Medientechnik/iwm-overlay
Medientechnik
/
iwm-overlay
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New samba ebuilds 

git-svn-id: svn+ssh://svnintern.kmrc.de/projects/gentoo/iwm-overlay@9277 cbe59ace-07ea-0310-918e-868702b5370d
This commit is contained in:
Torsten Kurbad 2009-04-29 14:13:26 +00:00
parent 3294b067c0
commit aeecf11791
13 changed files with 105 additions and 1125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net-fs/samba/Manifest
View File

@ -11,4 +11,8 @@ AUX samba-conf 1291 RMD160 326fb4beee8105d839d23e37f4989d7e332c996b SHA1 af7cd69
AUX samba-init 1133 RMD160 77a084e8f78665af0233f19dc9c4a49693360da1 SHA1 09d7f1d676856289b61e890396a9976e2ccc794a SHA256 3b41d16daf02f9a1ab12e62c4c915f58e7801c07be48e2a94086eb288bb86aad
AUX samba-xinetd 286 RMD160 c90bd8518082eb4c182d5f7bd223a76f8e3c7fab SHA1 b250c5ca539187d8b481bcfb6ea3a915d7e8b26b SHA256 964d06dc33beff38978a8f03cd12b05c33d8258ed73aa9ffbf137fe226de25b8
DIST samba-3.3.0.tar.gz 25942368 RMD160 1ef899e9c64f75e0eb3fdca838696b85309af64d SHA1 8685e3c703073cbbfbeb9ee6e6f77690a8cff862 SHA256 b00ca360e9b414744eff33ca4567f3eb1a28d32914e20f00b6672fbc141c9beb
DIST samba-4.0.0alpha7.tar.gz 11927771 RMD160 551aface24e04e8b5665c1d2e12ec8bc7a725d0f SHA1 f59bedd40e0fd5a85e31ea4a06e8a4a874c6c9b7 SHA256 744d97ad7fc964efa27f02bdc4f93b533269e4e5e27639035ae80942510c743e
DIST samba-vscan-0.3.6c-beta5.tar.gz 248183 RMD160 6929c30b57e342c4bdf6a6b432fbe41c2ac70a74 SHA1 9e1b37225246ff2f19e37aceb97a680afc82cdda SHA256 bfe910d54add8dcb87d5babdf50127a6dcf079e0e90ad9947b4cbfdbe3e3037d
EBUILD samba-3.3.0.ebuild 7736 RMD160 7872a31da441d4a93363bfc3a4f7cf2ec2a69379 SHA1 9e825a80db3989bf09d2bdbb177f7b5eae51c415 SHA256 9f3a573f1f6ea84d4d21276bd3631cfe04e635467cbc98a5dc9acc2e3a503328
EBUILD samba-4.0.0_alpha7.ebuild 10073 RMD160 3dbdf0b6de0f150ea722c3fd9b6fe9d964117457 SHA1 6232ad5bc5e1e9dfbaa8a3df0eca3464e69baaca SHA256 aa5b2409cacd5d6646f0f4e4bee3fc70cc2c0e164feb92a53df0a584e7d2fc98
MISC samba-9999.ebuild.old_svn 8339 RMD160 863bcbf1d8ebec56ae70eb428d1c99d1567ff2e3 SHA1 dfbcadc3241baaac7c9aea62d72ecae5924a0d3d SHA256 132bba6308140f951bae6d5e7860e40a212de58708ff3a7053045d5ba0656469

151
net-fs/samba4/samba4-9999.ebuild → net-fs/samba/samba-4.0.0_alpha7.ebuild
View File

