Difference between revisions of "Frequently Asked Questions"

(First sub page)
 
m (Updated link)
 
(18 intermediate revisions by 9 users not shown)
Line 1: Line 1:
<ul>
+
==What are tdb files?==
   <li>file ownership</li>
+
  Answered by Jerry Carter on samba@lists.samba.org
   <li>inherit permissions</li>
+
  [http://lists.samba.org/archive/samba/2005-March/102412.html]
   <li>guest access</li>
+
Samba uses a lightweight database called Trivial Database
</ul>
+
(tdb).  Here's the list  (john, we should really document
 +
this somewhere).<br>
 +
(*) information persistent across restarts (but not necessarily important to backup).
 +
<table>
 +
  <tr>
 +
    <td>account_policy.tdb*</td><td>NT account policy settings such as pw expiration, etc...</td>
 +
  </tr>
 +
  <tr>
 +
    <td>brlock.tdb</td><td>byte range locks</td>
 +
  </tr>
 +
  <tr>
 +
    <td>browse.dat</td><td>browse lists</td>
 +
  </tr>
 +
  <tr>
 +
    <td>connections.tdb</td><td>share connections (used to enforce max connections, etc...)</td>
 +
  </tr>
 +
  <tr>
 +
    <td>gencache.tdb</td><td>generic caching db</td>
 +
  </tr>
 +
  <tr>
 +
    <td>group_mapping.tdb*</td><td>group mapping information</td>
 +
  </tr>
 +
  <tr>
 +
    <td>lang_en.tdb</td><td>Language encodings (i think).</td>
 +
  </tr>
 +
  <tr>
 +
    <td>locking.tdb</td><td>share modes & oplocks</td>
 +
  </tr>
 +
  <tr>
 +
    <td>login_cache.tdb*</td><td>bad pw attempts</td>
 +
  </tr>
 +
  <tr>
 +
    <td>messages.tdb</td><td>Samba [[messaging]] system</td>
 +
  </tr>
 +
  <tr>
 +
    <td>netsamlogon_cache.tdb*</td><td>cache of user net_info_3 struct from net_samlogon() request (as a domain member)</td>
 +
  </tr>
 +
  <tr>
 +
    <td>ntdrivers.tdb*</td><td>installed printer drivers</td>
 +
  </tr>
 +
  <tr>
 +
    <td>ntforms.tdb*</td><td>installed printer forms</td>
 +
  </tr>
 +
  <tr>
 +
    <td>ntprinters.tdb*</td><td>installed printer information</td>
 +
  </tr>
 +
  <tr>
 +
    <td>printing/</td><td>directory containing tdb per print queue of cached lpq output</td>
 +
  </tr>
 +
  <tr>
 +
    <td>registry.tdb</td><td>Windows registry skeleton (connect via regedit.exe)</td>
 +
  </tr>
 +
  <tr>
 +
    <td>sessionid.tdb</td><td>session information (e.g. support for 'utmp = yes')</td>
 +
  </tr>
 +
  <tr>
 +
    <td>share_info.tdb*</td><td>share acls</td>
 +
  </tr>
 +
  <tr>
 +
    <td>unexpected.tdb</td><td>unexpected packet queue needed to support windows clients that respond on a difference port that the originating request)  (i could be wrong on this one).</td>
 +
  </tr>
 +
  <tr>
 +
    <td>winbindd_cache.tdb</td><td>winbindd's cache of user lists, etc...</td>
 +
  </tr>
 +
  <tr>
 +
    <td>winbindd_idmap.tdb*</td><td>winbindd's local idmap db</td>
 +
  </tr>
 +
  <tr>
 +
    <td>wins.dat*</td><td>wins database when 'wins support = yes'</td>
 +
   </tr>
 +
</table>
 +
In the ''private'' subdirectory we have two more tdb files:
 +
<table>
 +
<tr>
 +
   <td>secrets.tdb*</td><td>Private information like workstation passwords, the ldap admin dn and trust account information</td>
 +
</tr>
 +
<tr>
 +
   <td>passdb.tdb*</td><td>User account information if passdb backend = tdbsam is used</td>
 +
</tr>
 +
</table>
 +
The following tdb's should be backed up IMO:<br>
 +
&nbsp;&nbsp;nt*.tdb
 +
&nbsp;&nbsp;account_policy.tdb
 +
&nbsp;&nbsp;group_mapping.tdb
 +
&nbsp;&nbsp;share_info.tdb
 +
&nbsp;&nbsp;winbindd_idmap.tdb
 +
&nbsp;&nbsp;secrets.tdb
 +
&nbsp;&nbsp;passdb.tdb
 +
 
