Linux Cubed Series 7: Sunsite

home *** CD-ROM | disk | FTP | other *** search

/ Linux Cubed Series 7: Sunsite / Linux Cubed Series 7 - Sunsite Vol 1.iso / system / network / samba / patches / samba-1.041 / samba-1

Wrap

Text File | 1995-11-24 | 129.8 KB | 4,249 lines

diff -u -r --new-file last-version/docs/DIAGNOSIS.txt samba-1.9.15p4/docs/DIAGNOSIS.txt --- last-version/docs/DIAGNOSIS.txt Tue Nov 14 22:41:04 1995 +++ samba-1.9.15p4/docs/DIAGNOSIS.txt Wed Nov 22 22:22:19 1995 @@ -11,7 +11,7 @@ the earlier tests. I would welcome additions to this set of tests. Please mail them to -Andrew.Tridgell@anu.edu.au +samba-bugs@anu.edu.au If you send me an email saying "it doesn't work" and you have not followed this test procedure then you should not be surprised if I diff -u -r --new-file last-version/docs/MIRRORS samba-1.9.15p4/docs/MIRRORS --- last-version/docs/MIRRORS Mon Nov 13 08:31:20 1995 +++ samba-1.9.15p4/docs/MIRRORS Wed Nov 22 22:22:58 1995 @@ -1,5 +1,5 @@ -The main Samba site is nimbus.anu.edu.au in pub/tridge/samba/. This is -maintained by Andrew.Tridgell@anu.edu.au +The main Samba site is nimbus.anu.edu.au in pub/tridge/samba/. Contact +samba-bugs@anu.edu.au for help with this site. Mirror sites include: diff -u -r --new-file last-version/docs/PROJECTS samba-1.9.15p4/docs/PROJECTS --- last-version/docs/PROJECTS Sat May 27 16:03:39 1995 +++ samba-1.9.15p4/docs/PROJECTS Wed Nov 22 22:23:40 1995 @@ -2,6 +2,9 @@ ======================== +>>>>> NOTE: THIS FILE IS NOW VERY OUT OF DATE <<<<< + + This is a list of who's working on what in Samba. It's not guaranteed to be uptodate or accurate but I hope it will help us getting coordinated. @@ -10,9 +13,8 @@ then please let me know! Also, if you are listed below and you have any corrections or updates then please let me know. -Andrew Tridgell -Andrew.Tridgell@anu.edu.au - +Email contact: +samba-bugs@anu.edu.au ======================================================================== Documentation and FAQ diff -u -r --new-file last-version/docs/README.jis samba-1.9.15p4/docs/README.jis --- last-version/docs/README.jis Thu Sep 21 20:47:16 1995 +++ samba-1.9.15p4/docs/README.jis Fri Nov 24 14:55:12 1995 @@ -34,6 +34,12 @@ $B$N(B16$B?J?t$rB3$1$k7A<0$K$J$j$^$9!#(B $B$3$3$G!"(B':' $B$rB>$NJ8;z$KJQ99$7$?$$>l9g$O!"(Bhex $B$N8e$m$K$=$NJ8;z$r;XDj$7$^$9!#(B $BNc$($P!"(B@$B$rJQ$o$j$K;H$$$?$$>l9g$O!"(B'hex@'$B$N$h$&$K;XDj$7$^$9!#(B + cap: 7 bits $B$N(B ASCII $B%3!<%I0J30$N%3!<%I$r0J2<$N7A<0$GI=$9J}<0$H$$$&E@$G$O(B + hex$B$HF1MM$G$9$,!"(BCAP (The Columbia AppleTalk Package)$B$H8_49@-$r;}$DJQ49(B + $BJ}<0$H$J$C$F$$$^$9!#(Bhex$B$H$N0c$$$O(B0x80$B0J>e$N%3!<%I$N$_(B':80'$B$N$h$&$KJQ49(B + $B$5$l!"$=$NB>$O(BASCII$B%3!<%I$G8=$5$l$^$9!#(B + $BNc$($P!"(B'$B%*%U%#%9(B'$B$H$$$&L>A0$O!"(B':83I:83t:83B:83X'$B$H$J$j$^$9!#(B + JIS $B%3!<%I$K$D$$$F$O!"0J2<$NI=$r;2>H$7$F2<$5$$!#(B $B(#(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(!(!(!(!(!($(B $B(";XDj(B $B("4A;z3+;O("4A;z=*N;("%+%J3+;O("%+%J=*N;("1Q?t3+;O("Hw9M(B $B("(B @@ -112,13 +118,13 @@ 5. $B$=$NB>(B - hex $B7A<0$NJQ49J}K!$O!"(B - - $BBgLZ!wBgDM!&C^GH(B <ohki@gssm.otsuka.tsukuba.ac.jp>$B;a(B + $B%3!<%IJQ49$O0J2<$NJ}!9$,:n$i$l$?%W%m%0%i%`$rMxMQ$7$F$$$^$9!#(B - $B$,:n$i$l$?%3!<%I$rMxMQ$7$F$$$^$9!#(B + hex $B7A<0(B $BBgLZ!wBgDM!&C^GH(B <ohki@gssm.otsuka.tsukuba.ac.jp>$B;a(B + cap $B7A<0(B $BI%ED(B $BF;O:(B (michiro@po.iijnet.or.jp)(michiro@dms.toppan.co.jp)$B;a(B 1994$BG/(B10$B7n(B28$BF|(B $BBh#1HG(B 1995$BG/(B 8$B7n(B16$BF|(B $BBh#2HG(B +1995$BG/(B11$B7n(B24$BF|(B $BBh#3HG(B $BF#ED(B $B?r(B fujita@ainix.isac.co.jp Only in last-version/docs: SMBGuide.txt diff -u -r --new-file last-version/docs/Speed.txt samba-1.9.15p4/docs/Speed.txt --- last-version/docs/Speed.txt Sun Oct 22 12:21:48 1995 +++ samba-1.9.15p4/docs/Speed.txt Wed Nov 22 22:24:44 1995 @@ -269,4 +269,4 @@ If you've read this far then please give me some feedback! Which of the above suggestions worked for you? -Mail the samba mailing list or Andrew.Tridgell@anu.edu.au +Mail the samba mailing list or samba-bugs@anu.edu.au diff -u -r --new-file last-version/docs/Support.txt samba-1.9.15p4/docs/Support.txt --- last-version/docs/Support.txt Mon Oct 30 17:30:07 1995 +++ samba-1.9.15p4/docs/Support.txt Wed Nov 22 22:25:08 1995 @@ -13,8 +13,7 @@ order that I have received them. If it gets too big I may organise it by region. -Andrew.Tridgell@anu.edu.au - +You can contact the maintainer at samba-bugs@anu.edu.au ------------------------------------------------------------------------------ diff -u -r --new-file last-version/docs/addtosmbpass.1 samba-1.9.15p4/docs/addtosmbpass.1 --- last-version/docs/addtosmbpass.1 Thu Jan 1 10:00:00 1970 +++ samba-1.9.15p4/docs/addtosmbpass.1 Fri Nov 24 00:38:09 1995 @@ -0,0 +1,59 @@ +.TH addtosmbpass 1 "16 November 1995" +.SH NAME +addtosmbpass \- add entry for an existing account to a Samba password +file. +.SH SYNOPSIS +.B addtosmbpass +.I name +[ +.I "name \&..." +] +.SH DESCRIPTION +.I addtosmbpass +is a utility for adding entries, in a proper format, +to a file used by Samba when validating passwords for clients (most +likely +.I "/usr/local/samba/lib/smbpasswd" +but this default can be changed in a compile time). An old (possibly +empty as in +.I /dev/null +) Samba password file is expected on stdin and a new file, with +skeleton entries for arguments added, is printed on stdout. A file +.I "/etc/passwd" +is scanned for a required information. +If an entry for a +.I name +is not present then account data are searched in NIS data bases - +if possible. If an entry for +.I name +already exists in stdin input or it account information cannot be +found then this request is quietly skipped. +.SH FILES +.I "/usr/local/samba/lib/smbpasswd, /etc/passwd" +.SH "SEE ALSO" +smbpasswd(1), passwd(5), ypmatch(1) +.SH BUGS +.I addtosmbpass, +like other Samba password file utilities, is written +in +.I awk. +Although an attempt was made to accommodate various broken +variants of +.I awk +which may be around there is no guarantee that what you have +is even worse. +.PP +It is assumed that if +.I ypmatch +program exists then NIS was set and the program will work. This +may not be true. In such case just comment out a line which sets +.B ypmatch +variable +in BEGIN block. +.PP +A location of awk interpreter at the top of the program may need +an adjustment. Also a user may edit a program modifying it beyong +recognition. This last property may be construed as a feature. +.SH AUTHOR +Michal Jaegermann (michal@ellpspace.math.ualberta.ca) + diff -u -r --new-file last-version/docs/announce samba-1.9.15p4/docs/announce --- last-version/docs/announce Wed Apr 26 18:38:24 1995 +++ samba-1.9.15p4/docs/announce Wed Nov 22 22:26:07 1995 @@ -125,5 +125,5 @@ A WWW site with lots of Samba info can be found at http://lake.canberra.edu.au/pub/samba/ -Andrew Tridgell (Andrew.Tridgell@anu.edu.au) +Andrew Tridgell (Contact: samba-bugs@anu.edu.au) January 1995 diff -u -r --new-file last-version/docs/nmbd.8 samba-1.9.15p4/docs/nmbd.8 --- last-version/docs/nmbd.8 Tue Nov 14 22:33:04 1995 +++ samba-1.9.15p4/docs/nmbd.8 Wed Nov 22 22:26:53 1995 @@ -473,7 +473,7 @@ None known. .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. This man page written by Karl Auer (Karl.Auer@anu.edu.au) diff -u -r --new-file last-version/docs/samba.7 samba-1.9.15p4/docs/samba.7 --- last-version/docs/samba.7 Wed Mar 29 19:42:58 1995 +++ samba-1.9.15p4/docs/samba.7 Wed Nov 22 22:27:07 1995 @@ -59,7 +59,7 @@ .SH AUTHOR The main author of the Samba suite is Andrew Tridgell. He may be -contacted via e-mail at Andrew.Tridgell@anu.edu.au. +contacted via e-mail at samba-bugs@anu.edu.au. There have also been an enourmous number of contributors to Samba from all over the world. A partial list of these contributors is included @@ -73,7 +73,7 @@ join the Samba mailing list. If you have patches to submit or bugs to report then you may mail them -directly to Andrew.Tridgell@anu.edu.au. Note, however, that due to the +directly to samba-bugs@anu.edu.au. Note, however, that due to the enourmous popularity of this package I may take some time to repond to mail. I prefer patches in "diff -u" format. @@ -176,7 +176,7 @@ S{rkel{, Vesa (vesku@rankki.kcl.fi) Tridgell, Andrew - (Andrew.Tridgell@anu.edu.au) + (samba-bugs@anu.edu.au) Troyer, Dean (troyer@saifr00.ateng.az.honeywell.com) Wakelin, Ross diff -u -r --new-file last-version/docs/samba.lsm samba-1.9.15p4/docs/samba.lsm --- last-version/docs/samba.lsm Tue Oct 11 17:28:40 1994 +++ samba-1.9.15p4/docs/samba.lsm Wed Nov 22 22:27:34 1995 @@ -7,9 +7,9 @@ Desc4 = and Pathworks. It also includes a ftp-style unix client Desc5 = and a netbios nameserver. Author = Andrew Tridgell -AuthorEmail = Andrew.Tridgell@anu.edu.au +AuthorEmail = samba-bugs@anu.edu.au Maintainer = Andrew Tridgell -MaintEmail = Andrew.Tridgell@anu.edu.au +MaintEmail = samba-bugs@anu.edu.au Site1 = nimbus.anu.edu.au Path1 = pub/tridge/samba/ File1 = samba-latest.tar.gz diff -u -r --new-file last-version/docs/smb.conf.5 samba-1.9.15p4/docs/smb.conf.5 --- last-version/docs/smb.conf.5 Wed Nov 22 10:30:40 1995 +++ samba-1.9.15p4/docs/smb.conf.5 Thu Nov 23 11:03:28 1995 @@ -414,6 +414,10 @@ strip dot +syslog + +syslog only + time offset username map @@ -505,6 +509,8 @@ max connections +max disk size + min print space only guest @@ -1324,6 +1330,20 @@ .B Example: mangling char = ^ +.SS max disk size (G) + +This option helps with large disks and applications that can't handle +them. You use it to pretend to the client that the disk is smaller, +but the client will still be able to use all available disk space. + +You specify the size in MB. A size of less than 1024 will fix problems +with fussy programs. + +By default the "max disk size" is 0, which means no maximum. + +.B Example: + max disk size = 1024 + .SS max log file (G) This option (an integer in kilobytes) specifies the max size the log @@ -2163,7 +2183,7 @@ option" when you supply an option. This means you either mis-typed it or you need to add an include file to includes.h for your OS. If the latter is the case please send the patch to me -(Andrew.Tridgell@anu.edu.au). +(samba-bugs@anu.edu.au). Any of the supported socket options may be combined in any way you like, as long as your OS allows it. @@ -2278,6 +2298,43 @@ .B Example: sync always = yes +.SS syslog (G) + +This integer parameter is used in conjunction with +.B debug level +to filter out debugging messages destined for the system logger. +Only those debugging messages that are +.I less than or equal to +.B debug level +and +.I less than +.B syslog +are sent to the system logger. Thus, a value of 0 can be used +to turn off system logging. + +You must compile with -DSYSLOG in order for system logging to +be enabled. + +.B Default: + syslog = 1 + +.B Example: + syslog = 0 + +.SS syslog only (G) + +This boolean controls whether debugging messages are sent to the +log file and system logger, or only to the system logger. + +You must compile with -DSYSLOG in order for system logging to +be enabled. + +.B Default: + syslog only = False + +.B Example: + syslog only = True + .SS time offset (G) This parameter is a setting in minutes to add to the normal GMT to local time conversion. This is useful if you are serving a lot of PCs @@ -2632,7 +2689,7 @@ Please send bug reports, comments and so on to: .RS 3 -.B Andrew.Tridgell@anu.edu.au (Andrew Tridgell) +.B samba-bugs@anu.edu.au (Andrew Tridgell) .RS 3 or to the mailing list @@ -2655,6 +2712,6 @@ mailed to: .RS 3 -.B Andrew.Tridgell@anu.edu.au (Andrew Tridgell) +.B samba-bugs@anu.edu.au (Andrew Tridgell) .RE diff -u -r --new-file last-version/docs/smb.conf.5.orig samba-1.9.15p4/docs/smb.conf.5.orig --- last-version/docs/smb.conf.5.orig Thu Jan 1 10:00:00 1970 +++ samba-1.9.15p4/docs/smb.conf.5.orig Wed Nov 22 22:47:24 1995 @@ -0,0 +1,2676 @@ +.TH SMB.CONF 5 11/10/94 smb.conf smb.conf +.SH NAME +smb.conf \- configuration file for smbd +.SH SYNOPSIS +.B smb.conf +.SH DESCRIPTION +The +.B smb.conf +file is a configuration file for the Samba suite. + +.B smb.conf +contains runtime configuration information for the +.B smbd +program. The +.B smbd +program provides LanManager-like services to clients +using the SMB protocol. + +.SH FILE FORMAT +The file consists of sections and parameters. A section begins with the +name of the section in square brackets and continues until the next +section begins. Sections contain parameters of the form 'name = value'. + +The file is line-based - that is, each newline-terminated line represents +either a comment, a section name or a parameter. + +Section and parameter names are not case sensitive. + +Only the first equals sign in a parameter is significant. Whitespace before +or after the first equals sign is discarded. Leading, trailing and internal +whitespace in section and parameter names is irrelevant. Leading and +trailing whitespace in a parameter value is discarded. Internal whitespace +within a parameter value is retained verbatim. + +Any line beginning with a semicolon is ignored, as are lines containing +only whitespace. + +Any line ending in a \ is "continued" on the next line in the +customary unix fashion. + +The values following the equals sign in parameters are all either a string +(no quotes needed) or a boolean, which may be given as yes/no, 0/1 or +true/false. Case is not significant in boolean values, but is preserved +in string values. Some items such as create modes are numeric. +.SH SERVICE DESCRIPTIONS +Each section in the configuration file describes a service. The section name +is the service name and the parameters within the section define the service's +attributes. + +There are three special sections, [global], [homes] and [printers], which are +described under 'special sections'. The following notes apply to ordinary +service descriptions. + +A service consists of a directory to which access is being given plus a +description of the access rights which are granted to the user of the +service. Some housekeeping options are also specifiable. + +Services are either filespace services (used by the client as an extension of +their native file systems) or printable services (used by the client to access +print services on the host running the server). + +Services may be guest services, in which case no password is required to +access them. A specified guest account is used to define access privileges +in this case. + +Services other than guest services will require a password to access +them. The client provides the username. As many clients only provide +passwords and not usernames, you may specify a list of usernames to +check against the password using the "user=" option in the service +definition. + +Note that the access rights granted by the server are masked by the access +rights granted to the specified or guest user by the host system. The +server does not grant more access than the host system grants. + +The following sample section defines a file space service. The user has write +access to the path /home/bar. The service is accessed via the service name +"foo": + + [foo] + path = /home/bar + writable = true + +The following sample section defines a printable service. The service is +readonly, but printable. That is, the only write access permitted is via +calls to open, write to and close a spool file. The 'guest ok' parameter +means access will be permitted as the default guest user (specified elsewhere): + + [aprinter] + path = /usr/spool/public + read only = true + printable = true + public = true + +.SH SPECIAL SECTIONS + +.SS The [global] section +.RS 3 +Parameters in this section apply to the server as a whole, or are defaults +for services which do not specifically define certain items. See the notes +under 'Parameters' for more information. +.RE + +.SS The [homes] section +.RS 3 +If a section called 'homes' is included in the configuration file, services +connecting clients to their home directories can be created on the fly by the +server. + +When the connection request is made, the existing