@ -1,21 +1,21 @@
# Copyright 1999-2007 Gentoo Foundation
# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-3.0.34.ebuild,v 1.1 2009/03/29 16:49:58 patrick Exp $
inherit libtool autotools eutils pam python multilib versionator confutils subversion
inherit autotools eutils pam python multilib versionator confutils
VSCAN_P="samba-vscan-0.3.6c-beta5"
MY_P=${PN}-${PV/_/}
DESCRIPTION="A suite of SMB and CIFS client/server programs for UNIX"
HOMEPAGE="http://www.samba.org/"
ESVN_REPO_URI="svn://svnanon.samba.org/samba/branches/SAMBA_4_0"
LICENSE="GPL-2"
SRC_URI="mirror://samba/samba4/${MY_P}.tar.gz
oav? ( http://www.openantivirus.org/download/${VSCAN_P}.tar.gz )"
LICENSE="GPL-3 oav? ( GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="**"
IUSE_LINGUAS="linguas_ja linguas_pl"
IUSE="${IUSE_LINGUAS} acl ads async automount caps cups doc examples ipv6 kernel_linux ldap fam
pam python quotas readline selinux swat syslog winbind"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
IUSE="acl ads async automount caps cups debug doc examples ipv6 kernel_linux ldap fam
pam quotas readline selinux swat syslog winbind oav"
RDEPEND="dev-libs/popt
virtual/libiconv
@ -25,7 +25,6 @@ RDEPEND="dev-libs/popt
ads? ( virtual/krb5 )
ldap? ( net-nds/openldap )
pam? ( virtual/pam )
python? ( dev-lang/python )
readline? ( sys-libs/readline )
selinux? ( sec-policy/selinux-samba )
swat? ( sys-apps/xinetd )
@ -34,23 +33,45 @@ RDEPEND="dev-libs/popt
caps? ( sys-libs/libcap )"
DEPEND="${RDEPEND}"
# Tests are broken now :-(
RESTRICT="test nomirror"
S=${WORKDIR}/${MY_P}
CONFDIR=${FILESDIR}/config
PRIVATE_DST=/var/lib/samba/private
BUILD_TARGETS="proto all"
#MODULE_NAMES="."
pkg_setup() {
confutils_use_depend_all ads ldap
}
src_unpack() {
unpack ${A}
cd "${S}/source4"
# lazyldflags.patch: adds "-Wl,-z,now" to smb{mnt,umount}
# invalid-free-fix.patch: Bug #196015 (upstream: #5021)
#epatch \
# "${FILESDIR}/3.0.26a-lazyldflags.patch" \
# "${FILESDIR}/3.0.26a-invalid-free-fix.patch" \
# "${FILESDIR}/3.0.28-fix_broken_readdir_detection.patch" \
# "${FILESDIR}/3.0.28a-wrong_python_ldflags.patch"
#eautoconf -I. -Ilib/replace
# Ok, agreed, this is ugly. But it avoids a patch we
# need for every samba version and we don't need autotools
sed -i \
-e 's|"lib32" ||' \
-e 's|if test -d "$i/$l" ;|if test -d "$i/$l" -o -L "$i/$l";|' \
configure || die "sed failed"
rm "${S}/docs/manpages"/{mount,umount}.cifs.8
}
src_compile() {
cd "${S}/source"
einfo "Running autogen.sh"
./autogen.sh
eend ${?}
cd "${S}/source4"
local myconf
local mylangs
@ -60,10 +81,6 @@ src_compile() {
myconf="--with-python=no"
use python && myconf="--with-python=${python}"
mylangs="--with-manpages-langs=en"
use linguas_ja && mylangs="${mylangs},ja"
use linguas_pl && mylangs="${mylangs},pl"
use winbind && mymod_shared="--with-shared-modules=idmap_rid"
if use ldap ; then
myconf="${myconf} $(use_with ads)"
@ -88,19 +105,21 @@ src_compile() {
--localstatedir=/var \
--with-configdir=/etc/samba \
--with-libdir=/usr/$(get_libdir)/samba \
--with-pammodulesdir=$(getpam_mod_dir) \
--with-swatdir=/usr/share/doc/${PF}/swat \
--with-piddir=/var/run/samba \
--with-lockdir=/var/cache/samba \
--with-logfilebase=/var/log/samba \
--with-privatedir=${PRIVATE_DST} \
--with-libsmbclient \
--without-spinlocks \
--enable-socket-wrapper \
--with-cifsmount=no \
--enable-fhs \
$(use_with acl acl-support) \
$(use_with async aio-support) \
$(use_with automount) \
$(use_enable cups) \
$(use_enable debug) \
$(use_enable fam) \
$(use_with ads krb5) \
$(use_with ldap) \
@ -110,7 +129,7 @@ src_compile() {
$(use_with kernel_linux smbmount) \
$(use_with syslog) \
$(use_with winbind) \
${myconf} ${mylangs} ${mymod_shared} || die "econf failed"
${myconf} ${mylangs} ${mymod_shared}
emake proto || die "emake proto failed"
emake everything || die "emake everything failed"
@ -118,17 +137,34 @@ src_compile() {
if use python ; then
emake python_ext || die "emake python_ext failed"
fi
if use oav ; then
# maintainer-info:
# - there are no known releases of mks or kavdc,
# setting to builtin to disable auto-detection
cd "${WORKDIR}/${VSCAN_P}"
econf \
--with-fhs \
--with-samba-source="${S}/source4" \
--with-libmksd-builtin \
--with-libkavdc-builtin \
--without-symantec \
--with-filetype \
--with-fileregexp \
$(use_enable debug)
emake || die "emake oav plugins failed"
fi
}
src_test() {
cd "${S}/source"
cd "${S}/source4"
emake test || die "tests failed"
