yes +; smb passwd file = /etc/samba/smbpasswd + +# The following are needed to allow password changing from Windows to +# update the Linux sytsem password also. +# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. +# NOTE2: You do NOT need these to allow workstations to change only +# the encrypted SMB passwords. They allow the Unix password +# to be kept in sync with the SMB password. +; unix password sync = Yes +; passwd program = /usr/bin/passwd %u +; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* + +# Unix users can map to different SMB User names +; username map = /etc/samba/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name -# of the machine that is connecting. -# Note: Consider carefully the location in the configuration file of -# this line. The included file is read at that point. -; include = /usr/local/samba/lib/smb.conf.%m +# of the machine that is connecting +; include = /etc/samba/smb.conf.%m # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 +# Configure remote browse list synchronisation here +# request announcement to, or browse list sync from: +# a specific host or from / to a whole subnet (see below) +; remote browse sync = 192.168.3.25 192.168.5.255 +# Cause this host to announce itself to local subnets here +; remote announce = 192.168.1.255 192.168.2.44 + # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply @@ -78,6 +112,10 @@ # and gives it a slightly higher chance of winning the election ; preferred master = yes +# Use only if you have an NT server on your network that has been +# configured at install time to be a primary domain controller. +; domain controller = + # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes @@ -94,6 +132,19 @@ # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U +# All NetBIOS names must be resolved to IP Addresses +# 'Name Resolve Order' allows the named resolution mechanism to be specified +# the default order is "host lmhosts wins bcast". "host" means use the unix +# system gethostbyname() function call that will use either /etc/hosts OR +# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf +# and the /etc/resolv.conf file. "host" therefore is system configuration +# dependant. This parameter is most often of use to prevent DNS lookups +# in order to resolve NetBIOS names to IP Addresses. Use with care! +# The example below excludes use of name resolution for machines that are NOT +# on the local network segment +# - OR - are not deliberately to be known via lmhosts or via WINS. +; name resolve order = wins lmhosts bcast + # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes @@ -108,18 +159,22 @@ ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names -# via DNS nslookups. The default is NO. +# via DNS nslookups. The built-in default for versions 1.9.17 is yes, +# this has been changed in version 1.9.18 to no. dns proxy = no -# These scripts are used on a domain controller or stand-alone -# machine to add or delete corresponding unix accounts -; add user script = /usr/sbin/useradd %u -; add group script = /usr/sbin/groupadd %g -; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u -; delete user script = /usr/sbin/userdel %u -; delete user from group script = /usr/sbin/deluser %u %g -; delete group script = /usr/sbin/groupdel %g - +# Case Preservation can be handy - system default is _no_ +# NOTE: These can be set on a per share basis +; preserve case = no +; short preserve case = no +# Default case is normally upper case for all DOS files +; default case = lower +# Be very careful with case sensitivity - it can break things! +; case sensitive = no + + map to guest = bad user + unix extensions = no + wide links = yes #============================ Share Definitions ============================== -- cgit v0.12