services are scanned. If a +match is found, it is used. If no match is found, the requested service name is +treated as a user name and looked up in the local passwords file. If the +name exists and the correct password has been given, a service is created +by cloning the [homes] section. + +Some modifications are then made to the newly created section: + +.RS 3 +The service name is changed from 'homes' to the located username + +If no path was given, the path is set to the user's home directory. +.RE + +If you decide to use a path= line in your [homes] section then you may +find it useful to use the %S macro. For example path=/data/pchome/%S +would be useful if you have different home directories for your PCs +than for unix access. + +This is a fast and simple way to give a large number of clients access to +their home directories with a minimum of fuss. + +A similar process occurs if the requested service name is "homes", except that +the service name is not changed to that of the requesting user. This method +of using the [homes] section works well if different users share a client PC. + +The [homes] section can specify all the parameters a normal service section +can specify, though some make more sense than others. The following is a +typical and suitable [homes] section: + + [homes] + writable = yes + +An important point: + +.RS 3 +If guest access is specified in the [homes] section, all home directories will +be accessible to all clients +.B without a password. +In the very unlikely event +that this is actually desirable, it would be wise to also specify read only +access. +.RE +.RE + +Note that the browseable flag for auto home directories will be +inherited from the global browseable flag, not the [homes] browseable +flag. This is useful as it means setting browseable=no in the [homes] +section will hide the [homes] service but make any auto home +directories visible. + +.SS The [printers] section +.RS 3 +This section works like [homes], but for printers. + +If a [printers] section occurs in the configuration file, users are able +to connect to any printer specified in the local host's printcap file. + +When a connection request is made, the existing services are scanned. If a +match is found, it is used. If no match is found, but a [homes] section +exists, it is used as described above. Otherwise, the requested service name is +treated as a printer name and the appropriate printcap file is scanned to +see if the requested service name is a valid printer name. If a match is +found, a new service is created by cloning the [printers] section. + +A few modifications are then made to the newly created section: + +.RS 3 +The service name is set to the located printer name + +If no printer name was given, the printer name is set to the located printer +name + +If the service does not permit guest access and no username was given, the +username is set to the located printer name. +.RE + +Note that the [printers] service MUST be printable - if you specify otherwise, +the server will refuse to load the configuration file. + +Typically the path specified would be that of a world-writable spool directory +with the sticky bit set on it. A typical [printers] entry would look like this: + + [printers] + path = /usr/spool/public + writable = no + public = yes + printable = yes + +All aliases given for a printer in the printcap file are legitimate printer +names as far as the server is concerned. If your printing subsystem doesn't +work like that, you will have to set up a pseudo-printcap. This is a file +consisting of one or more lines like this: + + alias|alias|alias|alias... + +Each alias should be an acceptable printer name for your printing +subsystem. In the [global] section, specify the new file as your printcap. +The server will then only recognise names found in your pseudo-printcap, +which of course can contain whatever aliases you like. The same technique +could be used simply to limit access to a subset of your local printers. + +An alias, by the way, is defined as any component of the first entry of a +printcap record. Records are separated by newlines, components (if there are +more than one) are separated by vertical bar symbols ("|"). +.SH PARAMETERS +Parameters define the specific attributes of services. + +Some parameters are specific to the [global] section (eg., security). +Some parameters are usable in all sections (eg., create mode). All others are +permissible only in normal sections. For the purposes of the following +descriptions the [homes] and [printers] sections will be considered normal. +The letter 'G' in parentheses indicates that a parameter is specific to the +[global] section. The letter 'S' indicates that a parameter can be +specified in a secvice specific section. Note that all S parameters +can also be specified in the [global] section - in which case they +will define the default behaviour for all services. + +Parameters are arranged here in alphabetical order - this may not create +best bedfellows, but at least you can find them! Where there are synonyms, +the preferred synonym is described, others refer to the preferred synonym. + +.SS VARIABLE SUBSTITUTIONS + +Many of the strings that are settable in the config file can take +substitutions. For example the option "path = /tmp/%u" would be +interpreted as "path = /tmp/john" if the user connected with the +username john. + +These substitutions are mostly noted in the descriptions below, but +there are some general substitions which apply whenever they might be +relevant. These are: + +%S = the name of the current service, if any + +%P = the root directory of the current service, if any + +%u = user name of the current service, if any + +%U = session user name (the user name that the client wanted, not +necessarily the same as the one they got) + +%H = the home directory of the user given by %u + +%v = the Samba version + +%h = the hostname that Samba is running on + +%m = the netbios name of the client machine (very useful) + +%L = the netbios name of the server. This allows you to change your +config based on what the client calls you. Your server can have a "dual +personality". + +%M = the internet name of the client machine + +%d = The process id of the current server process + +%a = the architecture of the remote machine. Only some are recognised, +and those may not be 100% reliable. It currently recognises Samba, +WfWg, WinNT and Win95. Anything else will be known as "UNKNOWN". If it +gets it wrong then sending me a level 3 log should allow me to fix it. + +%I = The IP address of the client machine + +%T = the current date and time + +There are some quite creative things that can be done with these +substitutions and other smb.conf options. + +.SS NAME MANGLING + +Samba supports "name mangling" so that Dos and Windows clients can use +files that don't conform to the 8.3 format. It can also be set to adjust +the case of 8.3 format filenames. + +There are several options that control the way mangling is performed, +and they are grouped here rather than listed separately. For the +defaults look at the output of the testparm program. + +All of these options can be set separately for each service (or +globally, of course). + +The options are: + +"mangle case = yes/no" controls if names that have characters that +aren't of the "default" case are mangled. For example, if this is yes +then a name like "Mail" would be mangled. Default no. + +"case sensitive = yes/no" controls whether filenames are case +sensitive. If they aren't then Samba must do a filename search and +match on passed names. Default no. + +"default case = upper/lower" controls what the default case is for new +filenames. Default lower. + +"preserve case = yes/no" controls if new files are created with the +case that the client passes, or if they are forced to be the "default" +case. Default no. + +"short preserve case = yes/no" controls if new files which conform to 8.3 +syntax, that is all in upper case and of suitable length, are created +upper case, or if they are forced to be the "default" case. This option can +be use with "preserve case = yes" to permit long filenames to retain their +case, while short names are lowered. Default no. + +.SS COMPLETE LIST OF GLOBAL PARAMETER + +Here is a list of all global parameters. See the section of each +parameter for details. Note that some are synonyms. + +auto services + +config file + +deadtime + +debuglevel + +default + +default service + +dfree command + +encrypt passwords + +getwd cache + +hosts equiv + +include + +keepalive + +lock dir + +load printers + +lock directory + +log file + +log level + +lpq cache time + +mangled stack + +max log size + +max packet + +max xmit + +message command + +null passwords + +os level + +packet size + +passwd chat + +passwd program + +password level + +password server + +preferred master + +preload + +printing + +printcap name + +protocol + +read bmpx + +read prediction + +read raw + +read size + +root + +root dir + +root directory + +security + +server string + +smbrun + +socket options + +status + +strip dot + +time offset + +username map + +use rhosts + +valid chars + +workgroup + +write raw + +.SS COMPLETE LIST OF SERVICE PARAMETER + +Here is a list of all service parameters. See the section of each +parameter for details. Note that some are synonyms. + +admin users + +allow hosts + +alternate permissions + +available + +browseable + +case sensitive + +case sig names + +copy + +create mask + +create mode + +comment + +default case + +deny hosts + +directory + +dont descend + +exec + +force group + +force user + +guest account + +guest ok + +guest only + +hide dot files + +hosts allow + +hosts deny + +invalid users + +locking + +lpq command + +lprm command + +magic output + +magic script + +mangle case + +mangled names + +mangling char + +map archive + +map hidden + +map system + +max connections + +max disk size + +min print space + +only guest + +only user + +path + +postexec + +postscript + +preserve case + +print command + +print ok + +printable + +printer + +printer name + +public + +read only + +read list + +revalidate + +root postexec + +root preexec + +set directory + +share modes + +short preserve case + +strict locking + +sync always + +user + +username + +users + +valid users + +volume + +wide links + +writable + +write ok + +writeable + +write list + +.SS EXPLANATION OF EACH PARAMETER +.RS 3 + +.SS admin users (G) + +This is a list of users who will be granted administrative privilages +on the share. This means that they will do all file operations as the +super-user (root). + +You should use this option very carefully, as any user in this list +will be able to do anything they like on the share, irrespective of +file permissions. + +.B Default: + no admin users + +.B Example: + admin users = jason + +.SS auto services (G) +This is a list of services that you want to be automatically added to +the browse lists. This is most useful for homes and printers services +that would otherwise not be visible. + +Note that if you just want all printers in your printcap file loaded +then the "load printers" option is easier. + +.B Default: + no auto services + +.B Example: + auto services = fred lp colorlp + + +.SS allow hosts (S) +A synonym for this parameter is 'hosts allow'. + +This parameter is a comma delimited set of hosts which are permitted to access +a services. If specified in the [global] section, matching hosts will be +allowed access to any service that does not specifically exclude them from +access. Specific services my have their own list, which override those +specified in the [global] section. + +You can specify the hosts by name or IP number. For example, you could +restrict access to only the hosts on a Class C subnet with something like +"allow hosts = 150.203.5.". The full syntax of the list is described in +the man page +.B hosts_access(5). + +You can also specify hosts by network/netmask pairs and by netgroup +names if your system supports netgroups. The EXCEPT keyword can also +be used to limit a wildcard list. The following examples may provide +some help: + +Example 1: allow all IPs in 150.203.*.* except one + + hosts allow = 150.203. EXCEPT 150.203.6.66 + +Example 2: allow hosts that match the given network/netmask + + hosts allow = 150.203.15.0/255.255.255.0 + +Example 3: allow a couple of hosts + + hosts allow = lapland, arvidsjaur + +Example 4: allow only hosts in netgroup "foonet" or localhost, but +deny access from one particular host + + hosts allow = @foonet, localhost + hosts deny = pirate + +Note that access still requires suitable user-level passwords. + +See testparm(1) for a way of testing your host access to see if it +does what you expect. + +.B Default: + none (ie., all hosts permitted access) + +.B Example: + allow hosts = 150.203.5. myhost.mynet.edu.au + +.SS alternate permissions (S) + +This option affects the way the "read only" DOS attribute is produced +for unix files. If this is false then the read only bit is set for +files on writeable shares which the user cannot write to. + +If this is true then it is set for files whos user write bit is not set. + +The latter behaviour of useful for when users copy files from each +others directories, and use a file manager that preserves +permissions. Without this option they may get annoyed as all copied +files will have the "read only" bit set. + +.B Default: + alternate permissions = no + +.B Example: + alternate permissions = yes + +.SS available (S) +This parameter lets you 'turn off' a service. If 'available = no', then +ALL attempts to connect to the service will fail. Such failures are logged. + +.B Default: + available = yes + +.B Example: + available = no +.SS browseable (S) +This controls whether this share is seen in the list of available +shares in a net view and in the browse list. + +.B Default: + browseable = Yes + +.B Example: + browseable = No + +.SS case sig names (G) +See "case sensitive" + +.SS comment (S) +This is a text field that is seen when a client does a net view to +list what shares are available. It will also be used when browsing is +fully supported. + +.B Default: + No comment string + +.B Example: + comment = Fred's Files + +.SS config file (G) + +This allows you to override the config file to use, instead of the +default (usually smb.conf). There is a chicken and egg problem here as +this option is set in the config file! + +For this reason, if the name of the config file has changed when the +parameters are loaded then it will reload them from the new config +file. + +This option takes the usual substitutions, which can be very useful. + +If thew config file doesn't exist then it won't be loaded (allowing +you to special case the config files of just a few clients). + +.B Example: + config file = /usr/local/samba/smb.conf.%m + +.SS copy (S) +This parameter allows you to 'clone' service entries. The specified +service is simply duplicated under the current service's name. Any +parameters specified in the current section will override those in the +section being copied. + +This feature lets you set up a 'template' service and create similar +services easily. Note that the service being copied must occur earlier +in the configuration file than the service doing the copying. + +.B Default: + none + +.B Example: + copy = otherservice +.SS create mask (S) +A synonym for this parameter is 'create mode'. + +This parameter is the octal modes which are used when converting DOS modes +to Unix modes. + +Note that Samba will or this value with 0700 as you must have at least +user read, write and execute for Samba to work properly. + +.B Default: + create mask = 0755 + +.B Example: + create mask = 0775 +.SS create mode (S) +See +.B create mask. +.SS dead time (G) +The value of the parameter (a decimal integer) represents the number of +minutes of inactivity before a connection is considered dead, and it +is disconnected. The deadtime only takes effect if the number of open files +is zero. + +This is useful to stop a server's resources being exhausted by a large +number of inactive connections. + +Most clients have an auto-reconnect feature when a connection is broken so +in most cases this parameter should be transparent to users. + +Using this parameter with a timeout of a few minutes is recommended +for most systems. + +A deadtime of zero indicates that no auto-disconnection should be performed. + +.B Default: + dead time = 0 + +.B Example: + dead time = 15 +.SS debug level (G) +The value of the parameter (an integer) allows the debug level +(logging level) to be specified in the smb.conf file. This is to give +greater flexibility in the configuration of the system. + +The default will be the debug level specified on the command line. + +.B Example: + debug level = 3 +.SS default (G) +See +.B default service. +.SS default case (S) + +See the section on "NAME MANGLING" Also note the addition of "short +preserve case" + +.SS default service (G) +A synonym for this parameter is 'default'. + +This parameter specifies the name of a service which will be connected to +if the service actually requested cannot be found. Note that the square +brackets are NOT given in the parameter value (see example below). + +There is no default value for this parameter. If this parameter is not given, +attempting to connect to a nonexistent service results in an error. + +Typically the default service would be a public, read-only service. + +Also not that s of 1.9.14 the apparent service name will be changed to +equal that of the requested service, this is very useful as it allows +you to use macros like %S to make a wildcard service. + +Note also that any _ characters in the name of the service used in the +default service will get mapped to a /. This allows for interesting +things. + + +.B Example: + default service = pub + + [pub] + path = /%S + + +.SS deny hosts (S) +A synonym for this parameter is 'hosts deny'. + +The opposite of 'allow hosts' - hosts listed here are NOT permitted +access to services unless the specific services have their own lists to +override this one. Where the lists conflict, the 'allow' list takes precedence. + +.B Default: + none (ie., no hosts specifically excluded) + +.B Example: + deny hosts = 150.203.4. badhost.mynet.edu.au +.SS dfree command (G) +The dfree command setting should only be used on systems where a +problem occurs with the internal disk space calculations. This has +been known to happen with Ultrix, but may occur with other operating +systems. The symptom that was seen was an error of "Abort Retry +Ignore" at the end of each directory listing. + +This setting allows the replacement of the internal routines to +calculate the total disk space and amount available with an external +routine. The example below gives a possible script that might fulfill +this function. + +The external program will be passed a single parameter indicating a +directory in the filesystem being queried. This will typically consist +of the string "./". The script should return two integers in ascii. The +first should be the total disk space in blocks, and the second should +be the number of available blocks. An optional third return value +can give the block size in bytes. The default blocksize is 1024 bytes. + +Note: Your script should NOT be setuid or setgid and should be owned by +(and writable only by) root! + +.B Default: + By default internal routines for determining the disk capacity +and remaining space will be used. + +.B Example: + dfree command = /usr/local/smb/dfree + + Where the script dfree (which must be made executable) could be + + #!/bin/sh + df $1 | tail -1 | awk '{print $2" "$4}' + + or perhaps (on Sys V) + + #!/bin/sh + /usr/bin/df -k $1 | tail -1 | awk '{print $3" "$5}' + + + Note that you may have to replace the command names with full +path names on some systems. +.SS directory (S) +See +.B path. +.SS dont descend (S) +There are certain directories on some systems (eg., the /proc tree under +Linux) that are either not of interest to clients or are infinitely deep +(recursive). This parameter allows you to specify a comma-delimited list +of directories that the server should always show as empty. + +Note that Samba can be very fussy about the exact format of the "dont +descend" entries. For example you ma need "./proc" instead of just +"/proc". Experimentation is the best policy :-) + +.B Default: + none (ie., all directories are OK to descend) + +.B Example: + dont descend = /proc,/dev + +.SS encrypt passwords (G) + +This boolean controls whether encrypted passwords will be negotiated +with the cient. Note that this option has no effect if you haven't +compiled in the necessary des libraries and encryption code. It +defaults to no. + +.SS exec (S) + +This is an alias for preexec + + +.SS force group (S) +This specifies a group name that all connections to this service +should be made as. This may be useful for sharing files. + +.B Default: + no forced group + +.B Example: + force group = agroup + +.SS force user (S) +This specifies a user name that all connections to this service +should be made as. This may be useful for sharing files. You should +also use it carefully as using it incorrectly can cause security +problems. + +This user name only gets used once a connection is established. Thus +clients still need to connect as a valid user and supply a valid +password. Once connected, all file operations will be performed as the +"forced user", not matter what username the client connected as. + +.B Default: + no forced user + +.B Example: + force user = auser + +.SS guest account (S) +This is a username which will be used for access to services which are +specified as 'guest ok' (see below). Whatever privileges this user has +will be available to any client connecting to the guest +service. Typically this user will exist in the password file, but will +not have a valid login. If a username is specified in a given service, +the specified username overrides this one. + +One some systems the account "nobody" may not be able to print. Use +another account in this case. You should test this by trying to log in +as your guest user (perhaps by using the "su -" command) and trying to +print using lpr. + +Note that as of version 1.9 of Samba this option may be set +differently for each service. + +.B Default: + specified at compile time + +.B Example: + guest account = nobody +.SS getwd cache (G) +This is a tuning option. When this is enabled a cacheing algorithm will +be used to reduce the time taken for getwd() calls. This can have a +significant impact on performance, especially when widelinks is False. + +.B Default: + getwd cache = No + +.B Example: + getwd cache = Yes +.SS guest ok (S) +See +.B public. +.SS guest only (S) +If this parameter is 'yes' for a service, then only guest connections to the +service are permitted. This parameter will have no affect if "guest ok" or +"public" is not set for the service. + +See the section below on user/password validation for more information about +this option. + +.B Default: + guest only = no + +.B Example: + guest only = yes +.SS hide dot files (S) +This is a boolean parameter that controls whether files starting with +a dot appear as hidden files. + +.B Default: + hide dot files = yes + +.B Example: + hide dot files = no +.SS hosts allow (S) +See +.B allow hosts. +.SS hosts deny (S) +See +.B deny hosts. + +.SS group (S) +This is an alias for "force group" and is only kept for compatability +with old versions of Samba. It may be removed in future versions. + +.SS hosts equiv (G) +If this global parameter is a non-null string, it specifies the name of +a file to read for the names of hosts and users who will be allowed access +without specifying a password. + +This is not be confused with +.B allow hosts +which is about hosts access to services and is more useful for guest services. +.B hosts equiv +may be useful for NT clients which will not supply passwords to samba. + +NOTE: The use of hosts.equiv can be a major security hole. This is +because you are trusting the PC to supply the correct username. It is +very easy to get a PC to supply a false username. I recommend that the +hosts.equiv option be only used if you really know what you are doing, +or perhaps on a home network where you trust your wife and kids :-) + +.B Default + No host equivalences + +.B Example + hosts equiv = /etc/hosts.equiv + +.SS invalid users (S) +This is a list of users that should not be allowed to login to this +service. This is really a "paranoid" check to absolutely ensure an +improper setting does not breach your security. + +A name starting with @ is interpreted as a unix group. + +The current servicename is substituted for %S. This is useful in the +[homes] section. + +See also "valid users" + +.B Default + No invalid users + +.B Example + invalid users = root fred admin @wheel + +.SS include (G) + +This allows you to inlcude one config file inside another. the file is +included literally, as though typed in place. + +It takes the standard substitutions, except %u, %P and %S + +.SS keep alive (G) +The value of the parameter (an integer) represents the number of seconds +between 'keepalive' packets. If this parameter is zero, no keepalive packets +will be sent. Keepalive packets, if sent, allow the server to tell whether a +client is still present and responding. + +Keepalives should, in general, not be needed if the socket being used +has the SO_KEEPALIVE attribute set on it (see "socket +options"). Basically you should only use this option if you strike +difficulties. + +.B Default: + keep alive = 0 + +.B Example: + keep alive = 60 +.SS load printers (G) +A boolean variable that controls whether all printers in the printcap +will be loaded for browsing by default. + +.B Default: + load printers = no + +.B Example: + load printers = yes + +.SS lock directory (G) +This options specifies the directory where lock files will be placed. +The lock files are used to implement the "max connections" option. + +.B Default: + lock directory = /tmp/samba + +.B Example: + lock directory = /usr/local/samba/locks +.SS locking (S) +This controls whether or not locking will be performed by the server in +response to lock requests from the client. + +If "locking = no", all lock and unlock requests will appear to succeed and +all lock queries will indicate that the queried lock is clear. + +If "locking = yes", real locking will be performed by the server. + +This option may be particularly useful for read-only filesystems which +do not need locking (such as cdrom drives). + +Be careful about disabling locking either globally or in a specific +service, as lack of locking may result in data corruption. + +.B Default: + locking = yes + +.B Example: + locking = no + +.SS log file (G) + +This options allows you to override the name of the Samba log file +(also known as the debug file). + +This option takes the standard substitutions, allowing you to have +separate log files for each user or machine. + +.B Example: + log file = /usr/local/samba/log.%m + +.SS log level (G) +see "debug level" + +.SS lpq cache time (G) + +This controls how long lpq info will be cached for to prevent the lpq +command being called too often. A separate cache is kept for each +variation of the lpq command used by the system, so if you use +different lpq commands for different users then they won't share cache +information. + +The cache files are stored in /tmp/lpq.xxxx where xxxx is a hash +of the lpq command in use. + +The default is 10 seconds, meaning that the cached results of a +previous identical lpq command will be used if the cached data is less +than 10 seconds old. A large value may be advisable if your lpq +command is very slow. + +A value of 0 will disable cacheing completely. + +.B Default: + lpq cache time = 10 + +.B Example: + lpq cache time = 30 + +.SS lpq command (S) +This parameter specifies the command to be executed on the server host in +order to obtain "lpq"-style printer status information. + +This command should be a program or script which takes a printer name +as its only parameter and outputs printer status information. + +Currently four styles of printer status information are supported; +BSD, SYSV, AIX and HPUX. This covers most unix systems. You control +which type is expected using the "printing =" option. + +Some clients (notably Windows for Workgroups) may not correctly send the +connection number for the printer they are requesting status information +about. To get around this, the server reports on the first printer service +connected to by the client. This only happens if the connection number sent +is invalid. + +If a %p is given then the printername is put in it's place. Otherwise +it is placed at the end of the command. + +Note that it is good practice to include the absolute path in the lpq +command as the PATH may not be available to the server. + +.B Default: + depends on the setting of "printing =" + +.B Example: + lpq command = /usr/bin/lpq %p + +.SS lprm command (S) +This parameter specifies the command to be executed on the server host in +order to delete a print job. + +This command should be a program or script which takes a printer name +and job number, and deletes the print job. + +Currently four styles of printer control are supported; BSD, SYSV, AIX +and HPUX. This covers most unix systems. You control which type is +expected using the "printing =" option. + +If a %p is given then the printername is put in it's place. A %j is +replaced with the job number (an integer). + +Note that it is good practice to include the absolute path in the lprm +command as the PATH may not be available to the server. + +.B Default: + depends on the setting of "printing =" + +.B Example 1: + lprm command = /usr/bin/lprm -P%p %j + +.B Example 1: + lprm command = /usr/bin/cancel %p-%j + +.SS magic output (S) +This parameter specifies the name of a file which will contain output +created by a magic script (see +.I magic script +below). + +Warning: If two clients use the same magic script in the same directory the +output file content is undefined. +.B Default: + magic output = <magic script name>.out + +.B Example: + magic output = myfile.txt +.SS magic script (S) +This parameter specifies the name of a file which, if opened, will be +executed by the server when the file is closed. This allows a Unix script +to be sent to the Samba host and executed on behalf of the connected user. + +Scripts executed in this way will be deleted upon completion, permissions +permitting. + +If the script generates output, output will be sent to the file specified by +the +.I magic output +parameter (see above). + +Note that some shells are unable to interpret scripts containing +carriage-return-linefeed instead of linefeed as the end-of-line +marker. Magic scripts must be executable "as is" on the host, which +for some hosts and some shells will require filtering at the DOS end. + +Magic scripts are EXPERIMENTAL and should NOT be relied upon. +.B Default: + None. Magic scripts disabled. + +.B Example: + magic script = user.csh +.SS mangled map (S) +This is for those who want to directly map UNIX file names which are +not representable on DOS. The mangling of names is not always what is +needed. In particular you may have documents with file extensiosn +that differ between dos and unix. For example, under unix it is common +to use .html for HTML files, whereas under dos .htm is more commonly +used. + +So to map 'html' to 'htm' you put: + + mangled map = (*.html *.htm) + +One very useful case is to remove the annoying ;1 off the ends of +filenames on some CDROMS (only visible under some unixes). To do this +use a map of (*;1 *) + +.B default: + no mangled map + +.B Example: + mangled map = (*;1 *) + +.SS mangle case (S) + +See the section on "NAME MANGLING" + +.SS mangled names (S) +This controls whether non-DOS names under Unix should be mapped to +DOS-compatible names ("mangled") and made visible, or