path: root/siguix/doc/samba.texi

\input texinfo

@setfilename samba.info
@documentencoding UTF-8
@settitle Samba Service

@node Samba Services
@subsection Samba Services

@cindex samba
@cindex smb
The @code{(gnu services samba)} module provides Guix service definitions
for Samba as well as additional helper services.  Currently it provides
the following services:

@subsubheading Samba

Samba provides network shares for folder and printers, it can also be an
AD DC for other samba hosts in an heterougenious network with Windows
computers.

@defvar{samba-service-type}

The service type to enable the samba services @code{samba}, @code{nmbd},
@code{smbd} and @code{winbindd}.  By default this service type does not
run as an AD DC, hence @code{samba} remains disabled.  It is recommended
that Samba's package is added to the system profile to have the tool-set
available for modifications in Samba's runtime directories.

@end defvar

@deftp{Data Type} samba-service-configuration
Configuration record for the Samba suite.

@table @asis
@item @code{package} (default: @code{samba})
The samba package to use.

@item @code{config-file} (default: @code{#f})
The config file to use.  Please note: Setting this variable will disable
all config options that come after @code{enable-winbindd?}.

@item @code{enable-samba?} (default: @code{#f})
Manually enable the @code{samba} daemon.

@item @code{enable-smbd?} (default: @code{#f})
Manually enable the @code{smbd} daemon.

@item @code{enable-nmbd?} (default: @code{#f})
Manually enable the @code{nmbd} daemon.

@item @code{enable-winbindd?} (default: @code{#f})
Manually enable the @code{winbindd} daemon.

@item @code{workgroup} (default: @code{"WORKGROUP"})
This controls what workgroup your server will appear to be in when
queried by clients.

@item @code{server-string} (default: @code{"Samba Server"})
This controls what string will show up in the printer comment box in
print manager and next to the IPC connection in net view.  It can be any
string that you wish to show to your users.

@item @code{server-role} (default: @code{"standalone"})
This option determines the basic operation mode of a Samba server and is
one of the most important settings in the @code{smb.conf} file.

@item @code{bind-interfaces-only?} (default: @code{#f})
This global parameter allows the Samba admin to limit what interfaces on
a machine will serve SMB requests.  It affects file service
@code{smbd(8)} and name service @code{nmbd(8)} in slightly different
ways.

@item @code{interfaces} (default: @code{'()})
This option allows you to override the default network interfaces list
that Samba will use for browsing, name registration and other NetBIOS
over TCTP/IP (NBT) traffic.  By default Samba will query the kernel for
the list of all active interfaces and use any interfaces except
127.0.0.1 that are broadcast capable.

@item @code{hosts-allow} (default @code{'()})
This parameter is a list of hosts which are permitted to access a
service.

@item @code{guest-account} (default: @code{"nobody"})
This is a username which will be used for access to services.

@item @code{log-file} (default: @code{"/var/log/samba/log.%m"})
This option allows you to override the name of the Samba log file (also
known as the debug file).

@item @code{logging} (default: @code{"file"})
This parameter configures logging backends.  Multiple backends can be
specified at the same time, with different log levels for each backend.

@item @code{realm} (default: @code{#f})
This option specifies the kerberos realm to use. The realm is used as
the ADS equivalent of the NT4 domain.  It is usually set to the DNS name
of the kerberos server.

@item @code{passdb-backend} (default: @code{#f})
This option allows the administrator to chose which backend will be used
for storing user and possibly group information.  This allows you to swap
between different storage mechanisms without recompile.

@item @code{include-config} (default: @code{#f})
This allows you to include one config file inside another.  The file is
included literally, as though typed in place.

@item @code{logon-path} (default: @code{"\\\\%N\\%U\\profile"})
This option takes the standard substitutions, allowing you to have
separate logon scripts for each user or machine.  It also specifies the
directory from which the ``Application Data'', desktop, start menu,
network neighborhood, programs and other folders, and their contents,
are loaded and displayed on your Windows NT client.

@item @code{wins-support?} (default: @code{#f})
This boolean controls if the @code{nmbd(8)} process in Samba will act as
a WINS server.  You should not set this to yes unless you have a
multi-subnetted network and you wish a particular nmbd to be your WINS
server.  Note that you should @emph{never} set this to yes on more than
one machine in your network.

@item @code{wins-server} (default: @code{#f})
This specifies the IP address (or DNS name: IP address for preference)
of the WINS server that @code{nmbd(8)} should register with.  If you
have a WINS server on your network then you should set this to the WINS
server's IP.

@item @code{wins-proxy?} (default: @code{#f})
This is a boolean that controls if @code{nmbd(8)} will respond to
broadcast name queries on behalf of other hosts.  You may need to set
this to @code{#t} for some older clients.


@item @code{dns-proxy?} (default: @code{#t})
Specifies that @code{nmbd(8)} when acting as a WINS server and finding
that a NetBIOS name has not been registered, should treat the NetBIOS
name word-for-word as a DNS name and do a lookup with the DNS server for
that name on behalf of the name-querying client.


@item @code{config-sections} (default: @code{#f})
Extra config sections to add to the tail of the generated config file
@code{smb.conf}.

@end table
@end deftp

@cindex wsdd
@subsubheading Web Service Discovery Daemon

Web Service Discovery Daemon implements the WSD protocoll.  It is a
drop-in replacement for host discovery that lack support for the SMBv1
protocol.

@defvr{Scheme Variable} wsdd-service-type

Service type for the Web Service Discoery host daemon.  The value for
this service type is a @code{wsdd-configuration} record.  The details
for the @code{wsdd-configuration} record type are given below.
@end defvr

@deftp{Data Type} wsdd-configuration This data type represents the
configuration for the wsdd service.

@table @asis

@item @code{package} (default: @code{wsdd})
The wsdd package to use.

@item @code{ipv4only?} (default: @code{#f})
Only listen to ipv4 addresses.

@item @code{ipv6only} (default: @code{#f})
Only listen to ipv6 addresses.  Please note: Activating both options is
not possible, since there would be no ip versions to listen to.

@item @code{chroot} (default: @code{#f})
Chroot into a sperate directory to prevent access to other directories.
This is to increase security in case there is a vulnerability in
@command{wsdd}.

@item @code{hoplimit} (default: @code{1})
Limit to the level of hops for multicast packets.  The default is
@var{1} which should prevent packets from leaving the local network.

@item @code{interface} (default: @code{'()})
Limit to the given list of interfaces to listen to.  By default wsdd
will listen to all interfaces.  Except the loopback interface is never
used.

@item @code{uuid-device} (default: @code{#f})
The WSD protocol requires a device to have a UUID.  Set this to manually
assign the service a UUID.

@item @code{domain} (default: @code{#f})
Notify this host is a member of an Active Directory.

@item @code{hostname} (default: @code{#f})
Manually set the hostname rather than letting @command{wsdd} inherit
this host's hostname.

@item @code{preserve-case?} (default: @code{#f})
By default @command{wsdd} will convert the hostname in workgroup to all
uppercase.  The opposite is true for hostnames in domains.  Setting this
parameter will preserve case.

@item @code{workgroup} (default: @var{"WORKGROUP"})
Change the name of the workgroup.  By default @command{wsdd} reports
this host being member of a workgroup.


@end table
@end deftp


@c Local Variables:
@c ispell-local-dictionary: "american";
@c End: