87 lines
3.0 KiB
Plaintext
87 lines
3.0 KiB
Plaintext
$OpenBSD: README-main,v 1.3 2010/11/06 07:56:48 ajacoutot Exp $
|
|
|
|
Using samba package in an OpenBSD environment:
|
|
|
|
1. Edit ${SYSCONFDIR}/samba/smb.conf to suit your needs.
|
|
|
|
2. Edit /etc/rc.conf.local:
|
|
...
|
|
smbd_flags="-D" # for normal use: "-D"
|
|
nmbd_flags="-D" # for normal use: "-D"
|
|
...
|
|
|
|
3. Edit /etc/rc.local:
|
|
echo -n 'starting local daemons:'
|
|
...
|
|
if [ -f ${SYSCONFDIR}/samba/smb.conf ]; then
|
|
if [ X"${smbd_flags}" != X"NO" -a -x ${LOCALBASE}/libexec/smbd ]; then
|
|
echo -n ' smbd'; ${LOCALBASE}/libexec/smbd ${smbd_flags}
|
|
fi
|
|
if [ X"${nmbd_flags}" != X"NO" -a -x ${LOCALBASE}/libexec/nmbd ]; then
|
|
echo -n ' nmbd'; ${LOCALBASE}/libexec/nmbd ${nmbd_flags}
|
|
fi
|
|
fi
|
|
...
|
|
echo '.'
|
|
|
|
Steps 4 and 5 are only necessary if you want to enable swat (Samba
|
|
Web Administration Tool). Please note that administering the server
|
|
with swat over a network is inadvisable as passwords are passed in
|
|
the clear. You can avoid this problem by using ssh forwarding to
|
|
port 901.
|
|
|
|
4. add the following entry to /etc/inetd.conf:
|
|
|
|
...
|
|
swat stream tcp nowait.400 root ${LOCALBASE}/libexec/swat swat
|
|
...
|
|
|
|
5. add the following entry to /etc/services:
|
|
|
|
...
|
|
swat 901/tcp # samba admin service
|
|
...
|
|
|
|
Install the samba-docs package and see documentation files in
|
|
${PREFIX}/share/doc/samba and example config files in
|
|
${PREFIX}/share/examples/samba for more information.
|
|
|
|
Winbind on OpenBSD does not support local user logins as there
|
|
is no nsswitch support.
|
|
|
|
Winbind support is included for external systems like Dovecot or
|
|
Squid that are able to use it to authenticate users.
|
|
|
|
!!! ATTENTION !!!
|
|
The default passdb backend has been changed to 'tdbsam'! That breaks
|
|
existing setups using the 'smbpasswd' backend without explicit
|
|
declaration! Please use 'passdb backend = smbpasswd' if you would like
|
|
to stick to the 'smbpasswd' backend or convert your smbpasswd entries
|
|
using e.g. 'pdbedit -i smbpasswd -e tdbsam'.
|
|
|
|
The 'tdbsam' backend is much more flexible concerning per user settings
|
|
like 'profile path' or 'home directory' and there are some commands which
|
|
do not work with the 'smbpasswd' backend at all.
|
|
|
|
The configuration file, found at ${CONFDIR}/smb.conf can be used right
|
|
away for simple configurations. Local users must be added to the Samba user
|
|
database using the pdbedit utility in order to use the Samba server.
|
|
|
|
$ sudo pdbedit -a -u <username>
|
|
or the old way if for smbpasswd
|
|
$ sudo smbpasswd -a <username>
|
|
|
|
An EXPERIMENTAL implementation of the SMB2 protocol has been added.
|
|
SMB2 can be enabled by setting "max protocol = smb2". SMB2 is a new
|
|
implementation of the SMB protocol used by Windows Vista and higher.
|
|
|
|
To use Samba as a PDC the values of openfiles-max in ${SYSCONFDIR}/login.conf
|
|
and kern.maxfiles should be increased to 16384.
|
|
|
|
Rebuild the login.conf.db file if necessary:
|
|
|
|
# cap_mkdb ${SYSCONFDIR}/login.conf
|
|
|
|
Don't forget to add the entry kern.maxfiles=16384 to the ${SYSCONFDIR}/sysctl.conf
|
|
file to keep the change across reboots.
|