whether non-DOS names +should simply be ignored. + +See the section on "NAME MANGLING" for details on how to control the +mangling process. + +If mangling is used then the mangling algorithm is as follows: +.RS +- the first (up to) five alphanumeric characters before the rightmost dot of +the filename are preserved, forced to upper case, and appear as the first (up +to) five characters of the mangled name. + +- a tilde ("~") is appended to the first part of the mangled name, followed +by a two-character unique sequence, based on the origonal root name +(i.e., the original filename minus its final extension). The final +extension is included in the hash calculation only if it contains any upper +case characters or is longer than three characters. + +Note that the character to use may be specified using the "mangling +char" option, if you don't like ~. + +- the first three alphanumeric characters of the final extension are preserved, +forced to upper case and appear as the extension of the mangled name. The +final extension is defined as that part of the original filename after the +rightmost dot. If there are no dots in the filename, the mangled name will +have no extension (except in the case of hidden files - see below). + +- files whose Unix name begins with a dot will be presented as DOS hidden +files. The mangled name will be created as for other filenames, but with the +leading dot removed and "___" as its extension regardless of actual original +extension (that's three underscores). +.RE + +The two-digit hash value consists of upper case alphanumeric characters. + +This algorithm can cause name collisions only if files in a directory share +the same first five alphanumeric characters. The probability of such a clash +is 1/1300. + +The name mangling (if enabled) allows a file to be copied between Unix +directories from DOS while retaining the long Unix filename. Unix files can +be renamed to a new extension from DOS and will retain the same basename. +Mangled names do not change between sessions. + +.B Default: + mangled names = yes + +.B Example: + mangled names = no +.SS mangling char (S) +This controls what character is used as the "magic" character in name +mangling. The default is a ~ but this may interfere with some +software. Use this option to set it to whatever you prefer. + +.B Default: + mangling char = ~ + +.B Example: + mangling char = ^ + +.SS max disk size (G) + +This option helps with large disks and applications that can't handle +them. You use it to pretend to the client that the disk is smaller, +but the client will still be able to use all available disk space. + +You specify the size in MB. A size of less than 1024 will fix problems +with fussy programs. + +By default the "max disk size" is 0, which means no maximum. + +.B Example: + max disk size = 1024 + +.SS max log file (G) + +This option (an integer in kilobytes) specifies the max size the log +file should grow to. Samba periodically checks the size and if it is +exceeded it will rename the file, adding a .old extension. + +A size of 0 means no limit. + +.B Default: + max log size = 5000 + +.B Example: + max log size = 1000 + +.SS max xmit (G) + +This option controls the maximum packet size that will be negotiated +by Samba. The default is 65535, which is the maximum. In some cases +you may find you get better performance with a smaller value. A value +below 2048 is likely to cause problems. + +.B Default: + max xmit = 65535 + +.B Example: + max xmit = 8192 + +.SS mangled stack (G) +This parameter controls the number of mangled names that should be cached in +the Samba server. + +This stack is a list of recently mangled base names (extensions are only +maintained if they are longer than 3 characters or contains upper case +characters). + +The larger this value, the more likely it is that mangled names can be +successfully converted to correct long Unix names. However, large stack +sizes will slow most directory access. Smaller stacks save memory in the +server (each stack element costs 256 bytes). + +It is not possible to absolutely guarantee correct long file names, so +be prepared for some surprises! + +.B Default: + mangled stack = 50 + +.B Example: + mangled stack = 100 + +.SS map archive (S) +This controls whether the DOS archive attribute should be mapped to Unix +execute bits. The DOS archive bit is set when a file has been modified +since its last backup. One motivation for this option it to keep Samba/your +PC from making any file it touches from becoming executable under UNIX. +This can be quite annoying for shared source code, documents, etc... + +.B Default: + map archive = yes + +.B Example: + map archive = no + +.SS map hidden (S) +This controls whether DOS style hidden files should be mapped to Unix +execute bits. + +.B Default: + map hidden = no + +.B Example: + map hidden = yes +.SS map system (S) +This controls whether DOS style system files should be mapped to Unix +execute bits. + +.B Default: + map system = no + +.B Example: + map system = yes +.SS max connections (S) +This option allows the number of simultaneous connections to a +service to be limited. If "max connections" is greater than 0 then +connections will be refused if this number of connections to the +service are already open. A value of zero mean an unlimited number of +connections may be made. + +Record lock files are used to implement this feature. The lock files +will be stored in the directory specified by the "lock directory" option. + +.B Default: + max connections = 0 + +.B Example: + max connections = 10 +.SS only user (S) +This is a boolean option that controls whether connections with +usernames not in the user= list will be allowed. By default this +option is disabled so a client can supply a username to be used by +the server. + +Note that this also means Samba won't try to deduce usernames from the +service name. This can be annoying for the [homes] section. To get +around this you could use "user = %S" which means your "user" list +will be just the service name, which for home directories is the name +of the user. + +.B Default: + only user = False + +.B Example: + only user = True + +.SS message command (G) + +This specifies what command to run when the server receives a WinPopup +style message. + +This would normally be a command that would deliver the message +somehow. How this is to be done is up to your imagination. + +What I use is: + + message command = csh -c 'xedit %s;rm %s' & + +This delivers the message using xedit, then removes it +afterwards. NOTE THAT IT IS VERY IMPORTANT THAT THIS COMMAND RETURN +IMMEDIATELY. That's why I have the & on the end. If it doesn't return +immediately then your PCs may freeze when sending messages (they +should recover after 30secs, hopefully). + +All messages are delivered as the global guest user. The command takes +the standard substitutions, although %u won't work (%U may be better +in this case). + +Apart from the standard substitutions, some additional ones apply. In +particular: + +%s = the filename containing the message + +%t = the destination that the message was sent to (probably the server +name) + +%f = who the message is from + +You could make this command send mail, or whatever else takes your +fancy. Please let me know of any really interesting ideas you have. + +Here's a way of sending the messages as mail to root: + +message command = /bin/mail -s 'message from %f on %m' root < %s; rm %s + +If you don't have a message command then the message won't be +delivered and Samba will tell the sender there was an +error. Unfortunately WfWg totally ignores the error code and carries +on regardless, saying that the message was delivered. + +If you want to silently delete it then try "message command = rm %s". + +For the really adventurous, try something like this: + +message command = csh -c 'csh < %s |& /usr/local/samba/smbclient \ + -M %m; rm %s' & + +this would execute the command as a script on the server, then give +them the result in a WinPopup message. Note that this could cause a +loop if you send a message from the server using smbclient! You better +wrap the above in a script that checks for this :-) + +.B Default: + no message command + +.B Example: + message command = csh -c 'xedit %s;rm %s' & + +.SS min print space (S) + +This sets the minimum amount of free disk space that must be available +before a user will be able to spool a print job. It is specified in +kilobytes. The default is 0, which means no limit. + +.B Default: + min print space = 0 + +.B Example: + min print space = 2000 + +.SS null passwords (G) +Allow or disallow access to accounts that have null passwords. + +.B Default: + null passwords = no + +.B Example: + null passwords = yes + +.SS os level (G) +This integer value controls what level Samba advertises itself as for +browse elections. See BROWSING.txt for details. + +.SS packet size (G) +The maximum transmit packet size during a raw read. This option is no +longer implemented as of version 1.7.00, and is kept only so old +configuration files do not become invalid. + +.SS passwd chat (G) +This string coontrols the "chat" conversation that takes places +between smbd and the local password changing program to change the +users password. The string describes a sequence of response-receive +pairs that smbd uses to determine what to send to the passwd program +and what to expect back. If the expected output is not received then +the password is not changed. + +This chat sequence is often quite site specific, deppending on what +local methods are used for password control (such as NIS+ etc). + +The string can contain the macros %o and %n which are substituted for +the old and new passwords respectively. It can aso contain the +standard macros \\n \\r \\t and \\s to give line-feed, carriage-return, +tab and space. + +The string can also contain a * which matches any sequence of +characters. + +Double quotes can be used to collect strings with spaces in them into +a single string. + +If the send string in any part of the chat sequence is a fullstop "." +then no string is sent. Similarly, is the expect string is a fullstop +then no string is expected. + +.B Example: + passwd chat = "*Enter OLD password*" %o\\n "*Enter NEW password*" %n\\n \\ + "*Reenter NEW password*" %n\\n "*Password changed*" + +.B Default: + passwd chat = *old*password* %o\\n *new*password* %n\\n *new*password* %n\\n *changed* + +.SS passwd program (G) +The name of a program that can be used to set user passwords. + +This is only necessary if you have enabled remote password changing at +compile time. Any occurances of %u will be replaced with the user +name. + +Also note that many passwd programs insist in "reasonable" passwords, +such as a minimum length, or the inclusion of mixed case chars and +digits. This can pose a problem as some clients (such as Windows for +Workgroups) uppercase the password before sending it. + +.B Default: + passwd program = /bin/passwd + +.B Example: + passwd program = /sbin/passwd %u + +.SS password level (G) +Some client/server conbinations have difficulty with mixed-case passwords. +One offending client is Windows for Workgroups, which for some reason forces +passwords to upper case when using the LANMAN1 protocol, but leaves them alone +when using COREPLUS! + +This parameter defines the maximum number of characters that may be upper case +in passwords. + +For example, say the password given was "FRED". If +.B password level +is set to 1 (one), the following combinations would be tried if "FRED" failed: +"Fred", "fred", "fRed", "frEd", "freD". If +.B password level was set to 2 (two), the following combinations would also be +tried: "FRed", "FrEd", "FreD", "fREd", "fReD", "frED". And so on. + +The higher value this parameter is set to the more likely it is that a mixed +case password will be matched against a single case password. However, you +should be aware that use of this parameter reduces security and increases the +time taken to process a new connection. + +A value of zero will cause only two attempts to be made - the password as is +and the password in all-lower case. + +If you find the connections are taking too long with this option then +you probably have a slow crypt() routine. Samba now comes with a fast +"ufc crypt" that you can select in the Makefile. You should also make +sure the PASSWORD_LENGTH option is correct for your system in local.h +and includes.h. On most systems only the first 8 chars of a password +are significant so PASSWORD_LENGTH should be 8, but on some longer +passwords are significant. The inlcudes.h file tries to select the +right length for your system. + +.B Default: + password level = 0 + +.B Example: + password level = 4 + +.SS password server (G) + +By specifying the name of another SMB server (such as a WinNT box) +with this option, and using "security = server" you can get Samba to +do all it's username/password validation via a remote server. + +This options sets the name of the password server to use. It must be a +netbios name, so if the machines netbios name is different from it's +internet name then you may have to add it's netbios name to +/etc/hosts. + +The password server much be a machine capable of using the "LM1.2X002" +or the "LM NT 0.12" protocol, and it must be in user level security +mode. + +NOTE: Using a password server means your unix box (running Samba) is +only as secure as your password server. DO NOT CHOOSE A PASSWORD +SERVER THAT YOU DON'T COMPLETELY TRUST. + +Never point a Samba server at itself for password serving. This will +cause a loop and could lock up your Samba server! + +The name of the password server takes the standard substitutions, but +probably the only useful one is %m, which means the Samba server will +use the incoming client as the password server. If you use this then +you better trust your clients, and you better restrict them with hosts +allow! + +.SS path (S) +A synonym for this parameter is 'directory'. + +This parameter specifies a directory to which the user of the service is to +be given access. In the case of printable services, this is where print data +will spool prior to being submitted to the host for printing. + +For a printable service offering guest access, the service should be readonly +and the path should be world-writable and have the sticky bit set. This is not +mandatory of course, but you probably won't get the results you expect if you +do otherwise. + +Any occurances of %u in the path will be replaced with the username +that the client is connecting as. Any occurances of %m will be +replaced by the name of the machine they are connecting from. These +replacements are very useful for setting up pseudo home directories +for users. + +Note that this path will be based on 'root dir' if one was specified. +.B Default: + none + +.B Example: + path = /home/fred+ + +.SS postexec (S) + +This option specifies a command to be run whenever the service is +disconnected. It takes the usual substitutions. The command may be run +as the root on some systems. + +An interesting example may be do unmount server resources: + +postexec = /etc/umount /cdrom + +See also preexec + +.B Default: + none (no command executed) + +.B Example: + postexec = echo \"%u disconnected from %S from %m (%I)\" >> /tmp/log + +.SS postscript (S) +This parameter forces a printer to interpret the print files as +postscript. This is done by adding a %! to the start of print output. + +This is most useful when you have lots of PCs that persist in putting +a control-D at the start of print jobs, which then confuses your +printer. + +.B Default: + postscript = False + +.B Example: + postscript = True + +.SS preexec (S) + +This option specifies a command to be run whenever the service is +connected to. It takes the usual substitutions. + +An interesting example is to send the users a welcome message every +time they log in. Maybe a message of the day? Here is an example: + +preexec = csh -c 'echo \"Welcome to %S!