}
src_install() {
cd "${S}/source"
cd "${S}/source4"
emake DESTDIR="${D}" install-everything || die "emake install-everything failed"
emake DESTDIR="${D}" install || die "emake install failed"
# Extra rpctorture progs
local extra_bins="rpctorture"
@ -139,6 +175,9 @@ src_install() {
# remove .old stuff from /usr/bin:
rm -f "${D}"/usr/bin/*.old
# Removing executable bits from header-files
fperms 644 /usr/include/lib{msrpc,smbclient}.h
# Nsswitch extensions. Make link for wins and winbind resolvers
if use winbind ; then
dolib.so nsswitch/libnss_wins.so
@ -147,11 +186,6 @@ src_install() {
dosym libnss_winbind.so /usr/$(get_libdir)/libnss_winbind.so.2
fi
if use pam ; then
dopammod bin/pam_smbpass.so
use winbind && dopammod bin/pam_winbind.so
fi
if use kernel_linux ; then
# Warning: this can byte you if /usr is
# on a separate volume and you have to mount
@ -178,7 +212,7 @@ src_install() {
find "${D}/usr/$(get_libdir)/python${PYVER}/site-packages" -iname "*.pyc" -delete
fi
cd "${S}/source"
cd "${S}/source4"
# General config files
insinto /etc/samba
@ -186,7 +220,7 @@ src_install() {
newins "${CONFDIR}/smb.conf.example-samba3" smb.conf.example
newpamd "${CONFDIR}/samba.pam" samba
use winbind && doins ${CONFDIR}/system-auth-winbind
use winbind && dopamd "${CONFDIR}/system-auth-winbind"
if use swat ; then
insinto /etc/xinetd.d
newins "${CONFDIR}/swat.xinetd" swat
@ -209,18 +243,18 @@ src_install() {
fi
# dirs
diropts -m0700 ; keepdir ${PRIVATE_DST}
diropts -m0700 ; keepdir "${PRIVATE_DST}"
diropts -m1777 ; keepdir /var/spool/samba
diropts -m0755
keepdir /var/{log,run,cache}/samba
keepdir /var/lib/samba/{netlogon,profiles}
keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC}
keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC,X64,IA64,COLOR}
keepdir /usr/$(get_libdir)/samba/{rpc,idmap,auth}
# docs
dodoc "${FILESDIR}/README.gentoo"
dodoc "${S}"/{COPYING,Manifest,README,Roadmap,WHATSNEW.txt}
dodoc "${S}"/{MAINTAINERS,README,Roadmap,WHATSNEW.txt}
dodoc "${CONFDIR}/nsswitch.conf-wins"
use winbind && dodoc "${CONFDIR}/nsswitch.conf-winbind"
@ -242,17 +276,30 @@ src_install() {
rm -rf "${D}/usr/share/doc/${PF}/swat/help"/{guide,howto,devel}
rm -rf "${D}/usr/share/doc/${PF}/swat/using_samba"
fi
else
cd "${S}/docs"
insinto /usr/share/doc/${PF}
doins *.pdf
doins -r registry
dohtml -r htmldocs/*
fi
if use oav ; then
cd "${WORKDIR}/${VSCAN_P}"
emake DESTDIR="${D}" install || die "emake install oav plugins failed"
docinto samba-vscan
dodoc AUTHORS ChangeLog FAQ INSTALL NEWS README TODO
find . -iname "*.conf" -print0 | xargs -0 dodoc
fi
}
pkg_preinst() {
local PRIVATE_SRC=/etc/samba/private
if [[ ! -r ${ROOT}/${PRIVATE_DST}/secrets.tdb \
&& -r ${ROOT}/${PRIVATE_SRC}/secrets.tdb ]] ; then
ebegin "Copying ${ROOT}/${PRIVATE_SRC}/* to ${ROOT}/${PRIVATE_DST}/"
mkdir -p "${D}"/${PRIVATE_DST}
cp -pPRf "${ROOT}"/${PRIVATE_SRC}/* "${D}"/${PRIVATE_DST}/
if [[ ! -r "${ROOT}/${PRIVATE_DST}/secrets.tdb" \
&& -r "${ROOT}/${PRIVATE_SRC}/secrets.tdb" ]] ; then
ebegin "Copying "${ROOT}"/${PRIVATE_SRC}/* to ${ROOT}/${PRIVATE_DST}/"
mkdir -p "${D}/${PRIVATE_DST}"
cp -pPRf "${ROOT}/${PRIVATE_SRC}"/* "${D}/${PRIVATE_DST}/"
eend $?
fi
@ -277,13 +324,22 @@ pkg_postinst() {
einfo " change the /etc/xinetd.d/smb configuration"
fi
elog "It is possible to start/stop daemons seperately:"
elog "It is possible to start/stop daemons separately:"
elog " Create a symlink from /etc/init.d/samba.{smbd,nmbd,winbind} to"
elog " /etc/init.d/samba. Calling /etc/init.d/samba directly will start"
elog " the daemons configured in /etc/conf.d/samba"
elog "The mount/umount.cifs helper applications are not included anymore."
elog "Please install net-fs/mount-cifs instead."
if use oav ; then
elog "The configure snippets for various antivirus plugins are available here:"
elog " /usr/share/doc/${PF}/samba-vscan"
fi
ewarn "If you're upgrading from 3.0.24 or earlier, please make sure to"
ewarn "restart your clients to clear any cached information about the server."
ewarn "Otherwise they might not be able to connect to the volumes."
}
pkg_postrm() {
@ -291,9 +347,4 @@ pkg_postrm() {
python_version
python_mod_cleanup /usr/$(get_libdir)/python${PYVER}/site-packages/samba
fi
# If stale docs, and one isn't re-emerging the latest version, removes
# (this is actually a portage bug, though)
[[ -n ${PF} && ! -f ${ROOT}/usr/$(get_libdir)/${PN}/en.msg ]] && \
rm -rf "${ROOT}"/usr/share/doc/${PF}
}

