Difference between revisions of "Frequently Asked Questions"
From SambaWiki
Whitecraig (talk | contribs) (First sub page) |
Mmuehlfeld (talk | contribs) m (Updated link) |
||
| (18 intermediate revisions by 9 users not shown) | |||
| Line 1: | Line 1: | ||
| + | ==What are tdb files?== |
||
| − | <ul> |
||
| + | Answered by Jerry Carter on samba@lists.samba.org |
||
| − | <li>file ownership</li> |
||
| + | [http://lists.samba.org/archive/samba/2005-March/102412.html] |
||
| − | <li>inherit permissions</li> |
||
| + | Samba uses a lightweight database called Trivial Database |
||
| − | <li>guest access</li> |
||
| + | (tdb). Here's the list (john, we should really document |
||
| − | </ul> |
||
| + | this somewhere).<br> |
||
| + | (*) information persistent across restarts (but not necessarily important to backup). |
||
| + | <table> |
||
| + | <tr> |
||
| + | <td>account_policy.tdb*</td><td>NT account policy settings such as pw expiration, etc...</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>brlock.tdb</td><td>byte range locks</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>browse.dat</td><td>browse lists</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>connections.tdb</td><td>share connections (used to enforce max connections, etc...)</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>gencache.tdb</td><td>generic caching db</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>group_mapping.tdb*</td><td>group mapping information</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>lang_en.tdb</td><td>Language encodings (i think).</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>locking.tdb</td><td>share modes & oplocks</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>login_cache.tdb*</td><td>bad pw attempts</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>messages.tdb</td><td>Samba [[messaging]] system</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>netsamlogon_cache.tdb*</td><td>cache of user net_info_3 struct from net_samlogon() request (as a domain member)</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>ntdrivers.tdb*</td><td>installed printer drivers</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>ntforms.tdb*</td><td>installed printer forms</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>ntprinters.tdb*</td><td>installed printer information</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>printing/</td><td>directory containing tdb per print queue of cached lpq output</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>registry.tdb</td><td>Windows registry skeleton (connect via regedit.exe)</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>sessionid.tdb</td><td>session information (e.g. support for 'utmp = yes')</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>share_info.tdb*</td><td>share acls</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>unexpected.tdb</td><td>unexpected packet queue needed to support windows clients that respond on a difference port that the originating request) (i could be wrong on this one).</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>winbindd_cache.tdb</td><td>winbindd's cache of user lists, etc...</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>winbindd_idmap.tdb*</td><td>winbindd's local idmap db</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>wins.dat*</td><td>wins database when 'wins support = yes'</td> |
||
| + | </tr> |
||
| + | </table> |
||
| + | In the ''private'' subdirectory we have two more tdb files: |
||
| + | <table> |
||
| + | <tr> |
||
| + | <td>secrets.tdb*</td><td>Private information like workstation passwords, the ldap admin dn and trust account information</td> |
||
| + | </tr> |
||
| + | <tr> |
||
| + | <td>passdb.tdb*</td><td>User account information if passdb backend = tdbsam is used</td> |
||
| + | </tr> |
||
| + | </table> |
||
| + | The following tdb's should be backed up IMO:<br> |
||
| + | nt*.tdb |
||
| + | account_policy.tdb |
||
| + | group_mapping.tdb |
||
| + | share_info.tdb |
||
| + | winbindd_idmap.tdb |
||
| + | secrets.tdb |
||
| + | passdb.tdb |
||
| + | |||
| + | ==Example== |
||
| + | To back up printing.tdb: |
||
| + | |||
| + | <nowiki>root# ls |
||
| + | . browse.dat locking.tdb ntdrivers.tdb printing.tdb |
||
| + | .. share_info.tdb connections.tdb messages.tdb ntforms.tdb |
||
| + | printing.tdbkp unexpected.tdb brlock.tdb gmon.out namelist.debug |
||
| + | ntprinters.tdb sessionid.tdb |
||
| + | |||
| + | root# tdbbackup -s .bak printing.tdb |
||
| + | printing.tdb : 135 records |
||
| + | |||
| + | root# ls -l printing.tdb* |
||
| + | -rw------- 1 root root 40960 May 2 03:44 printing.tdb |
||
| + | -rw------- 1 root root 40960 May 2 03:44 printing.tdb.bak</nowiki> |
||
| + | ---- |
||
| + | |||
| + | ==vfs - An example for a recycle container on a samba share == |
||
| + | vfs objects = recycle |
||
| + | recycle:keeptree = yes |
||
| + | recycle:versions = yes |
||
| + | recycle:touch = yes |
||
| + | recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP |
||
| + | recycle:exclude_dir= /tmp,/temp,/cache |
||
| + | recycle:repository = .recycle/.recycle.%u |
||
| + | recycle:noversions = *.doc,*.xls,*.ppt |
||
| + | #hide files = /.recycle.*/.recycle/ |
||
| + | #veto files = /.recycle.*/.recycle/ |
||
| + | |||
| + | ==inherit permissions== |
||
| + | |||
| + | Use the UNIX form of setgid to make all files and subdirectories belong to the enclosing group. |
||
| + | |||
| + | For example: the root directory for a samba share appears as: |
||
| + | # ls -ld /home/storage |
||
| + | drwxrwxr-x 47 root dom_users 4096 Jan 31 08:09 /home/storage |
||
| + | |||
| + | change the directory so all files & subdirectories created will belong to 'dom_users' group: |
||
| + | # chmod g+s /home/storage |
||
| + | verify the results: |
||
| + | # ls -ld /home/storage |
||
| + | drwxrwsr-x 47 root dom_users 4096 Jan 31 08:09 /home/storage |
||
| + | if you create a new file 'abc' as user 'foo' who has the primary group 'users' the file is created as |
||
| + | # ls -ld /home/storage/* |
||
| + | drwxrwsr-x 47 foo dom_users 4096 Jan 31 08:09 /home/storage/abc |
||
| + | |||
| + | ==guest access== |
||
| + | To provide Guest Access to samba please see the page: [[Setting_up_Samba_as_a_Standalone_Server|Setting up Samba as a Standalone Server]] |
||
Latest revision as of 15:37, 7 January 2017
What are tdb files?