\" | \ + /usr/local/samba/smbclient -M %m -I %I' & + +Of course, this could get annoying after a while :-) + +See also postexec + +.B Default: + none (no command executed) + +.B Example: + preexec = echo \"%u connected to %S from %m (%I)\" >> /tmp/log + +.SS preferred master (G) +This boolean parameter controls if Samba is a preferred master browser +for its workgroup. Setting this gives it a slight edge in elections +and also means it will automatically start an election when it starts +up. + +It is on by default. + +.SS preload +This is an alias for "auto services" + +.SS preserve case (S) + +This controls if new filenames are created with the case that the +client passes, or if they are forced to be the "default" case. + +.B Default: + preserve case = no + +See the section on "NAME MANGLING" for a fuller discussion. + +.SS print command (S) +After a print job has finished spooling to a service, this command will be +used via a system() call to process the spool file. Typically the command +specified will submit the spool file to the host's printing subsystem, but +there is no requirement that this be the case. The server will not remove the +spool file, so whatever command you specify should remove the spool file when +it has been processed, otherwise you will need to manually remove old spool +files. + +The print command is simply a text string. It will be used verbatim, +with two exceptions: All occurrences of "%s" will be replaced by the +appropriate spool file name, and all occurrences of "%p" will be +replaced by the appropriate printer name. The spool file name is +generated automatically by the server, the printer name is discussed +below. + +The full path name will be used for the filename if %s is not preceded +by a /. If you don't like this (it can stuff up some lpq output) then +use %f instead. Any occurances of %f get replaced by the spool +filename without the full path at the front. + +The print command MUST contain at least one occurrence of "%s" or %f - +the "%p" is optional. At the time a job is submitted, if no printer +name is supplied the "%p" will be silently removed from the printer +command. + +If specified in the [global] section, the print command given will be used +for any printable service that does not have its own print command specified. + +If there is neither a specified print command for a printable service nor a +global print command, spool files will be created but not processed and (most +importantly) not removed. + +Note that printing may fail on some unixes from the "nobody" +account. If this happens then create an alternative guest account that +can print and set the "guest account" in the [global] section. + +You can form quite complex print commands by realising that they are +just passed to a shell. For example the following will log a print +job, print the file, then remove it. Note that ; is the usual +separator for command in shell scripts. + +print command = echo Printing %s >> /tmp/print.log; lpr -P %p %s; rm %s + +You may have to vary this command considerably depending on how you +normally print files on your system. + +.B Default: + print command = lpr -r -P %p %s + +.B Example: + print command = /usr/local/samba/myprintscript %p %s +.SS print ok (S) +See +.B printable. +.SS printable (S) +A synonym for this parameter is 'print ok'. + +If this parameter is 'yes', then clients may open, write to and submit spool +files on the directory specified for the service. + +Note that a printable service will ALWAYS allow writing to the service path +(user privileges permitting) via the spooling of print data. The 'read only' +parameter controls only non-printing access to the resource. + +.B Default: + printable = no + +.B Example: + printable = yes + +.SS printing (G) +This parameters controls how printer status information is interpreted +on your system, and also affects the default values for the "print +command", "lpq command" and "lprm command". + +Currently three printing styles are supported. They are "printing = +bsd", "printing = sysv", "printing = hpux" and "printing = aix". + +To see what the defaults are for the other print commands when using +these three options use the "testparm" program. + + +.SS printcap name (G) +This parameter may be used to override the compiled-in default printcap +name used by the server (usually /etc/printcap). See the discussion of the +[printers] section above for reasons why you might want to do this. + +For those of you without a printcap (say on SysV) you can just create a +minimal file that looks like a printcap and set "printcap name =" in +[global] to point at it. + +A minimal printcap file would look something like this: + +print1|My Printer 1 +print2|My Printer 2 +print3|My Printer 3 +print4|My Printer 4 +print5|My Printer 5 + +where the | separates aliases of a printer. The fact that the second +alias has a space in it gives a hint to Samba that it's a comment. + +NOTE: Under AIX the default printcap name is "/etc/qconfig". Samba +will assume the file is in AIX "qconfig" format if the string +"/qconfig" appears in the printcap filename. + +.B Default: + printcap name = /etc/printcap + +.B Example: + printcap name = /etc/myprintcap +.SS printer (S) +A synonym for this parameter is 'printer name'. + +This parameter specifies the name of the printer to which print jobs spooled +through a printable service will be sent. + +If specified in the [global] section, the printer name given will be used +for any printable service that does not have its own printer name specified. + +.B Default: + none (but may be 'lp' on many systems) + +.B Example: + printer name = laserwriter +.SS printer name (S) +See +.B printer. +.SS protocol (G) +The value of the parameter (a string) is the highest protocol level that will +be supported by the server. + +Possible values are CORE, COREPLUS, LANMAN1, LANMAN2 and NT1. The relative +merits of each are discussed in the README file. + +.B Default: + protocol = NT1 + +.B Example: + protocol = LANMAN1 +.SS public (S) +A synonym for this parameter is 'guest ok'. + +If this parameter is 'yes' for a service, then no password is required +to connect to the service. Privileges will be those of the guest +account. + +See the section below on user/password validation for more information about +this option. + +.B Default: + public = no + +.B Example: + public = yes +.SS read list (S) +This is a list of users that are given read-only access to a +service. If the connecting user is in this list then they will +not be given write access, no matter what the "read only" option +is set to. The list can include group names using the @group syntax. + +See also the "write list" option + +.B Default: + read list = + +.B Example: + read list = mary, @students + +.SS read only (S) +See +.B writable +and +.B write ok. +Note that this is an inverted synonym for writable and write ok. +.SS read prediction (G) +This options enables or disables the read prediction code used to +speed up reads from the server. When enabled the server will try to +pre-read data from the last accessed file that was opened read-only +while waiting for packets. + +.SS Default: + read prediction = False + +.SS Example: + read prediction = True +.SS read raw (G) +This parameter controls whether or not the server will support raw reads when +transferring data to clients. + +If enabled, raw reads allow reads of 65535 bytes in one packet. This +typically provides a major performance benefit. + +However, some clients either negotiate the allowable block size incorrectly +or are incapable of supporting larger block sizes, and for these clients you +may need to disable raw reads. + +In general this parameter should be viewed as a system tuning tool and left +severely alone. See also +.B write raw. + +.B Default: + read raw = yes + +.B Example: + read raw = no +.SS read size (G) + +The option "read size" affects the overlap of disk reads/writes with +network reads/writes. If the amount of data being transferred in +several of the SMB commands (currently SMBwrite, SMBwriteX and +SMBreadbraw) is larger than this value then the server begins writing +the data before it has received the whole packet from the network, or +in the case of SMBreadbraw, it begins writing to the network before +all the data has been read from disk. + +This overlapping works best when the speeds of disk and network access +are similar, having very little effect when the speed of one is much +greater than the other. + +The default value is 2048, but very little experimentation has been +done yet to determine the optimal value, and it is likely that the best +value will vary greatly between systems anyway. A value over 65536 is +pointless and will cause you to allocate memory unnecessarily. + +.B Default: + read size = 2048 + +.B Example: + read size = 8192 + +.SS revalidate (S) + +This options controls whether Samba will allow a previously validated +username/password pair to be used to attach to a share. Thus if you +connect to \\\\server\\share1 then to \\\\server\\share2 it won't +automatically allow the client to request connection to the second +share as the same username as the first without a password. + +If "revalidate" is True then the client will be denied automatic +access as the same username. + +.B Default: + revalidate = False + +.B Example: + revalidate = True + +.SS root (G) +See +.B root directory. +.SS root dir (G) +See +.B root directory. +.SS root directory (G) +Synonyms for this parameter are 'root dir' and 'root'. + +The server will chroot() to this directory on startup. This is not +strictly necessary for secure operation. Even without it the server +will deny access to files not in one of the service entries. It may +also check for, and deny access to, soft links to other parts of the +filesystem, or attempts to use .. in file names to access other +directories (depending on the setting of the "wide links" parameter). + +Adding a "root dir" entry other than "/" adds an extra level of security, +but at a price. It absolutely ensures that no access is given to files not +in the sub-tree specified in the "root dir" option, *including* some files +needed for complete operation of the server. To maintain full operability +of the server you will need to mirror some system files into the "root dir" +tree. In particular you will need to mirror /etc/passwd (or a subset of it), +and any binaries or configuration files needed for printing (if required). +The set of files that must be mirrored is operating system dependent. + +.B Default: + root directory = / + +.B Example: + root directory = /homes/smb +.SS security (G) +This option does affects how clients respond to Samba. + +The option sets the "security mode bit" in replies to protocol negotiations +to turn share level security on or off. Clients decide based on this bit +whether (and how) to transfer user and password information to the server. + +The default is "security=SHARE", mainly because that was the only +option at one stage. + +The alternatives are "security = user" or "security = server". + +If your PCs use usernames that are the same as their usernames on the +unix machine then you will want to use "security = user". If you +mostly use usernames that don't exist on the unix box then use +"security = share". + +There is a bug in WfWg that may affect your decision. When in user +level security a WfWg client will totally ignore the password you type +in the "connect drive" dialog box. This makes it very difficult (if +not impossible) to connect to a Samba service as anyone except the +user that you are logged into WfWg as. + +If you use "security = server" then Samba will try to validate the +username/password by passing it to another SMB server, such as an NT +box. If this fails it will revert to "security = USER". + +See the "password server" option for more details. + +.B Default: + security = SHARE + +.B Example: + security = USER +.SS server string (G) +This controls what string will show up in the printer comment box in +print manager and next to the IPC connection in "net view". It can be +any string that you wish to show to your users. + +Note that it DOES NOT affect the string that appears in browse +lists. That is controlled by a nmbd command line option instead. + +A %v will be replaced with the Samba version number. + +A %h will be replaced with the hostname. + +.B Default: + server string = Samba %v + +.B Example: + server string = University of GNUs Samba Server + +.SS smbrun (G) +This sets the full path to the smbrun binary. This defaults to the +value in the Makefile. + +You must get this path right for many services to work correctly. + +.B Default: taken from Makefile + +.B Example: + smbrun = /usr/local/samba/bin/smbrun + +.SS short preserve case (S) + +This controls if new short filenames are created with the case that +the client passes, or if they are forced to be the "default" case. + +.B Default: + short preserve case = no + +See the section on "NAME MANGLING" for a fuller discussion. + +.SS root preexec (S) + +This is the same as preexec except that the command is run as +root. This is useful for mounting filesystems (such as cdroms) before +a connection is finalised. + +.SS root postexec (S) + +This is the same as postexec except that the command is run as +root. This is useful for unmounting filesystems (such as cdroms) after +a connection is closed. + +.SS set directory (S) +If 'set directory = no', then users of the service may not use the setdir +command to change directory. + +The setdir comand is only implemented in the Digital Pathworks client. See the +Pathworks documentation for details. +.B Default: + set directory = no + +.B Example: + set directory = yes + +.SS share modes (S) + +This enables or disables the honouring of the "share modes" during a +file open. These modes are used by clients to gain exclusive read or +write access to a file. + +These open modes are not directly supported by unix, so they are +simulated using lock files in the "lock directory". The "lock +directory" specified in smb.conf must be readable by all users. + +The share modes that are enabled by this option are DENY_DOS, +DENY_ALL, DENY_READ, DENY_WRITE, DENY_NONE and DENY_FCB. + +Enabling this option gives full share compatability but may cost a bit +of processing time on the unix server. They are enabled by default. + +.B Default: + share modes = yes + +.B Example: + share modes = no + +.SS socket options (G) +This option (which can also be invoked with the -O command line +option) allows you to set socket options to be used when talking with +the client. + +Socket options are controls on the networking layer of the operating +systems which allow the connection to be tuned. + +This option will typically be used to tune your Samba server for +optimal performance for your local network. There is no way that Samba +can know what the optimal parameters are for your net, so you must +experiment and choose them yourself. I strongly suggest you read the +appropriate documentation for your operating system first (perhaps +"man setsockopt" will help). + +You may find that on some systems Samba will say "Unknown socket +option" when you supply an option. This means you either mis-typed it +or you need to add an include file to includes.h for your OS. If the +latter is the case please send the patch to me +(samba-bugs@anu.edu.au). + +Any of the supported socket options may be combined in any way you +like, as long as your OS allows it. + +This is the list of socket options currently settable using this +option: + + SO_KEEPALIVE + + SO_REUSEADDR + + SO_BROADCAST + + TCP_NODELAY + + IPTOS_LOWDELAY + + IPTOS_THROUGHPUT + + SO_SNDBUF * + + SO_RCVBUF * + + SO_SNDLOWAT * + + SO_RCVLOWAT * + +Those marked with a * take an integer argument. The others can +optionally take a 1 or 0 argument to enable or disable the option, by +default they will be enabled if you don't specify 1 or 0. + +To specify an argument use the