43
net-fs/samba4/Manifest
View File

@ -1,43 +0,0 @@
AUX config/lmhosts 130 RMD160 b2acc34f95a4f926528ae67861c3597204be0c41 SHA1 be21644d6b4645d0685b954071b4618faa1c6da2 SHA256 c1c0a520c6d4b4ce7df9bd30f835dd912942b05004fc24e3cc495fc1622d5d8c
MD5 17f92fe28ec69c903f38ec7aaa7193f6 files/config/lmhosts 130
RMD160 b2acc34f95a4f926528ae67861c3597204be0c41 files/config/lmhosts 130
SHA256 c1c0a520c6d4b4ce7df9bd30f835dd912942b05004fc24e3cc495fc1622d5d8c files/config/lmhosts 130
AUX config/nsswitch.conf-winbind 410 RMD160 02722819dfba2fb1425eadd0f63f96f598ecda69 SHA1 ede68472b5eae7d2efb805e138bd7f9ca8f7fefb SHA256 d1e61b5a152d05a3d8a9f8d18d574596acc1a594b311278d3ad9ea1b2c273a40
MD5 5a1db47f778ddd81af36d7dd77e1170f files/config/nsswitch.conf-winbind 410
RMD160 02722819dfba2fb1425eadd0f63f96f598ecda69 files/config/nsswitch.conf-winbind 410
SHA256 d1e61b5a152d05a3d8a9f8d18d574596acc1a594b311278d3ad9ea1b2c273a40 files/config/nsswitch.conf-winbind 410
AUX config/nsswitch.conf-wins 396 RMD160 61f7d80bfa06efb16e8e9344f2402fc88b1198e8 SHA1 8139e2034118b0fe64d40cf7dc811435ee151584 SHA256 1ab5c5711823af6a04fdaf4920826940b4b0d92822e6464bbf404ca03d24fd1b
MD5 64125d209aa1c61a1fd3a35e3715d1b5 files/config/nsswitch.conf-wins 396
RMD160 61f7d80bfa06efb16e8e9344f2402fc88b1198e8 files/config/nsswitch.conf-wins 396
SHA256 1ab5c5711823af6a04fdaf4920826940b4b0d92822e6464bbf404ca03d24fd1b files/config/nsswitch.conf-wins 396
AUX config/samba.pam 397 RMD160 8f64b09e17e0c458a8156db3cc92a0413513e4fc SHA1 f39d48e07be8069885b51253c5b891a856b7b41e SHA256 86634f2d541370518d0958a73c04776ed5df2a3716ef128ff384459acce9cd38
MD5 a8c9fa5bbf2393084ed9e7add6340f9c files/config/samba.pam 397
RMD160 8f64b09e17e0c458a8156db3cc92a0413513e4fc files/config/samba.pam 397
SHA256 86634f2d541370518d0958a73c04776ed5df2a3716ef128ff384459acce9cd38 files/config/samba.pam 397
AUX config/samba.schema 16044 RMD160 b28408c64524ea44a9b0ea877d614603456a18fa SHA1 523d8bcf6313fe8ce03a3fbe762ba90b88ca5643 SHA256 c011a2f2f4fcc2839e3609cf5477507d938083f48f15a05787337b352f3afec3
MD5 bf268fdddc8ef677b6fa78661a094eac files/config/samba.schema 16044
RMD160 b28408c64524ea44a9b0ea877d614603456a18fa files/config/samba.schema 16044
SHA256 c011a2f2f4fcc2839e3609cf5477507d938083f48f15a05787337b352f3afec3 files/config/samba.schema 16044
AUX config/smb.conf.example-samba3 19701 RMD160 1ce92cbedb15cf5ee4d66ee50fd7c996231facea SHA1 5c60002f23ac2a60fc27b58ea03659acb0db876a SHA256 83fd9407e71db606bb50677f9d8a557688b6eafacb32d30c7a0a6d1c666b694d
MD5 ab08f7651d0d0d59e648ed24c6b0c9c0 files/config/smb.conf.example-samba3 19701
RMD160 1ce92cbedb15cf5ee4d66ee50fd7c996231facea files/config/smb.conf.example-samba3 19701
SHA256 83fd9407e71db606bb50677f9d8a557688b6eafacb32d30c7a0a6d1c666b694d files/config/smb.conf.example-samba3 19701
AUX config/smbusers 208 RMD160 04d432806e3024543096da6e079820032a850436 SHA1 ef8344b94b3860d405f8663206be9d5cab6030a9 SHA256 845fbb6c93e4570fc40ca59e2471a9a72cb76fe20ce5bde5f75fec65b5471702
MD5 1dd1f851a164732c13fbe11a53591eb0 files/config/smbusers 208
RMD160 04d432806e3024543096da6e079820032a850436 files/config/smbusers 208
SHA256 845fbb6c93e4570fc40ca59e2471a9a72cb76fe20ce5bde5f75fec65b5471702 files/config/smbusers 208
AUX config/swat.xinetd 531 RMD160 76c6d999a77c356d1013ab2586762e034550aac3 SHA1 3c25ea5418a007c875959cf12416ef1cbc37952b SHA256 12c2e1a907d1751f2431fc2b1a4702ee6ddca228c81056333dd96a4f146ac1ab
MD5 4927fd313e588dceb0aed29f85856198 files/config/swat.xinetd 531
RMD160 76c6d999a77c356d1013ab2586762e034550aac3 files/config/swat.xinetd 531
SHA256 12c2e1a907d1751f2431fc2b1a4702ee6ddca228c81056333dd96a4f146ac1ab files/config/swat.xinetd 531
AUX config/system-auth-winbind 873 RMD160 7392d93abc16dd5e1caaebe8bbe3aa786b1122fb SHA1 5e1161d30926f6b9772645a61ad664d2d15b81ff SHA256 365843527fe3c6b0576d499646a36690558699ffc21e4ef089099c3e773accbe
MD5 048ac02182ebbca4e69a52a7ba65fc7d files/config/system-auth-winbind 873
RMD160 7392d93abc16dd5e1caaebe8bbe3aa786b1122fb files/config/system-auth-winbind 873
SHA256 365843527fe3c6b0576d499646a36690558699ffc21e4ef089099c3e773accbe files/config/system-auth-winbind 873
EBUILD samba4-9999.ebuild 8339 RMD160 863bcbf1d8ebec56ae70eb428d1c99d1567ff2e3 SHA1 dfbcadc3241baaac7c9aea62d72ecae5924a0d3d SHA256 132bba6308140f951bae6d5e7860e40a212de58708ff3a7053045d5ba0656469
MD5 06e1774121702e6178d9f67171248831 samba4-9999.ebuild 8339
RMD160 863bcbf1d8ebec56ae70eb428d1c99d1567ff2e3 samba4-9999.ebuild 8339
SHA256 132bba6308140f951bae6d5e7860e40a212de58708ff3a7053045d5ba0656469 samba4-9999.ebuild 8339
MD5 d41d8cd98f00b204e9800998ecf8427e files/digest-samba4-9999 0
RMD160 9c1185a5c5e9fc54612808977ee8f548b2258d31 files/digest-samba4-9999 0
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 files/digest-samba4-9999 0

2
net-fs/samba4/files/config/lmhosts
View File

@ -1,2 +0,0 @@
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/config/lmhosts,v 1.1 2007/09/07 21:07:40 dev-zero Exp $
127.0.0.1 localhost

17
net-fs/samba4/files/config/nsswitch.conf-winbind
View File

@ -1,17 +0,0 @@
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/config/nsswitch.conf-winbind,v 1.1 2007/09/07 21:07:40 dev-zero Exp $
passwd: files winbind
group: files winbind
hosts: files dns
networks: files dns
services: db files
protocols: db files
rpc: db files
ethers: db files
netmasks: files
netgroup: files
bootparams: files
automount: files
aliases: files

17
net-fs/samba4/files/config/nsswitch.conf-wins
View File

@ -1,17 +0,0 @@
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/config/nsswitch.conf-wins,v 1.1 2007/09/07 21:07:40 dev-zero Exp $
passwd: files
group: files
hosts: files dns wins
networks: files dns
services: db files
protocols: db files
rpc: db files
ethers: db files
netmasks: files
netgroup: files
bootparams: files
automount: files
aliases: files

8
net-fs/samba4/files/config/samba.pam
View File

@ -1,8 +0,0 @@
#%PAM-1.0
# * pam_smbpass.so authenticates against the smbpasswd file
# * changed Redhat's 'pam_stack' with 'include' for *BSD compatibility
# (Diego "Flameeyes" Petteno'): enable with pam>=0.78 only
auth required pam_smbpass.so nodelay
account include system-auth
session include system-auth
password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf

471
net-fs/samba4/files/config/samba.schema
View File

@ -1,471 +0,0 @@
##
## schema file for OpenLDAP 2.x
## Schema for storing Samba user accounts and group maps in LDAP
## OIDs are owned by the Samba Team
##
## Prerequisite schemas - uid (cosine.schema)
## - displayName (inetorgperson.schema)
## - gidNumber (nis.schema)
##
## 1.3.6.1.4.1.7165.2.1.x - attributetypes
## 1.3.6.1.4.1.7165.2.2.x - objectclasses
##
## ----- READ THIS WHEN ADDING A NEW ATTRIBUTE OR OBJECT CLASS ------
##
## Run the 'get_next_oid' bash script in this directory to find the
## next available OID for attribute type and object classes.
##
## $ ./get_next_oid
## attributetype ( 1.3.6.1.4.1.7165.2.1.XX NAME ....
## objectclass ( 1.3.6.1.4.1.7165.2.2.XX NAME ....
##
## Also ensure that new entries adhere to the declaration style
## used throughout this file
##
## <attributetype|objectclass> ( 1.3.6.1.4.1.7165.2.XX.XX NAME ....
## ^ ^ ^
##
## The spaces are required for the get_next_oid script (and for
## readability).
##
## ------------------------------------------------------------------
########################################################################
## HISTORICAL ##
########################################################################
##
## Password hashes
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword'
# DESC 'LanManager Passwd'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword'
# DESC 'NT Passwd'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
##
## Account flags in string format ([UWDX ])
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags'
# DESC 'Account Flags'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )
##
## Password timestamps & policies
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet'
# DESC 'NT pwdLastSet'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime'
# DESC 'NT logonTime'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime'
# DESC 'NT logoffTime'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime'
# DESC 'NT kickoffTime'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange'
# DESC 'NT pwdCanChange'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange'
# DESC 'NT pwdMustChange'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
##
## string settings
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive'
# DESC 'NT homeDrive'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath'
# DESC 'NT scriptPath'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath'
# DESC 'NT profilePath'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations'
# DESC 'userWorkstations'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome'
# DESC 'smbHome'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
#attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain'
# DESC 'Windows NT domain to which the user belongs'
# EQUALITY caseIgnoreIA5Match
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
##
## user and group RID
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid'
# DESC 'NT rid'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID'
# DESC 'NT Group RID'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
##
## The smbPasswordEntry objectclass has been depreciated in favor of the
## sambaAccount objectclass
##
#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY
# DESC 'Samba smbpasswd entry'
# MUST ( uid $ uidNumber )
# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags ))
#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL
# DESC 'Samba Account'
# MUST ( uid $ rid )
# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
# description $ userWorkstations $ primaryGroupID $ domain ))
#objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY
# DESC 'Samba Auxiliary Account'
# MUST ( uid $ rid )
# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
# description $ userWorkstations $ primaryGroupID $ domain ))
########################################################################
## END OF HISTORICAL ##
########################################################################
#######################################################################
## Attributes used by Samba 3.0 schema ##
#######################################################################
##
## Password hashes
##
attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword'
DESC 'LanManager Password'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword'
DESC 'MD4 hash of the unicode password'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
##
## Account flags in string format ([UWDX ])
##
attributetype ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'
DESC 'Account Flags'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )
##
## Password timestamps & policies
##
attributetype ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet'
DESC 'Timestamp of the last password update'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange'
DESC 'Timestamp of when the user is allowed to update the password'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange'
DESC 'Timestamp of when the password will expire'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime'
DESC 'Timestamp of last logon'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime'
DESC 'Timestamp of last logoff'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime'
DESC 'Timestamp of when the user will be logged off automatically'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount'
DESC 'Bad password attempt count'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime'
DESC 'Time of the last bad password attempt'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours'
DESC 'Logon Hours'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE )
##
## string settings
##
attributetype ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive'
DESC 'Driver letter of home directory mapping'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript'
DESC 'Logon script path'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath'
DESC 'Roaming profile path'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations'
DESC 'List of user workstations the user is allowed to logon to'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath'
DESC 'Home directory UNC path'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributetype ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName'
DESC 'Windows NT domain to which the user belongs'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributetype ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial'
DESC ''
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
attributetype ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory'
DESC 'Concatenated MD4 hashes of the unicode passwords used on this account'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
##
## SID, of any type
##
attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID'
DESC 'Security ID'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
##
## Primary group SID, compatible with ntSid
##
attributetype ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID'
DESC 'Primary Group Security ID'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList'
DESC 'Security ID List'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} )
##
## group mapping attributes
##
attributetype ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType'
DESC 'NT Group Type'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
##
## Store info on the domain
##
attributetype ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid'
DESC 'Next NT rid to give our for users'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid'
DESC 'Next NT rid to give out for groups'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid'
DESC 'Next NT rid to give out for anything'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase'
DESC 'Base at which the samba RID generation algorithm should operate'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName'
DESC 'Share Name'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName'
DESC 'Option Name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption'
DESC 'A boolean option'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption'
DESC 'An integer option'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption'
DESC 'A string option'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption'
DESC 'A string list option'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName'
SUP name )
attributetype ( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList'
DESC 'Privileges List'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} )
attributetype ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags'
DESC 'Trust Password Flags'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
#######################################################################
## objectClasses used by Samba 3.0 schema ##
#######################################################################
## The X.500 data model (and therefore LDAPv3) says that each entry can
## only have one structural objectclass. OpenLDAP 2.0 does not enforce
## this currently but will in v2.1
##
## added new objectclass (and OID) for 3.0 to help us deal with backwards
## compatibility with 2.2 installations (e.g. ldapsam_compat) --jerry
##
objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY
DESC 'Samba 3.0 Auxilary SAM Account'
MUST ( uid $ sambaSID )
MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $
sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $
displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $
sambaProfilePath $ description $ sambaUserWorkstations $
sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $
sambaBadPasswordCount $ sambaBadPasswordTime $
sambaPasswordHistory $ sambaLogonHours))
##
## Group mapping info
##
objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY
DESC 'Samba Group Mapping'
MUST ( gidNumber $ sambaSID $ sambaGroupType )
MAY ( displayName $ description $ sambaSIDList ))
##
## Trust password for trust relationships (any kind)
##
objectclass ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL
DESC 'Samba Trust Password'
MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags )
MAY ( sambaSID $ sambaPwdLastSet ))
##
## Whole-of-domain info
##
objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL
DESC 'Samba Domain Information'
MUST ( sambaDomainName $
sambaSID )
MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $
sambaAlgorithmicRidBase ) )
##
## used for idmap_ldap module
##
objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY
DESC 'Pool for allocating UNIX uids/gids'
MUST ( uidNumber $ gidNumber ) )
objectclass ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY
DESC 'Mapping from a SID to an ID'
MUST ( sambaSID )
MAY ( uidNumber $ gidNumber ) )
objectclass ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL
DESC 'Structural Class for a SID'
MUST ( sambaSID ) )
objectclass ( 1.3.6.1.4.1.7165.1.2.2.10 NAME 'sambaConfig' SUP top AUXILIARY
DESC 'Samba Configuration Section'
MAY ( description ) )
objectclass ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL
DESC 'Samba Share Section'
MUST ( sambaShareName )
MAY ( description ) )
objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL
DESC 'Samba Configuration Option'
MUST ( sambaOptionName )
MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $
sambaStringListoption $ description ) )
objectclass ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' SUP top AUXILIARY
DESC 'Samba Privilege'
MUST ( sambaSID )
MAY ( sambaPrivilegeList ) )