Answered by Jerry Carter on samba@lists.samba.org [1]
Samba uses a lightweight database called Trivial Database
(tdb). Here's the list (john, we should really document
this somewhere).
(*) information persistent across restarts (but not necessarily important to backup).
| account_policy.tdb* | NT account policy settings such as pw expiration, etc... |
| brlock.tdb | byte range locks |
| browse.dat | browse lists |
| connections.tdb | share connections (used to enforce max connections, etc...) |
| gencache.tdb | generic caching db |
| group_mapping.tdb* | group mapping information |
| lang_en.tdb | Language encodings (i think). |
| locking.tdb | share modes & oplocks |
| login_cache.tdb* | bad pw attempts |
| messages.tdb | Samba messaging system |
| netsamlogon_cache.tdb* | cache of user net_info_3 struct from net_samlogon() request (as a domain member) |
| ntdrivers.tdb* | installed printer drivers |
| ntforms.tdb* | installed printer forms |
| ntprinters.tdb* | installed printer information |
| printing/ | directory containing tdb per print queue of cached lpq output |
| registry.tdb | Windows registry skeleton (connect via regedit.exe) |
| sessionid.tdb | session information (e.g. support for 'utmp = yes') |
| share_info.tdb* | share acls |
| unexpected.tdb | unexpected packet queue needed to support windows clients that respond on a difference port that the originating request) (i could be wrong on this one). |
| winbindd_cache.tdb | winbindd's cache of user lists, etc... |
| winbindd_idmap.tdb* | winbindd's local idmap db |
| wins.dat* | wins database when 'wins support = yes' |
In the private subdirectory we have two more tdb files:
| secrets.tdb* | Private information like workstation passwords, the ldap admin dn and trust account information |
| passdb.tdb* | User account information if passdb backend = tdbsam is used |
The following tdb's should be backed up IMO:
nt*.tdb
account_policy.tdb
group_mapping.tdb
share_info.tdb
winbindd_idmap.tdb
secrets.tdb
passdb.tdb
Example
To back up printing.tdb:
root# ls
. browse.dat locking.tdb ntdrivers.tdb printing.tdb
.. share_info.tdb connections.tdb messages.tdb ntforms.tdb
printing.tdbkp unexpected.tdb brlock.tdb gmon.out namelist.debug
ntprinters.tdb sessionid.tdb
root# tdbbackup -s .bak printing.tdb
printing.tdb : 135 records
root# ls -l printing.tdb*
-rw------- 1 root root 40960 May 2 03:44 printing.tdb
-rw------- 1 root root 40960 May 2 03:44 printing.tdb.bak
----
vfs objects = recycle
recycle:keeptree = yes
recycle:versions = yes
recycle:touch = yes
recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP
recycle:exclude_dir= /tmp,/temp,/cache
recycle:repository = .recycle/.recycle.%u
recycle:noversions = *.doc,*.xls,*.ppt
#hide files = /.recycle.*/.recycle/
#veto files = /.recycle.*/.recycle/
inherit permissions
Use the UNIX form of setgid to make all files and subdirectories belong to the enclosing group.
For example: the root directory for a samba share appears as:
# ls -ld /home/storage drwxrwxr-x 47 root dom_users 4096 Jan 31 08:09 /home/storage
change the directory so all files & subdirectories created will belong to 'dom_users' group:
# chmod g+s /home/storage
verify the results:
# ls -ld /home/storage drwxrwsr-x 47 root dom_users 4096 Jan 31 08:09 /home/storage
if you create a new file 'abc' as user 'foo' who has the primary group 'users' the file is created as
# ls -ld /home/storage/* drwxrwsr-x 47 foo dom_users 4096 Jan 31 08:09 /home/storage/abc
guest access
To provide Guest Access to samba please see the page: Setting up Samba as a Standalone Server