syntax SOME_OPTION=VALUE for example +SO_SNDBUF=8192. Note that you must not have any spaces before or after +the = sign. + +If you are on a local network then a sensible option might be + +socket options = IPTOS_LOWDELAY + +If you have an almost unloaded local network and you don't mind a lot +of extra CPU usage in the server then you could try + +socket options = IPTOS_LOWDELAY TCP_NODELAY + +If you are on a wide area network then perhaps try setting +IPTOS_THROUGHPUT. + +Note that several of the options may cause your Samba server to fail +completely. Use these options with caution! + +.B Default: + no socket options + +.B Example: + socket options = IPTOS_LOWDELAY + + + + +.SS status (G) +This enables or disables logging of connections to a status file that +smbstatus can read. + +With this disabled smbstatus won't be able to tell you what +connections are active. + +.B Default: + status = yes + +.B Example: + status = no + +.SS strip dot (G) +This is a boolean that controls whether to strup trailing dots off +filenames. This helps with some CDROMs that have filenames ending in a +single dot. + +NOTE: This option is now obsolete, and may be removed in future. You +should use the "mangled map" option instead as it is much more +general. + +.SS strict locking (S) +This is a boolean that controls the handling of file locking in the +server. When this is set to yes the server will check every read and +write access for file locks, and deny access if locks exist. This can +be slow on some systems. + +When strict locking is "no" the server does file lock checks only when +the client explicitly asks for them. + +Well behaved clients always ask for lock checks when it is important, +so in the vast majority of cases "strict locking = no" is preferable. + +.B Default: + strict locking = no + +.B Example: + strict locking = yes + +.SS sync always (S) + +This is a boolean parameter that controls whether writes will always +be written to stable storage before the write call returns. If this is +false then the server will be guided by the clients request in each +write call (clients can set a bit indicating that a particular write +should be synchronous). If this is true then every write will be +followed by a fsync() call to ensure the data is written to disk. + +.B Default: + sync always = no + +.B Example: + sync always = yes + +.SS time offset (G) +This parameter is a setting in minutes to add to the normal GMT to +local time conversion. This is useful if you are serving a lot of PCs +that have incorrect daylight saving time handling. + +.B Default: + time offset = 0 + +.B Example: + time offset = 60 + +.SS user (S) +See +.B username. +.SS username (S) +A synonym for this parameter is 'user'. + +Multiple users may be specified in a comma-delimited list, in which case the +supplied password will be tested against each username in turn (left to right). + +The username= line is needed only when the PC is unable to supply it's own +username. This is the case for the coreplus protocol or where your +users have different WfWg usernames to unix usernames. In both these +cases you may also be better using the \\\\server\\share%user syntax +instead. + +The username= line is not a great solution in many cases as it means Samba +will try to validate the supplied password against each of the +usernames in the username= line in turn. This is slow and a bad idea for +lots of users in case of duplicate passwords. You may get timeouts or +security breaches using this parameter unwisely. + +Samba relies on the underlying unix security. This parameter does not +restrict who can login, it just offers hints to the Samba server as to +what usernames might correspond to the supplied password. Users can +login as whoever they please and they will be able to do no more +damage than if they started a telnet session. The daemon runs as the +user that they log in as, so they cannot do anything that user cannot +do. + +To restrict a service to a particular set of users you can use the +"valid users=" line. + +If any of the usernames begin with a @ then the name will be looked up +in the groups file and will expand to a list of all users in the group +of that name. Note that searching though a groups file can take quite +some time, and some clients may time out during the search. + +See the section below on username/password validation for more information +on how this parameter determines access to the services. + +.B Default: + The guest account if a guest service, else the name of the service. + +.B Examples: + username = fred + username = fred, mary, jack, jane, @users, @pcgroup + +.SS username map (G) + +This option allows you to to specify a file containing a mapping of +usernames from the clients to the server. This can be used for several +purposes. The most common is to map usernames that users use on dos or +windows machines to those that the unix box uses. The other is to map +multiple users to a single username so that they can more easily share +files. + +The map file is parsed line by line. Each line should contain a single +unix username on the left then a '=' followed by a list of usernames +on the right. The list of usernames on the right may contain names of +the form @group in which case they will match any unix username in +that group. The special client name '*' is a wildcard and matches any +name. + +The file is processed on each line by taking the supplied username and +comparing it with each username on the right hand side of the '=' +signs. If the supplied name matrches any of the names on the right +hand side then it is replaced with the name on the left. Processing +then continues with the next line. + +If any line begins with a '#' or a ';' then it is ignored + +For example to map from he name "admin" or "administrator" to the unix +name "root" you would use + + root = admin administrator + +Or to map anyone in the unix group "system" to the unix name "sys" you +would use + + sys = @system + +You can have as many mappings as you like in a username map file. + +Note that the remapping is applied to all occurances of +usernames. Thus if you connect to "\\\\server\\fred" and "fred" is +remapped to "mary" then you will actually be connecting to +"\\\\server\\mary" and will need to supply a password suitable for +"mary" not "fred". The only exception to this is the username passwed +to the "password server" (if you have one). The password server will +receive whatever username the client supplies without modification. + +Also note that no reverse mapping is done. The main effect this has is +with printing. Users who have been mapped may have trouble deleting +print jobs as PrintManager under WfWg will think they don't own the +print job. + +.B Default + no username map + +.B Example + username map = /usr/local/samba/lib/users.map + +.SS valid chars (S) + +The option allows you to specify additional characters that should be +considered valid by the server in filenames. This is particularly +useful for national character sets, such as adding u-umlaut or a-ring. + +The option takes a list of characters in either integer or character +form with spaces between them. If you give two characters with a colon +between them then it will be taken as an lowercase:uppercase pair. + +If you have an editor capable of entering the characters into the +config file then it is probably easiest to use this method. Otherwise +you can specify the characters in octal, decimal or hexidecimal form +using the usual C notation. + +For example to add the single character 'Z' to the charset (which is a +pointless thing to do as it's already there) you could do one of the +following + +valid chars = Z +valid chars = z:Z +valid chars = 0132:0172 + +The last two examples above actually add two characters, and alters +the uppercase and lowercase mappings appropriately. + +.B Default + Samba defaults to using a reasonable set of valid characters + for english systems + +.B Example + valid chars = 0345:0305 0366:0326 0344:0304 + +The above example allows filenames to have the swedish characters in +them. + +.SS valid users (S) +This is a list of users that should be allowed to login to this +service. A name starting with @ is interpreted as a unix group. + +If this is empty (the default) then any user can login. If a username +is in both this list and the "invalid users" list then access is +denied for that user. + +The current servicename is substituted for %S. This is useful in the +[homes] section. + +See also "invalid users" + +.B Default + No valid users list. (anyone can login) + +.B Example + valid users = greg, @pcusers + +.SS volume (S) +This allows you to override the volume label returned for a +share. Useful for CDROMs whos installation programs insist on a +particular volume label. + +The default is the name of the share + +.SS wide links (S) +This parameter controls whether or not links in the Unix file system may be +followed by the server. Links that point to areas within the directory tree +exported by the server are always allowed; this parameter controls access +only to areas that are outside the directory tree being exported. + +.B Default: + wide links = yes + +.B Example: + wide links = no + +.SS workgroup (G) + +This controls what workgroup your server will appear to be in when +queried by clients. This can be different to the workgroup specified +in the nmbd configuration, but it is probably best if you set them to +the same value. + +.B Default: + set in the Makefile + +.B Example: + workgroup = MYGROUP + +.SS write ok (S) +See +.B writable +and +.B read only. +.SS writable (S) +A synonym for this parameter is 'write ok'. An inverted synonym is 'read only'. + +If this parameter is 'no', then users of a service may not create or modify +files in the service's directory. + +Note that a printable service ('printable = yes') will ALWAYS allow +writing to the directory (user privileges permitting), but only via +spooling operations. + +.B Default: + writable = no + +.B Examples: + read only = no + writable = yes + write ok = yes +.SS write list (S) +This is a list of users that are given read-write access to a +service. If the connecting user is in this list then they will be +given write access, no matter what the "read only" option is set +to. The list can include group names using the @group syntax. + +Note that if a user is in both the read list and the write list then +they will be given write access. + +See also the "read list" option + +.B Default: + write list = + +.B Example: + write list = admin, root, @staff + +.SS write raw (G) +This parameter controls whether or not the server will support raw writes when +transferring data from clients. + +.B Default: + write raw = yes + +.B Example: + write raw = no +.SH NOTE ABOUT USERNAME/PASSWORD VALIDATION +There are a number of ways in which a user can connect to a +service. The server follows the following steps in determining if it +will allow a connection to a specified service. If all the steps fail +then the connection request is rejected. If one of the steps pass then +the following steps are not checked. + +If the service is marked "guest only = yes" then steps 1 to 5 are skipped + +Step 1: If the client has passed a username/password pair and that +username/password pair is validated by the unix systems password +programs then the connection is made as that username. Note that this +includes the \\\\server\\service%username method of passing a username. + +Step 2: If the client has previously registered a username with the +system and now supplies a correct password for that username then the +connection is allowed. + +Step 3: The clients netbios name and any previously used user names +are checked against the supplied password, if they match then the +connection is allowed as the corresponding user. + +Step 4: If the client has previously validated a username/password +pair with the server and the client has passed the validation token +then that username is used. This step is skipped if "revalidate = yes" +for this service. + +Step 5: If a "user = " field is given in the smb.conf file for the +service and the client has supplied a password, and that password +matches (according to the unix systems password checking) with one of +the usernames from the user= field then the connection is made as the +username in the "user=" line. If one of the username in the user= list +begins with a @ then that name expands to a list of names in the group +of the same name. + +Step 6: If the service is a guest service then a connection is made as +the username given in the "guest account =" for the service, +irrespective of the supplied password. + + +.SH WARNINGS +Although the configuration file permits service names to contain spaces, +your client software may not. Spaces will be ignored in comparisons anyway, +so it shouldn't be a problem - but be aware of the possibility. + +On a similar note, many clients - especially DOS clients - limit service +names to eight characters. Smbd has no such limitation, but attempts +to connect from such clients will fail if they truncate the service names. +For this reason you should probably keep your service names down to eight +characters in length. + +Use of the [homes] and [printers] special sections make life for an +administrator easy, but the various combinations of default attributes can be +tricky. Take extreme care when designing these sections. In particular, +ensure that the permissions on spool directories are correct. +.SH VERSION +This man page is (mostly) correct for version 1.9.00 of the Samba suite, plus some +of the recent patches to it. These notes will necessarily lag behind +development of the software, so it is possible that your version of +the server has extensions or parameter semantics that differ from or are not +covered by this man page. Please notify these to the address below for +rectification. + +Prior to version 1.5.21 of the Samba suite, the configuration file was +radically different (more primitive). If you are using a version earlier than +1.8.05, it is STRONGLY recommended that you upgrade. +.SH OPTIONS +Not applicable. + +.SH FILES +Not applicable. + +.SH ENVIRONMENT VARIABLES +Not applicable. + +.SH SEE ALSO +.B smbd(8), +.B smbclient(1), +.B nmbd(8), +.B testparm(1), +.B testprns(1), +.B lpq(1), +.B hosts_access(5) +.SH DIAGNOSTICS +[This section under construction] + +Most diagnostics issued by the server are logged in a specified log file. The +log file name is specified at compile time, but may be overridden on the +smbd (see smbd(8)) command line. + +The number and nature of diagnostics available depends on the debug level used +by the server. If you have problems, set the debug level to 3 and peruse the +log files. + +Most messages are reasonably self-explanatory. Unfortunately, at time of +creation of this man page the source code is still too fluid to warrant +describing each and every diagnostic. At this stage your best bet is still +to grep the source code and inspect the conditions that gave rise to the +diagnostics you are seeing. + +.SH BUGS +None known. + +Please send bug reports, comments and so on to: + +.RS 3 +.B samba-bugs@anu.edu.au (Andrew Tridgell) + +.RS 3 +or to the mailing list +.RE + +.B samba@listproc.anu.edu.au + +.RE +You may also like to subscribe to the announcement channel + +.RS 3 +samba-announce@listproc.anu.edu.au +.RE + +To subscribe to these lists send a message to +listproc@listproc.anu.edu.au with a body of "subscribe samba Your +Name" or "subscribe samba-announce Your Name". + +Errors or suggestions for improvements to the Samba man pages should be +mailed to: + +.RS 3 +.B samba-bugs@anu.edu.au (Andrew Tridgell) +.RE + diff -u -r --new-file last-version/docs/smbclient.1 samba-1.9.15p4/docs/smbclient.1 --- last-version/docs/smbclient.1 Thu Jul 6 17:25:41 1995 +++ samba-1.9.15p4/docs/smbclient.1 Wed Nov 22 22:28:03 1995 @@ -970,7 +970,7 @@ None known. .