# You must at least adjust the "interfaces" directive to match# your IP address and subnet mask (if used) as the current version# of Samba/iX is unable to retrieve the NMMGR configured values.# Some of the directives in this sample file are redundant because# they explicitly specify hardcoded default values that would also# be in effect if the directives were omitted. They are nevertheless# included here to document their availability for customization.# IMPORTANT WARNING: Some of the configuration options do have serious# security implications and can cause risks or security holes if used# improperly, especially when you decide to run the SMBD job under a# user with PM (or even SM) capabilities or even select an SM capable# user in the "guest account" directive.# The documentation for smb.conf (available as man page in ../docs as# well as HTML file in ../html) is thus STRONGLY RECOMMENDED reading!# Also see the installation and configuration instructions for the# different ways of running SMBD (i.e. with or without a PM user and# even without PM program capabilities at all) and the associated# tradeoffs between feature sets and security issues.# ---------------------------------------------------------------------# GLOBAL section (general parms and defaults for other sections)[global]# you MUST supply IP address and subnet mask of your 3000 here interfaces = 12.34.56.78/255.0.0.0# config file and log file used by smbd and nmbd are typically# specified as command line options, unless you are using macros# like eg %S or %m to get different files for each service or# client machine, which allows very sophisticated (albeit complex)# configurations (also see "include" directive and smb.conf doc)# config file = /usr/local/samba/lib/smb.conf# log file = /usr/local/samba/var/log.smb# mapping of incoming usernames is possible and may e.g. be used# to allow clients using Unix or PC style names like root or lappel# instead of MPE style names like manager.sys or lars.appel# multiple alias names are possible e.g. lars.appel = lappel lars username map = /usr/local/samba/lib/user.map# printcap file lists printer names for use by [printers] section printcap name = /usr/local/samba/lib/printcap# how much detail you want in the logfile (try 3 or 5 or higher) debug level = 1# can use a shell script if system does not supply statfs() routine# dfree command = /usr/local/samba/lib/myfree# used in conjunction with printcap file and [printers] section load printers = yes# the workgroup that your server belongs to workgroup = SambaIX# these can be used e.g. to create logon/logoff like console messages# preexec = callci /usr/local/samba/lib/tellop tcon %S %u %m %I# postexec = callci /usr/local/samba/lib/tellop tdis %S %u %m %I# shares may be configured to accept connections without a validated# user id and password (similar to anonymous ftp) and then assume the# guest logon identity for accessing files and printers guest account = mgr.samba# ---------------------------------------------------------------------# PRINTERS section (optional but useful)# This section work in conjunction with the printcap file and allows# to configure a large number of printer shares without having to add# separate detailed sections for each of them. The printer names and# optional aliases are listed in the printcap file and the config parms# are defined here. Special printers can still be defined explicitly.# Directive "load printers" makes all entries available for browsing.# Directive "auto services" allows a more selective browse offering.[printers]# only want printer shares shown, not the [printers] section itself browseable = no# enable this service for printing but not for file access print ok = yes write ok = no# current version has problems with printing for non-guest users guest ok = yes guest only = yes# the "staging" directory for print requests path = /usr/local/samba/spool# permissions will be more meaningful when non-guest printing works create mode = 0700# the lp family of print command only work as of MPE/iX release 5.5# the rawlp utility sends file contents to spooler like "lp -oraw" print command = /usr/local/samba/lib/rawlp %s %p ; rm %s# ---------------------------------------------------------------------# HOMES section (optional but sometimes useful)# This section provides access to user's home directories without# having to add a separate section for each of them. The share name# is considered to be a valid user id and the path defaults to that# user's home directory. The share is created "on the fly" by using# attributes from this section.# Notice that home directories on MPE/iX are currently MPE groups# and grant CD and TD permissions to every user (not just the user# who belongs to this home group). This is equivalent to LISTFILE# ability across the whole system (at least on group levels). Read# or write access are nevertheless controlled by file system plus# smb.conf security definitions.# Notice further that either the connecting user or the user derived# from the share name may be validated by the appropriate passwords.# Thus it is possible e.g. for user lars.appel to connect to the home# directory of manager.sys - with access rights bound by file system.# Confusing, isn't it? -- You might want to comment out [homes] thus.[homes]# only want home share shown, not the [homes] section itself browseable = no# allowing guest logon is usually not desired for home directories guest ok = no# write access is usually desired for home directories but keep in# mind that there is also the file system permissions that decide# if the connecting user (validated by password) may read or write write ok = yes# this one attempts to restrict "cross access" e.g. the user lars.appel# to the home of manager.sys -- but may cause problems for some clients valid users = %S# ---------------------------------------------------------------------# OTHER sections (explicit definitions of file or printer shares)# The writable shares are placed under an MPE group with space limit[temp]# multiple users share one server directory but independent file# ownership is maintained so that they might be able to "see" other# users' files but still be unable to get read or write access comment = Shared temp space for non-guest users guest ok = no write ok = yes path = /SAMBA/SHR/temp[public]# multiple users share one server directory but file ownership is# forced to the guest logon identity resulting in every user being# able to "see" as well as read or write the other users's files comment = Shared space with all users forced to guest guest ok = yes guest only = yes write ok = yes path = /SAMBA/SHR/public[sambadoc] comment = Samba doc files (readonly but guest allowed)guest ok = yeswrite ok = nopath = /usr/local/samba/docs[sambahtm] comment = Samba HTML files (readonly but guest allowed) guest ok = yes write ok = no path = /usr/local/samba/html |