478
net-fs/samba4/files/config/smb.conf.example-samba3
View File

@ -1,478 +0,0 @@
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]
# 1. Server Naming Options:
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MYGROUP
# netbios name is the name you will see in "Network Neighbourhood",
# but defaults to your hostname
; netbios name = <name_of_this_server>
# server string is the equivalent of the NT Description field
server string = Samba Server %v
# 2. Printing Options:
# CHANGES TO ENABLE PRINTING ON ALL CUPS PRINTERS IN THE NETWORK
# if you want to automatically load your printer list rather
# than setting them up individually then you'll need this
printcap name = cups
load printers = yes
# It should not be necessary to spell out the print system type unless
# yours is non-standard. Currently supported print systems include:
# bsd, sysv, plp, lprng, aix, hpux, qnx, cups
printing = cups
# 3. Logging Options:
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Set the log (verbosity) level (0 <= log level <= 10)
; log level = 3
# 4. Security and Domain Membership Options:
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page. Do not enable this if (tcp/ip) name resolution does
# not work for all the hosts in your network.
; hosts allow = 192.168.1. 192.168.2. 127.
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest
# Allow users to map to guest:
map to guest = bad user
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = user
# Use password server option only with security = server or security = domain
# When using security = domain, you should use password server = *
; password server = <NT-Server-Name>
; password server = *
# Password Level allows matching of _n_ characters of the password for
# all combinations of upper and lower case.
; password level = 8
; username level = 8
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
# Encrypted passwords are required for any use of samba in a Windows NT domain
# The smbpasswd file is only required by a server doing authentication, thus
# members of a domain do not need one.
encrypt passwords = yes
# The following are needed to allow password changing from Windows to
# also update the Linux system password.
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
; unix password sync = Yes
# You either need to setup a passwd program and passwd chat, or
# enable pam password change
; pam password change = yes
; passwd program = /usr/bin/passwd %u
; passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \
;*passwd:*all*authentication*tokens*updated*successfully*
# Unix users can map to different SMB User names
; username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /etc/samba/smb.conf.%m
# Options for using winbind. Winbind allows you to do all account and
# authentication from a Windows or samba domain controller, creating
# accounts on the fly, and maintaining a mapping of Windows RIDs to unix uid's
# and gid's. idmap uid and idmap gid are the only required parameters.
#
# winbind separator is the character a user must use between their domain
# name and username, defaults to "\"
; winbind separator = +
#
# winbind use default domain allows you to have winbind return usernames
# in the form user instead of DOMAIN+user for the domain listed in the
# workgroup parameter.
; winbind use default domain = yes
#
# template homedir determines the home directory for winbind users, with
# %D expanding to their domain name and %U expanding to their username:
; template homedir = /home/%D/%U
# When using winbind, you may want to have samba create home directories
# on the fly for authenticated users. Ensure that /etc/pam.d/samba is
# using 'service=system-auth-winbind' in pam_stack modules, and then
# enable obedience of pam restrictions below:
; obey pam restrictions = yes
#
# template shell determines the shell users authenticated by winbind get
; template shell = /bin/bash
# 5. Browser Control and Networking Options:
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Configure remote browse list synchronisation here
# request announcement to, or browse list sync from:
# a specific host or from / to a whole subnet (see below)
; remote browse sync = 192.168.3.25 192.168.5.255
# Cause this host to announce itself to local subnets here
; remote announce = 192.168.1.255 192.168.2.44
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
# 6. Domain Control Options:
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations or Primary Domain Controller for WinNT and Win2k
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roaming profiles for WinNT and Win2k
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Where to store roaming profiles for Win9x. Be careful with this as it also
# impacts where Win2k finds it's /HOME share
; logon home = \\%L\%U\.profile
# The add user script is used by a domain member to add local user accounts
# that have been authenticated by the domain controller, or when adding
# users via the Windows NT Tools (ie User Manager for Domains).
# Scripts for file (passwd, smbpasswd) backend:
; add user script = /usr/sbin/useradd -s /bin/false '%u'
; delete user script = /usr/sbin/userdel '%s'
; add user to group script = /usr/bin/gpasswd -a '%u' '%g'
; delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
; set primary group script = /usr/sbin/usermod -g '%g' '%u'
; add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}'
; delete group script = /usr/sbin/groupdel '%g'
# Scripts for LDAP backend (assumes nss_ldap is in use on the domain controller.
# Needs IDEALX scripts, and configuration in smbldap_conf.pm.
# This assumes you've installed the IDEALX scripts into /usr/share/samba/scripts...
; add user script = /usr/share/samba/scripts/smbldap-useradd.pl '%u'
; delete user script = /usr/share/samba/scripts/smbldap-userdel.pl '%u'
; add user to group script = /usr/share/samba/scripts/smbldap-groupmod.pl -m '%u' '%g'
; delete user from group script = /usr/share/samba/scripts/smbldap-groupmod.pl -x '%u' '%g'
; set primary group script = /usr/share/samba/scripts/smbldap-usermod.pl -g '%g' '%u'
; add group script = /usr/share/samba/scripts/smbldap-groupadd.pl '%g' && /usr/share/samba/scripts/smbldap-groupshow.pl %g|awk '/^gidNumber:/ {print $2}'
; delete group script = /usr/share/samba/scripts/smbldap-userdel.pl '%g'
# The add machine script is use by a samba server configured as a domain
# controller to add local machine accounts when adding machines to the domain.
# The script must work from the command line when replacing the macros,
# or the operation will fail. Check that groups exist if forcing a group.
# Script for domain controller for adding machines:
; add machine script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false '%u'
# Script for domain controller with LDAP backend for adding machines (You need
# the IDEALX scripts, and to configure the smbldap_conf.pm first):
; add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d /dev/null -g machines -c 'Machine Account' -s /bin/false '%u'
# Domain groups:
# Domain groups are now configured by using the 'net groupmap' tool
# Samba Password Database configuration:
# Samba now has runtime-configurable password database backends.
# smbpasswd is for backwards compatibility only Default (not recommended),
# new installations should use tdbsam or ldap.
; passdb backend = smbpasswd
# TDB backend
; passdb backend = tdbsam
# LDAP with fallback to smbpasswd guest
# Enable SSL by using an ldaps url, or enable tls with 'ldap ssl' below.
; passdb backend = ldapsam:ldaps://ldap.mydomain.com
# Use the samba2 LDAP schema:
; passdb backend = ldapsam_compat:ldaps://ldap.mydomain.com
# idmap uid account range:
# This is a range of unix user-id's that samba will map non-unix RIDs to,
# such as when using Winbind
; idmap uid = 10000-20000
; idmap gid = 10000-20000
# LDAP configuration for Domain Controlling:
# The account (dn) that samba uses to access the LDAP server
# This account needs to have write access to the LDAP tree
# You will need to give samba the password for this dn, by
# running 'smbpasswd -w mypassword'
; ldap admin dn = cn=root,dc=mydomain,dc=com
; ldap ssl = start_tls
# start_tls should run on 389, but samba defaults incorrectly to 636
; ldap port = 389
; ldap suffix = dc=mydomain,dc=com
; ldap server = ldap.mydomain.com
# Seperate suffixes are available for machines, users, groups, and idmap, if
# ldap suffix appears first, it is appended to the specific suffix.
# Example for a unix-ish directory layout:
; ldap machine suffix = ou=Hosts
; ldap user suffix = ou=People
; ldap group suffix = ou=Group
; ldap idmap suffix = ou=Idmap
# Example for AD-ish layout:
; ldap machine suffix = cn=Computers
; ldap user suffix = cn=Users
; ldap group suffix = cn=Groups
; ldap idmap suffix = cn=Idmap
# 7. Name Resolution Options:
# All NetBIOS names must be resolved to IP Addresses
# 'Name Resolve Order' allows the named resolution mechanism to be specified
# the default order is "host lmhosts wins bcast". "host" means use the unix
# system gethostbyname() function call that will use either /etc/hosts OR
# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf
# and the /etc/resolv.conf file. "host" therefore is system configuration
# dependant. This parameter is most often of use to prevent DNS lookups
# in order to resolve NetBIOS names to IP Addresses. Use with care!
# The example below excludes use of name resolution for machines that are NOT
# on the local network segment
# - OR - are not deliberately to be known via lmhosts or via WINS.
; name resolve order = wins host lmhosts bcast
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
dns proxy = no
# 8. File Naming Options:
# Case Preservation can be handy - system default is _no_
# NOTE: These can be set on a per share basis
; preserve case = no
; short preserve case = no
# Default case is normally upper case for all DOS files
; default case = lower
# Be very careful with case sensitivity - it can break things!
; case sensitive = no
# Enabling internationalization:
# you can match a Windows code page with a UNIX character set.
# Windows: 437 (US), 737 (GREEK), 850 (Latin1 - Western European),
# 852 (Czech), 861 (???), 932 (Japanese),
# 936 (Simplified Chin.), 949 (Korean Hangul),
# 950 (Trad. Chin.).
# More detail about code page is in
# "http://www.microsoft.com/globaldev/reference/oslocversion.mspx"
# UNIX: ISO8859-1 (Western European), ISO8859-2 (Eastern Eu.),
# ISO8859-5 (Russian Cyrillic), KOI8-R (Alt-Russ. Cyril.)
# This is an example for french users:
; dos charset = 850
; unix charset = ISO8859-1
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
# You can enable VFS recycle bin on a per share basis:
# Uncomment the next 2 lines (make sure you create a
# .recycle folder in the base of the share and ensure
# all users will have write access to it. See
# examples/VFS/recycle/REAME in the samba docs for details
; vfs object = /usr/lib/samba/vfs/recycle.so
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /var/lib/samba/netlogon
; guest ok = yes
; writable = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /var/lib/samba/profiles
; browseable = no
; guest ok = yes
# This script can be enabled to create profile directories on the fly
# You may want to turn off guest acces if you enable this, as it
# hasn't been thoroughly tested.
;root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \
; then mkdir -pm700 $PROFILE; chown %u:%g $PROFILE;fi
# NOTE: If you have a CUPS print system there is no need to
# specifically define each individual printer.
# You must configure the samba printers with the appropriate Windows
# drivers on your Windows clients. On the Samba server no filtering is
# done. If you wish that the server provides the driver and the clients
# send PostScript ("Generic PostScript Printer" under Windows), you have
# to swap the 'print command' line below with the commented one.
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# set to yes to allow user 'guest account' to print.
guest ok = no
writable = no
printable = yes
# This share is used for Windows NT-style point-and-print support.
# To be able to install drivers, you need to be either root, or listed
# in the printer admin parameter above. Note that you also need write access
# to the directory and share definition to be able to upload the drivers.
# For more information on this, please see the Printing Support Section of
# /usr/share/doc/samba-<version>/Samba-HOWTO-Collection.pdf
[print$]
path = /var/lib/samba/printers
browseable = yes
read only = yes
write list = @adm root
guest ok = yes
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba/public
; public = yes
; writable = no
; write list = @staff
# Audited directory through experimental VFS audit.so module:
# Uncomment next line.
; vfs object = /usr/lib/samba/vfs/audit.so
# Other examples.
#
# A private printer, usable only by Fred. Spool data will be placed in Fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# A private directory, usable only by Fred. Note that Fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %u option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes
# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765

4
net-fs/samba4/files/config/smbusers
View File

@ -1,4 +0,0 @@
# Unix_name = SMB_name1 SMB_name2 ...
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/config/smbusers,v 1.1 2007/09/07 21:07:40 dev-zero Exp $
root = administrator admin
nobody = guest pcguest smbguest

17
net-fs/samba4/files/config/swat.xinetd
View File

@ -1,17 +0,0 @@
# default: off
# description: SWAT is the Samba Web Admin Tool. Use swat \
# to configure your Samba server. To use SWAT, \
# connect to port 901 with your favorite web browser.
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/config/swat.xinetd,v 1.1 2007/09/07 21:07:40 dev-zero Exp $
service swat
{
port = 901
socket_type = stream
wait = no
only_from = localhost
user = root
server = /usr/sbin/swat
log_on_failure += USERID
disable = yes
}

18
net-fs/samba4/files/config/system-auth-winbind
View File

@ -1,18 +0,0 @@
#%PAM-1.0
# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/config/system-auth-winbind,v 1.1 2007/09/07 21:07:40 dev-zero Exp $
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so likeauth nullok use_first_pass
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0022
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so

0
net-fs/samba4/files/digest-samba4-9999
View File