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. This man page written by Karl Auer (Karl.Auer@anu.edu.au) diff -u -r --new-file last-version/docs/smbd.8 samba-1.9.15p4/docs/smbd.8 --- last-version/docs/smbd.8 Mon Mar 13 22:11:31 1995 +++ samba-1.9.15p4/docs/smbd.8 Wed Nov 22 22:28:10 1995 @@ -397,7 +397,7 @@ None known. .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. This man page written by Karl Auer (Karl.Auer@anu.edu.au) diff -u -r --new-file last-version/docs/smbrun.1 samba-1.9.15p4/docs/smbrun.1 --- last-version/docs/smbrun.1 Tue Jan 17 20:19:55 1995 +++ samba-1.9.15p4/docs/smbrun.1 Wed Nov 22 22:28:16 1995 @@ -60,7 +60,7 @@ None known. .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. This man page was written by Karl Auer (Karl.Auer@anu.edu.au) diff -u -r --new-file last-version/docs/smbtar.1 samba-1.9.15p4/docs/smbtar.1 --- last-version/docs/smbtar.1 Thu Jun 29 17:37:34 1995 +++ samba-1.9.15p4/docs/smbtar.1 Wed Nov 22 22:28:22 1995 @@ -130,7 +130,7 @@ .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. Ricky Poulten (poultenr@logica.co.uk) wrote the tar extension and this diff -u -r --new-file last-version/docs/testparm.1 samba-1.9.15p4/docs/testparm.1 --- last-version/docs/testparm.1 Mon Mar 20 13:31:47 1995 +++ samba-1.9.15p4/docs/testparm.1 Wed Nov 22 22:28:28 1995 @@ -93,7 +93,7 @@ None known. .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. The testparm program and this man page were written by Karl Auer diff -u -r --new-file last-version/docs/testprns.1 samba-1.9.15p4/docs/testprns.1 --- last-version/docs/testprns.1 Sat Mar 18 21:33:13 1995 +++ samba-1.9.15p4/docs/testprns.1 Wed Nov 22 22:28:34 1995 @@ -96,7 +96,7 @@ None known. .SH CREDITS The original Samba software and related utilities were created by -Andrew Tridgell (Andrew.Tridgell@anu.edu.au). Andrew is also the Keeper +Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper of the Source for this project. The testprns program and this man page were written by Karl Auer diff -u -r --new-file last-version/source/Makefile samba-1.9.15p4/source/Makefile --- last-version/source/Makefile Wed Nov 22 17:50:54 1995 +++ samba-1.9.15p4/source/Makefile Fri Nov 24 00:42:24 1995 @@ -23,6 +23,7 @@ INSTALLPERMS = 0755 # Add any optimisation or debugging flags here +# add -DSYSLOG for syslog support FLAGS1 = -O LIBS1 = @@ -425,7 +426,7 @@ LIBS = $(LIBS1) $(LIBSM) $(DCE_LIBS) $(DES_LIB) PROGS1 = smbd smbclient nmbd testparm testprns smbrun smbstatus smbpasswd -PROGS = $(PROGS1) nmblookup +PROGS = $(PROGS1) nmblookup addtosmbpass SCRIPTS = smbtar all : CHECK $(PROGS) @@ -440,9 +441,8 @@ INCLUDES = $(INCLUDES1) $(INCLUDES2) UTILOBJ1 = util.o system.o charset.o kanji.o fault.o smbencrypt.o charcnv.o -UTILOBJ = $(UTILOBJ1) md4.o -PARAMOBJ1 = $(UTILOBJ) loadparm.o params.o pcap.o access.o username.o -PARAMOBJ = $(PARAMOBJ1) ufc.o smbpass.o +UTILOBJ = $(UTILOBJ1) md4.o loadparm.o params.o pcap.o username.o +PARAMOBJ = $(UTILOBJ) ufc.o smbpass.o access.o SMBDOBJ1 = $(PARAMOBJ) trans2.o message.o dir.o printing.o locking.o SMBDOBJ2 = ipc.o reply.o mangle.o chgpasswd.o password.o SMBDOBJ = $(SMBDOBJ1) $(SMBDOBJ2) $(VTP_OBJ) diff -u -r --new-file last-version/source/addtosmbpass samba-1.9.15p4/source/addtosmbpass --- last-version/source/addtosmbpass Thu Jan 1 10:00:00 1970 +++ samba-1.9.15p4/source/addtosmbpass Fri Nov 24 00:41:08 1995 @@ -0,0 +1,74 @@ +#!/usr/bin/awk -f +# edit the line above to point to your real location of awk interpreter + +# awk program for adding new entries in smbpasswd files +# arguments are account names to add; feed it an existent Samba password +# file on stdin, results will be written on stdout +# +# Michal Jaegermann, michal@ellpspace.math.ualberta.ca, 1995-11-09 + +BEGIN { + me = "addtosmbpass"; + count = ARGC; + FS = ":"; + + if (count == 1) { + print "Usage:", me, + "name1 [name2 ....] < smbpasswd.in > smbpasswd.out"; + ARGV[1] = "/dev/null"; + ARGC = 2; + exit; + } + + for(i = 1; i < count; i++) { + names[ARGV[i]] = " "; + delete ARGV[i]; + } +# sane awk should work simply with 'ARGC = 1', but not every awk +# implementation is sane - big sigh!! + ARGV[1] = "-"; + ARGC = 2; +# +# If you have ypmatch but is not RPC registered (some Linux systems +# for example) comment out the next line. +# "which ypmatch" | getline ypmatch; + if (1 != match(ypmatch, /^\//)) { + ypmatch = ""; + } + pwdf = "/etc/passwd"; +} +#check for names already present in input +{ + print $0; + for(name in names) { + if($1 ~ name) { + delete names[name]; + } + } +} +END { + fmt = "%s:%s:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:"; + fmt = fmt "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:%s:%s:%s\n"; + for(name in names) { + while ((getline < pwdf) > 0) { + if ($1 == name) { + printf(fmt, $1, $3, $5, $6, $7); + close(pwdf); + notfound = ""; + break; + } + notfound = "n"; + } + $0 = ""; + if (notfound && ypmatch) { +# try to find in NIS databases + command = ypmatch " " name " passwd"; + command | getline; + if (NF > 0) { + printf(fmt, $1, $3, $5, $6, $7); + } + close(command); + } + } +} + diff -u -r --new-file last-version/source/change-log samba-1.9.15p4/source/change-log --- last-version/source/change-log Wed Nov 22 22:04:02 1995 +++ samba-1.9.15p4/source/change-log Fri Nov 24 23:20:15 1995 @@ -1688,10 +1688,30 @@ - fixed problem in smbmv that led to ar not working in mks - added transs2 - released p3 + - updated email addresses + - fix for innetgr from Olaf Seibert (rhialto@polder.ubc.kun.nl) + - client translate fix from bandc@dircon.co.uk + - netbsd bcast fix from from Olaf Seibert (rhialto@polder.ubc.kun.nl) + - syslog code from Alex Nash <alex@fa.tca.com> + - strip dot fix from Arne Ansper <arne@ioc.ee> + - added addtosmbpass + man page from + michal@ellpspace.math.ualberta.ca (Michal Jaegermann) + - pcap fix for AIX from Jon Christiansen <jchristi@sctcorp.com> + - fixed servertype bug in remote announcements + - fixed up illegal name checks (should also be faster) + - kanji patches from fujita@ainix.isac.co.jp (Takashi Fujita) + - fixed bug handling non-encrypted passwords + - released p4 ========== todo: + +hosts allow in nmbd + +hosts allow cache + +add password command in smbclient drag long filename to samba under os/2 gives short name diff -u -r --new-file last-version/source/client.c samba-1.9.15p4/source/client.c --- last-version/source/client.c Wed Nov 22 20:43:21 1995 +++ samba-1.9.15p4/source/client.c Thu Nov 23 11:13:47 1995 @@ -19,6 +19,10 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#ifdef SYSLOG +#undef SYSLOG +#endif + #include "includes.h" #ifndef REGISTER @@ -211,6 +215,7 @@ if (c == '\n') /* change all LFs to CR/LF */ { b[i++] = '\r'; + n++; } b[i++] = c; @@ -1472,7 +1477,7 @@ get_total_size += finfo.size; DEBUG(2,("(%g kb/s) (average %g kb/s)\n", - finfo.size / (1.024*this_time), + finfo.size / (1.024*this_time + 1.0e-4), get_total_size / (1.024*get_total_time_ms))); } @@ -1973,7 +1978,7 @@ put_total_size += finfo->size; DEBUG(2,("(%g kb/s) (average %g kb/s)\n", - finfo->size / (1.024*this_time), + finfo->size / (1.024*this_time + 1.0e-4), put_total_size / (1.024*put_total_time_ms))); } } diff -u -r --new-file last-version/source/clitar.c samba-1.9.15p4/source/clitar.c --- last-version/source/clitar.c Wed Nov 22 15:05:30 1995 +++ samba-1.9.15p4/source/clitar.c Thu Nov 23 10:07:28 1995 @@ -729,7 +729,7 @@ get_total_size += finfo.size; DEBUG(2,("(%g kb/s) (average %g kb/s)\n", - finfo.size / (1.024*this_time), + finfo.size / (1.024*this_time + 1.0e-4), get_total_size / (1.024*get_total_time_ms))); } diff -u -r --new-file last-version/source/includes.h samba-1.9.15p4/source/includes.h --- last-version/source/includes.h Wed Nov 22 21:55:27 1995 +++ samba-1.9.15p4/source/includes.h Thu Nov 23 11:03:29 1995 @@ -179,6 +179,10 @@ #endif #endif +#ifdef SYSLOG +#include <syslog.h> +#endif + /*************************************************************************** @@ -420,6 +424,7 @@ #define NO_GETSPNAM #define SIGNAL_CAST (void (*)()) #define USE_DIRECT +#define REPLACE_INNETGR #endif @@ -431,6 +436,7 @@ #include <netinet/ip.h> #define SIGNAL_CAST (void (*)()) #define USE_DIRECT +#define REPLACE_INNETGR #endif @@ -762,6 +768,10 @@ #ifdef REPLACE_GETPASS extern char *getsmbpass(char *); #define getpass(s) getsmbpass(s) +#endif + +#ifdef REPLACE_INNETGR +#define innetgr(group,host,user,dom) InNetGr(group,host,user,dom) #endif #ifndef FD_SETSIZE diff -u -r --new-file last-version/source/ipc.c samba-1.9.15p4/source/ipc.c --- last-version/source/ipc.c Wed Nov 22 21:08:05 1995 +++ samba-1.9.15p4/source/ipc.c Thu Nov 23 14:28:05 1995 @@ -1581,10 +1581,14 @@ SCVAL(p,0,2); /* version_major */ SCVAL(p,1,0); /* version_minor */ SIVAL(p,2,servertype); - SIVAL(p,6,PTR_DIFF(p2,*rdata)); - standard_sub(cnum,comment); - StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); - p2 = skip_string(p2,1); + if (mdrcnt == struct_len) { + SIVAL(p,6,0); + } else { + SIVAL(p,6,PTR_DIFF(p2,*rdata)); + standard_sub(cnum,comment); + StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); + p2 = skip_string(p2,1); + } } if (uLevel > 1) { @@ -1802,6 +1806,57 @@ return(True); } + +/******************************************************************* + get groups that a user is a member of + ******************************************************************/ +static BOOL api_NetUserGetGroups(int cnum,int uid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *UserName = skip_string(str2,1); + char *p = skip_string(UserName,1); + int uLevel = SVAL(p,0); + char *p2; + int count=0; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + + /* check it's a supported varient */ + if (strcmp(str1,"zWrLeh") != 0) return False; + switch( uLevel ) { + case 0: p2 = "B21"; break; + default: return False; + } + if (strcmp(p2,str2) != 0) return False; + + *rdata_len = mdrcnt + 1024; + *rdata = REALLOC(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + + /* XXXX we need a real SAM database some day */ + strcpy(p,"Users"); p += 21; count++; + strcpy(p,"Domain Users"); p += 21; count++; + strcpy(p,"Guests"); p += 21; count++; + strcpy(p,"Domain Guests"); p += 21; count++; + + *rdata_len = PTR_DIFF(p,*rdata); + + SSVAL(*rparam,4,count); /* is this right?? */ + SSVAL(*rparam,6,count); /* is this right?? */ + + return(True); +} + + static BOOL api_WWkstaUserLogon(int cnum,int uid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2389,6 +2444,7 @@ {"RNetShareGetInfo", 1, api_RNetShareGetInfo,0}, {"RNetServerGetInfo", 13, api_RNetServerGetInfo,0}, {"RNetUserGetInfo", 56, api_RNetUserGetInfo,0}, + {"NetUserGetGroups", 59, api_NetUserGetGroups,0}, {"NetWkstaGetInfo", 63, api_NetWkstaGetInfo,0}, {"DosPrintQEnum", 69, api_DosPrintQEnum,0}, {"DosPrintQGetInfo", 70, api_DosPrintQGetInfo,0}, diff -u -r --new-file last-version/source/kanji.c samba-1.9.15p4/source/kanji.c --- last-version/source/kanji.c Fri Sep 15 20:17:44 1995 +++ samba-1.9.15p4/source/kanji.c Fri Nov 24 14:43:02 1995 @@ -199,7 +199,7 @@ } *out = 0; if (overwrite) { - strcpy((char *) save, (const char *) cvtbuf); + strcpy((char *) save, (char *) cvtbuf); return (char *) save; } else { return cvtbuf; @@ -232,7 +232,7 @@ } *out = 0; if (overwrite) { - strcpy(save, (const char *) cvtbuf); + strcpy(save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -306,7 +306,7 @@ } *out = 0; if (overwrite) { - strcpy (save, (const char *) cvtbuf); + strcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -363,7 +363,7 @@ } *out = 0; if (overwrite) { - strcpy (save, (const char *) cvtbuf); + strcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -423,7 +423,7 @@ } *out = 0; if (overwrite) { - strcpy (save, (const char *) cvtbuf); + strcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -500,7 +500,7 @@ } *out = 0; if (overwrite) { - strcpy (save, (const char *) cvtbuf); + strcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -557,7 +557,7 @@ } *out = 0; if (overwrite) { - strcpy (save, (const char *) cvtbuf); + strcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -627,7 +627,7 @@ } *out = 0; if (overwrite) { - strcpy (save, (const char *) cvtbuf); + strcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -654,7 +654,7 @@ } *dp = '\0'; if (overwrite) { - strcpy ((char *) from, (const char *) cvtbuf); + strcpy ((char *) from, (char *) cvtbuf); return (char *) from; } else { return cvtbuf; @@ -691,7 +691,7 @@ } *dp = '\0'; if (overwrite) { - strcpy ((char *) from, (const char *) cvtbuf); + strcpy ((char *) from, (char *) cvtbuf); return (char *) from; } else { return cvtbuf; @@ -699,13 +699,42 @@ } /******************************************************************* + kanji/kana -> ":xx" +********************************************************************/ +static char * +sj_to_cap (const char *from, BOOL overwrite) +{ + unsigned char *sp, *dp; + + sp = (unsigned char*) from; + dp = (unsigned char*) cvtbuf; + while (*sp) { + if (*sp >= 0x80) { + *dp++ = hex_tag; + *dp++ = bin2hex (((*sp)>>4)&0x0f); + *dp++ = bin2hex ((*sp)&0x0f); + sp++; + } else { + *dp++ = *sp++; + } + } + *dp = '\0'; + if (overwrite) { + strcpy ((char *) from, (char *) cvtbuf); + return (char *) from; + } else { + return cvtbuf; + } +} + +/******************************************************************* sj to sj ********************************************************************/ static char * sj_to_sj (const char *from, BOOL overwrite) { if (!overwrite) { - strcpy (cvtbuf, (const char *) from); + strcpy (cvtbuf, (char *) from); return cvtbuf; } else { return (char *) from; @@ -755,6 +784,11 @@ _dos_to_unix = sj_to_hex; _unix_to_dos = hex_to_sj; break; + + case CAP_CODE: + _dos_to_unix = sj_to_cap; + _unix_to_dos = hex_to_sj; + break; } return codes; } @@ -771,6 +805,9 @@ codes = SJIS_CODE; } else if (strequal (str, "euc")) { codes = EUC_CODE; + } else if (strequal (str, "cap")) { + codes = CAP_CODE; + hex_tag = HEXTAG; } else if (strequal (str, "hex")) { codes = HEX_CODE; hex_tag = HEXTAG; diff -u -r --new-file last-version/source/kanji.h samba-1.9.15p4/source/kanji.h --- last-version/source/kanji.h Tue Nov 7 11:03:48 1995 +++ samba-1.9.15p4/source/kanji.h Fri Nov 24 14:43:02 1995 @@ -115,6 +115,7 @@ #define JIS8_CODE (3) #define JUNET_CODE (4) #define HEX_CODE (5) +#define CAP_CODE (6) #define DOSV_CODE SJIS_CODE int interpret_coding_system (char *str, int def); diff -u -r --new-file last-version/source/loadparm.c samba-1.9.15p4/source/loadparm.c --- last-version/source/loadparm.c Wed Nov 22 18:00:55 1995 +++ samba-1.9.15p4/source/loadparm.c Thu Nov 23 13:35:22 1995 @@ -143,6 +143,7 @@ int printing; int maxdisksize; int lpqcachetime; + int syslog; int os_level; int max_ttl; BOOL bPreferredMaster; @@ -156,6 +157,7 @@ BOOL bWriteRaw; BOOL bReadPrediction; BOOL bReadbmpx; + BOOL bSyslogOnly; } global; static global Globals; @@ -341,6 +343,8 @@ { {"debuglevel", P_INTEGER, P_GLOBAL, &DEBUGLEVEL, NULL}, {"log level", P_INTEGER, P_GLOBAL, &DEBUGLEVEL, NULL}, + {"syslog", P_INTEGER, P_GLOBAL, &Globals.syslog, NULL}, + {"syslog only", P_BOOL, P_GLOBAL, &Globals.bSyslogOnly, NULL}, {"protocol", P_INTEGER, P_GLOBAL, &Globals.maxprotocol,handle_protocol}, {"security", P_INTEGER, P_GLOBAL, &Globals.security,handle_security}, {"printing", P_INTEGER, P_GLOBAL, &Globals.printing,handle_printing}, @@ -401,6 +405,7 @@ {"os level", P_INTEGER, P_GLOBAL, &Globals.os_level, NULL}, {"max ttl", P_INTEGER, P_GLOBAL, &Globals.max_ttl, NULL}, {"preferred master", P_BOOL, P_GLOBAL, &Globals.bPreferredMaster, NULL}, + {"prefered master", P_BOOL, P_GLOBAL, &Globals.bPreferredMaster, NULL}, {"domain master", P_BOOL, P_GLOBAL, &Globals.bDomainMaster, NULL}, {"-valid", P_BOOL, P_LOCAL, &sDefault.valid, NULL}, @@ -545,6 +550,8 @@ Globals.bReadbmpx = True; Globals.bNullPasswords = False; Globals.bStripDot = False; + Globals.syslog = 1; + Globals.bSyslogOnly = False; Globals.os_level = 0; Globals.max_ttl = 60*60*4; /* 2 hours default */ Globals.bPreferredMaster = True; @@ -670,8 +677,8 @@ FN_GLOBAL_BOOL(lp_null_passwords,&Globals.bNullPasswords) FN_GLOBAL_BOOL(lp_strip_dot,&Globals.bStripDot) FN_GLOBAL_BOOL(lp_encrypted_passwords,&Globals.bEncryptPasswords) +FN_GLOBAL_BOOL(lp_syslog_only,&Globals.bSyslogOnly) - FN_GLOBAL_INTEGER(lp_os_level,&Globals.os_level) FN_GLOBAL_INTEGER(lp_max_ttl,&Globals.max_ttl) FN_GLOBAL_INTEGER(lp_max_log_size,&Globals.max_log_size) @@ -687,6 +694,7 @@ FN_GLOBAL_INTEGER(lp_printing,&Globals.printing) FN_GLOBAL_INTEGER(lp_maxdisksize,&Globals.maxdisksize) FN_GLOBAL_INTEGER(lp_lpqcachetime,&Globals.lpqcachetime) +FN_GLOBAL_INTEGER(lp_syslog,&Globals.syslog) FN_LOCAL_STRING(lp_preexec,szPreExec) FN_LOCAL_STRING(lp_postexec,szPostExec) @@ -1542,7 +1550,7 @@ /* check for multiple global sections */ if (bInGlobalSection) { - DEBUG(2,( "Processing section \"[%s]\"\n", pszSectionName)); + DEBUG(3,( "Processing section \"[%s]\"\n", pszSectionName)); return(True); } diff -u -r --new-file last-version/source/loadparm.h samba-1.9.15p4/source/loadparm.h --- last-version/source/loadparm.h Wed Nov 22 18:01:21 1995 +++ samba-1.9.15p4/source/loadparm.h Thu Nov 23 11:18:52 1995 @@ -75,6 +75,7 @@ extern BOOL lp_null_passwords(void); extern BOOL lp_strip_dot(void); extern BOOL lp_encrypted_passwords(void); +extern BOOL lp_syslog_only(void); extern int lp_numservices(void); extern int lp_keepalive(void); extern int lp_passwordlevel(void); @@ -82,6 +83,7 @@ extern int lp_printing(void); extern int lp_maxdisksize(void); extern int lp_lpqcachetime(void); +extern int lp_syslog(void); extern int lp_deadtime(void); extern int lp_debuglevel(void); extern int lp_maxprotocol(void); diff -u -r --new-file last-version/source/mangle.c samba-1.9.15p4/source/mangle.c --- last-version/source/mangle.c Tue Nov 7 12:33:19 1995 +++ samba-1.9.15p4/source/mangle.c Fri Nov 24 14:55:22 1995 @@ -530,11 +530,41 @@ } + +/******************************************************************* + work out if a name is illegal, even for long names + ******************************************************************/ +static BOOL illegal_name(char *name) +{ + static unsigned char illegal[256]; + static BOOL initialised=False; + unsigned char *s; + + if (!initialised) { + char *ill = "*\\/?<>|\":{}"; + initialised = True; + + bzero((char *)illegal,256); + for (s = (unsigned char *)ill; *s; s++) + illegal[*s] = True; + } + + for (s = (unsigned char *)name;*s;s++) + if (illegal[*s]) return(True); + + return(False); +} + + /**************************************************************************** convert a filename to DOS format. return True if successful. ****************************************************************************/ BOOL name_map_mangle(char *OutName,BOOL need83,int snum) { +#ifdef MANGLE_LONG_FILENAMES + if (!need83 && illegal_name(OutName)) need83 = True; +#endif + /* apply any name mappings */ { char *map = lp_mangled_map(snum); diff -u -r --new-file last-version/source/nameserv.c samba-1.9.15p4/source/nameserv.c --- last-version/source/nameserv.c Wed Nov 22 21:14:57 1995 +++ samba-1.9.15p4/source/nameserv.c Fri Nov 24 14:28:09 1995 @@ -108,6 +108,8 @@ #define MSBROWSE "\001\002__MSBROWSE__\002" +#define GET_TTL(ttl) ((ttl)?MIN(ttl,lp_max_ttl()):lp_max_ttl()) + /**************************************************************************** catch a sighup ****************************************************************************/ @@ -401,8 +403,6 @@ BOOL newentry=False; struct server_record *s; - ttl = MIN(ttl,lp_max_ttl()); - for (s = serverlist; s; s = s->next) if (strequal(name,s->name)) break; @@ -455,7 +455,9 @@ add_host_entry(myname,0x20,True,0,SELF,ip); add_host_entry(myname,0x0,True,0,SELF,ip); - add_host_entry(myname,0x1f,True,0,SELF,ip); /* used for chat, I think */ + add_host_entry(myname,0x1f,True,0,SELF,ip); /* used for chat?? */ + add_host_entry(myname,0x3,True,0,SELF,ip); /* used for winpopup */ + if (!domainlist) add_domain_entry(lp_workgroup(),bcast_ip); add_server_entry(myname, @@ -770,6 +772,7 @@ ******************************************************************/ static void become_master(void) { + uint32 domain_type = SV_TYPE_DOMAIN_ENUM | SV_TYPE_SERVER_UNIX; DEBUG(2,("Becoming master for %s\n",PrimaryGroup)); ServerType |= SV_TYPE_MASTER_BROWSER; @@ -779,15 +782,24 @@ add_host_entry(PrimaryGroup,0x1d,True,0,SELF,myip); add_host_entry(PrimaryGroup,0x0,False,0,SELF,myip); add_host_entry(MSBROWSE,1,False,0,SELF,myip); - add_server_entry(PrimaryGroup,SV_TYPE_DOMAIN_ENUM,0,myname,True); - add_server_entry(myname,ServerType,0,ServerComment,True); if (lp_domain_master()) { + add_host_entry(myname,0x1b,True,0,SELF,myip); add_host_entry(PrimaryGroup,0x1b,True,0,SELF,myip); add_host_entry(PrimaryGroup,0x1c,False,0,SELF,myip); ServerType |= SV_TYPE_DOMAIN_MASTER; +#if 0 + ServerType |= SV_TYPE_DOMAIN_CTRL; + ServerType |= SV_TYPE_DOMAIN_MEMBER; + ServerType |= 0xFFFFFF; + domain_type |= SV_TYPE_DOMAIN_CTRL; + domain_type |= 0xFFFFFF; +#endif } + add_server_entry(PrimaryGroup,domain_type,0,myname,True); + add_server_entry(myname,ServerType,0,ServerComment,True); + announce_request(PrimaryGroup); needannounce = True; @@ -861,6 +873,7 @@ char *namep; char *stypep; char *commentp; + uint32 stype = ServerType; if (needannounce) { /* drop back to a max 3 minute announce - this is to prevent a @@ -877,8 +890,15 @@ if (d->announce_interval < 12*60) d->announce_interval += 60; d->lastannounce_time = t; - DEBUG(2,("Sending announcement to %s for workgroup %s type=%d\n", - inet_ntoa(d->bcast_ip),d->name)); + DEBUG(2,("Sending announcement to %s for workgroup %s\n", + inet_ntoa(d->bcast_ip),d->name)); + + if (!strequal(PrimaryGroup,d->name) || + !ip_equal(bcast_ip,d->bcast_ip)) { + stype &= ~(SV_TYPE_POTENTIAL_BROWSER | SV_TYPE_MASTER_BROWSER | + SV_TYPE_DOMAIN_MASTER | SV_TYPE_BACKUP_BROWSER | + SV_TYPE_DOMAIN_CTRL | SV_TYPE_DOMAIN_MEMBER); + } if (!*comment) comment = "NoComment"; if (!*my_name) my_name = "NoName"; @@ -897,7 +917,7 @@ CVAL(p,21) = 2; /* major version */ CVAL(p,22) = 2; /* minor version */ stypep = p+23; - SIVAL(p,23,ServerType); + SIVAL(p,23,stype); SSVAL(p,27,0xaa55); /* browse signature */ SSVAL(p,29,1); /* browse version */ commentp = p+31; @@ -916,6 +936,7 @@ ip_equal(bcast_ip,d->bcast_ip)) { /* do master announcements as well */ + SIVAL(stypep,0,ServerType); CVAL(outbuf,0) = 15; /* local master announce */ send_udp_dgram(ClientDGRAM,outbuf,PTR_DIFF(p,outbuf), @@ -1069,7 +1090,7 @@ if (!listening(&dgram->dest_name)) return; - ttl = MIN(ttl,lp_max_ttl()); + ttl = GET_TTL(ttl); /* add them to our browse list */ add_server_entry(name,servertype,ttl,comment,True); @@ -1433,7 +1454,7 @@ char *qname = nmb->question.question_name.name; BOOL wildcard = (qname[0] == '*'); BOOL bcast = nmb->header.nm_flags.bcast; - int ttl = MIN(lp_max_ttl(),nmb->additional->ttl); + int ttl = GET_TTL(nmb->additional->ttl); int name_type = nmb->question.question_name.name_type; int nb_flags = nmb->additional->rdata[0]; struct packet_struct p2; @@ -2058,6 +2079,10 @@ StartupTime = time(NULL); TimeInit(); + +#ifdef SYSLOG + openlog(argv[0], LOG_PID, LOG_DAEMON); +#endif charset_initialise(); diff -u -r --new-file last-version/source/nmblookup.c samba-1.9.15p4/source/nmblookup.c --- last-version/source/nmblookup.c Wed Nov 22 18:33:01 1995 +++ samba-1.9.15p4/source/nmblookup.c Thu Nov 23 11:14:01 1995 @@ -20,6 +20,10 @@ */ +#ifdef SYSLOG +#undef SYSLOG +#endif + #include "includes.h" #include "nameserv.h" @@ -121,6 +125,10 @@ TimeInit(); charset_initialise(); + +#ifdef SYSLOG + openlog(argv[0], LOG_PID, LOG_DAEMON); +#endif dbf = stdout; diff -u -r --new-file last-version/source/password.c samba-1.9.15p4/source/password.c --- last-version/source/password.c Wed Nov 22 14:57:44 1995 +++ samba-1.9.15p4/source/password.c Fri Nov 24 23:19:53 1995 @@ -579,6 +579,8 @@ BOOL challenge_done = False; #endif + if (password) password[pwlen] = 0; + #ifdef SMB_PASSWD if (pwlen == 24) challenge_done = last_challenge(challenge); diff -u -r --new-file last-version/source/pcap.c samba-1.9.15p4/source/pcap.c --- last-version/source/pcap.c Wed Jul 5 16:11:41 1995 +++ samba-1.9.15p4/source/pcap.c Fri Nov 24 11:59:49 1995 @@ -117,12 +117,13 @@ if ((p=strchr(line,':'))) { *p = '\0'; - if (strlen(p) <= 8) - { - strcpy(name,p); - iEtat = 1; - continue; - } + p = strtok(line,':'); + if (strcmp(p,"bsh")!=0) + { + strcpy(name,p); + iEtat = 1; + continue; + } } break; case 1: /* scanning device stanza */ diff -u -r --new-file last-version/source/server.c samba-1.9.15p4/source/server.c --- last-version/source/server.c Wed Nov 22 21:50:33 1995 +++ samba-1.9.15p4/source/server.c Thu Nov 23 11:03:36 1995 @@ -4008,6 +4008,10 @@ charset_initialise(); +#ifdef SYSLOG + openlog(argv[0], LOG_PID, LOG_DAEMON); +#endif + /* make absolutely sure we run as root - to handle cases whre people are crazy enough to have it setuid */ #ifdef USE_SETRES diff -u -r --new-file last-version/source/smb.h samba-1.9.15p4/source/smb.h --- last-version/source/smb.h Wed Nov 22 14:58:18 1995 +++ samba-1.9.15p4/source/smb.h Thu Nov 23 11:03:36 1995 @@ -83,7 +83,14 @@ #endif /* debugging code */ +#ifndef SYSLOG #define DEBUG(level,body) ((DEBUGLEVEL>=(level))?(Debug1 body):0) +#else +EXTERN int syslog_level; + +#define DEBUG(level,body) ((DEBUGLEVEL>=(level))? \ + (syslog_level = (level), Debug1 body):0) +#endif #define DIR_STRUCT_SIZE 43 @@ -658,7 +665,7 @@ void string_replace(char *s,char old,char new); BOOL user_in_list(char *user,char *list); BOOL string_sub(char *s,char *pattern,char *insert); -char *StrnCpy(char *dest,char *src,int n); +char *StrnCpy(char *dest,const char *src,int n); char *validated_username(int vuid); BOOL set_user_password(char *user,char *oldpass,char *newpass); int smb_buf_ofs(char *buf); diff -u -r --new-file last-version/source/smbpasswd.c samba-1.9.15p4/source/smbpasswd.c --- last-version/source/smbpasswd.c Sat Nov 11 10:56:17 1995 +++ samba-1.9.15p4/source/smbpasswd.c Thu Nov 23 11:03:37 1995 @@ -235,6 +235,10 @@ charset_initialise(); +#ifdef SYSLOG + openlog(argv[0], LOG_PID, LOG_DAEMON); +#endif + #ifndef DEBUG_PASSWORD /* Check the effective uid */ if (geteuid() != 0) { diff -u -r --new-file last-version/source/status.c samba-1.9.15p4/source/status.c --- last-version/source/status.c Fri Nov 17 08:33:15 1995 +++ samba-1.9.15p4/source/status.c Thu Nov 23 11:14:41 1995 @@ -23,6 +23,10 @@ * This program reports current SMB connections */ +#ifdef SYSLOG +#undef SYSLOG +#endif + #include "includes.h" #include "loadparm.h" diff -u -r --new-file last-version/source/testparm.c samba-1.9.15p4/source/testparm.c --- last-version/source/testparm.c Sun Nov 12 13:09:09 1995 +++ samba-1.9.15p4/source/testparm.c Thu Nov 23 11:03:37 1995 @@ -48,6 +48,10 @@ charset_initialise(); +#ifdef SYSLOG + openlog(argv[0], LOG_PID, LOG_DAEMON); +#endif + if (argc < 2) strcpy(configfile,CONFIGFILE); else diff -u -r --new-file last-version/source/testprns.c samba-1.9.15p4/source/testprns.c --- last-version/source/testprns.c Thu Jun 29 18:15:56 1995 +++ samba-1.9.15p4/source/testprns.c Thu Nov 23 11:03:37 1995 @@ -45,6 +45,10 @@ charset_initialise(); +#ifdef SYSLOG + openlog(argv[0], LOG_PID, LOG_DAEMON); +#endif + if (argc < 2 || argc > 3) printf("Usage: testprns printername [printcapfile]\n"); else diff -u -r --new-file last-version/source/trans2.c samba-1.9.15p4/source/trans2.c --- last-version/source/trans2.c Wed Nov 22 21:52:27 1995 +++ samba-1.9.15p4/source/trans2.c Fri Nov 24 14:46:43 1995 @@ -264,6 +264,7 @@ BOOL isrootdir = (strequal(Connections[cnum].dirpath,"./") || strequal(Connections[cnum].dirpath,".") || strequal(Connections[cnum].dirpath,"/")); + BOOL was_8_3; *fname = 0; *out_of_space = False; @@ -346,19 +347,7 @@ p = pdata; name_ptr = p; -#ifdef MANGLE_LONG_FILENAMES - { - BOOL illegal = False; - int i; - int l = strlen(fname); - for (i=0;i<l;i++) - if (strchr("*\\/?<>|\":{}",fname[i])) { - illegal = True; - break; - } - name_map_mangle(fname,illegal,SNUM(cnum)); - } -#endif + name_map_mangle(fname,False,SNUM(cnum)); switch (info_level) { @@ -432,6 +421,7 @@ break; case SMB_FIND_FILE_BOTH_DIRECTORY_INFO: + was_8_3 = is_8_3(fname); SIVAL(p,0,94+strlen(fname)); p += 4; SIVAL(p,0,reskey); p += 4; put_long_date(p,cdate); p += 8; @@ -443,8 +433,12 @@ SIVAL(p,0,mode); p += 4; SIVAL(p,0,strlen(fname)); p += 4; SIVAL(p,0,0); p += 4; - if (!is_8_3(fname)) { + if (!was_8_3) { +#ifndef KANJI strcpy(p+2,unix2dos_format(fname,False)); +#else + strcpy(p+2,fname); +#endif name_map_mangle(p+2,True,SNUM(cnum)); } else *(p+2) = 0; diff -u -r --new-file last-version/source/util.c samba-1.9.15p4/source/util.c --- last-version/source/util.c Wed Nov 22 17:14:00 1995 +++ samba-1.9.15p4/source/util.c Thu Nov 23 11:19:04 1995 @@ -20,6 +20,7 @@ */ #include "includes.h" +#include "loadparm.h" pstring scope = ""; @@ -69,6 +70,7 @@ int ReadSize = 16*1024; pstring debugf = "/tmp/log.samba"; +int syslog_level; /* the following control case operations - they are put here so the client can link easily */ @@ -103,16 +105,20 @@ char *format_str; #endif va_list ap; - - if (!dbf) - { - dbf = fopen(debugf,"w"); - if (dbf) - setbuf(dbf,NULL); - else - return(0); - } +#ifdef SYSLOG + if (!lp_syslog_only()) +#endif + { + if (!dbf) + { + dbf = fopen(debugf,"w"); + if (dbf) + setbuf(dbf,NULL); + else + return(0); + } + } #ifdef __STDC__ va_start(ap, format_str); @@ -121,9 +127,41 @@ format_str = va_arg(ap,char *); #endif - vfprintf(dbf,format_str,ap); +#ifdef SYSLOG + if (syslog_level < lp_syslog()) + { + /* + * map debug levels to syslog() priorities + * note that not all DEBUG(0, ...) calls are + * necessarily errors + */ + static int priority_map[] = { + LOG_ERR, /* 0 */ + LOG_WARNING, /* 1 */ + LOG_NOTICE, /* 2 */ + LOG_INFO, /* 3 */ + }; + int priority; + pstring msgbuf; + + if (syslog_level >= sizeof(priority_map) / sizeof(priority_map[0]) || + syslog_level < 0) + priority = LOG_DEBUG; + else + priority = priority_map[syslog_level]; + + vsprintf(msgbuf, format_str, ap); - fflush(dbf); + msgbuf[255] = '\0'; + syslog(priority, "%s", msgbuf); + } + + if (!lp_syslog_only()) +#endif + { + vfprintf(dbf,format_str,ap); + fflush(dbf); + } va_end(ap); return(0); @@ -698,7 +736,7 @@ /**************************************************************************** line strncpy but always null terminates. Make sure there is room! ****************************************************************************/ -char *StrnCpy(char *dest,char *src,int n) +char *StrnCpy(char *dest,const char *src,int n) { char *d = dest; if (!dest) return(NULL); @@ -3011,7 +3049,7 @@ return; } - /* Get a list of the configures interfaces */ + /* Get a list of the configured interfaces */ #ifdef USE_IFREQ ifc = (struct ifconf *)buff; ifc->ifc_len = BUFSIZ - sizeof(struct ifconf); @@ -3032,7 +3070,7 @@ } } } -#elif defined(__FreeBSD__) +#elif defined(__FreeBSD__) || defined(NETBSD) ifc.ifc_len = sizeof(buff); ifc.ifc_buf = buff; if (ioctl(sock, SIOCGIFCONF, &ifc) < 0) { @@ -3543,7 +3581,7 @@ bzero((char *)&sock,sizeof(sock)); memcpy((char *)&sock.sin_addr,(char *)hp->h_addr, hp->h_length); -#ifdef __FreeBSD__ /* XXX not the right ifdef */ +#if defined(__FreeBSD__) || defined(NETBSD) /* XXX not the right ifdef */ sock.sin_len = sizeof(sock); #endif sock.sin_port = htons( port ); @@ -4263,6 +4301,30 @@ return unlink (zfrom); } #endif + + +#ifdef REPLACE_INNETGR +/* + * Search for a match in a netgroup. This replaces it on broken systems. + */ +int InNetGr(group, host, user, dom) + char *group, *host, *user, *dom; +{ + char *hst, *usr, *dm; + + setnetgrent(group); + while (getnetgrent(&hst, &usr, &dm)) + if (((host == 0) || (hst == 0) || !strcmp(host, hst)) && + ((user == 0) || (usr == 0) || !strcmp(user, usr)) && + ((dom == 0) || (dm == 0) || !strcmp(dom, dm))) { + endnetgrent(); + return (1); + } + endnetgrent(); + return (0); +} +#endif + #if WRAP_MEMCPY #undef memcpy diff -u -r --new-file last-version/source/version.h samba-1.9.15p4/source/version.h --- last-version/source/version.h Wed Nov 22 22:10:03 1995 +++ samba-1.9.15p4/source/version.h Fri Nov 24 23:20:42 1995 @@ -1 +1 @@ -#define VERSION "1.9.15p3" +#define VERSION "1.9.15p4"