 +
==Example==
 +
To back up printing.tdb:
 +
 
 +
    <nowiki>root# ls
 +
    .              browse.dat    locking.tdb    ntdrivers.tdb printing.tdb
 +
    ..            share_info.tdb connections.tdb messages.tdb  ntforms.tdb
 +
    printing.tdbkp unexpected.tdb brlock.tdb      gmon.out      namelist.debug 
 +
    ntprinters.tdb sessionid.tdb
 +
 +
    root# tdbbackup -s .bak printing.tdb
 +
      printing.tdb : 135 records
 +
 +
    root# ls -l printing.tdb*
 +
      -rw-------    1 root    root        40960 May  2 03:44 printing.tdb
 +
      -rw-------    1 root    root        40960 May  2 03:44 printing.tdb.bak</nowiki>
 +
    ----
 +
 
 +
==vfs - An example for a recycle container on a samba share ==
 +
vfs objects =  recycle
 +
      recycle:keeptree = yes
 +
      recycle:versions = yes
 +
      recycle:touch = yes
 +
      recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP
 +
      recycle:exclude_dir=  /tmp,/temp,/cache
 +
      recycle:repository = .recycle/.recycle.%u
 +
      recycle:noversions = *.doc,*.xls,*.ppt
 +
      #hide files = /.recycle.*/.recycle/
 +
      #veto files = /.recycle.*/.recycle/
 +
 
 +
==inherit permissions==
 +
 
 +
Use the UNIX form of setgid to make all files and subdirectories belong to the enclosing group.
 +
 
 +
For example: the root directory for a samba share appears as:
 +
# ls -ld /home/storage
 +
drwxrwxr-x  47 root dom_users 4096 Jan 31 08:09 /home/storage
 +
 
 +
change the directory so all files & subdirectories created will belong to 'dom_users' group:
 +
# chmod g+s /home/storage
 +
verify the results:
 +
# ls -ld /home/storage
 +
drwxrwsr-x  47 root dom_users 4096 Jan 31 08:09 /home/storage
 +
if you create a new file 'abc' as user 'foo' who has the primary group 'users' the file is created as
 +
# ls -ld /home/storage/*
 +
drwxrwsr-x  47 foo  dom_users 4096 Jan 31 08:09 /home/storage/abc
 +
 
 +
==guest access==
 +
To provide Guest Access to samba please see the page: [[Setting_up_Samba_as_a_Standalone_Server|Setting up Samba as a Standalone Server]]

Latest revision as of 15:37, 7 January 2017

What are tdb files?

 Answered by Jerry Carter on samba@lists.samba.org
 [1]

Samba uses a lightweight database called Trivial Database (tdb). Here's the list (john, we should really document this somewhere).
(*) information persistent across restarts (but not necessarily important to backup).

account_policy.tdb*NT account policy settings such as pw expiration, etc...
brlock.tdbbyte range locks
browse.datbrowse lists
connections.tdbshare connections (used to enforce max connections, etc...)
gencache.tdbgeneric caching db
group_mapping.tdb*group mapping information
lang_en.tdbLanguage encodings (i think).
locking.tdbshare modes & oplocks
login_cache.tdb*bad pw attempts
messages.tdbSamba messaging system
netsamlogon_cache.tdb*cache of user net_info_3 struct from net_samlogon() request (as a domain member)
ntdrivers.tdb*installed printer drivers
ntforms.tdb*installed printer forms
ntprinters.tdb*installed printer information
printing/directory containing tdb per print queue of cached lpq output
registry.tdbWindows registry skeleton (connect via regedit.exe)
sessionid.tdbsession information (e.g. support for 'utmp = yes')
share_info.tdb*share acls
unexpected.tdbunexpected packet queue needed to support windows clients that respond on a difference port that the originating request) (i could be wrong on this one).
winbindd_cache.tdbwinbindd's cache of user lists, etc...
winbindd_idmap.tdb*winbindd's local idmap db
wins.dat*wins database when 'wins support = yes'

In the private subdirectory we have two more tdb files:

secrets.tdb*Private information like workstation passwords, the ldap admin dn and trust account information
passdb.tdb*User account information if passdb backend = tdbsam is used

The following tdb's should be backed up IMO:
  nt*.tdb   account_policy.tdb   group_mapping.tdb   share_info.tdb   winbindd_idmap.tdb   secrets.tdb   passdb.tdb

Example

To back up printing.tdb:

    root# ls
     .              browse.dat     locking.tdb     ntdrivers.tdb printing.tdb
     ..             share_info.tdb connections.tdb messages.tdb  ntforms.tdb
     printing.tdbkp unexpected.tdb brlock.tdb      gmon.out      namelist.debug  
     ntprinters.tdb sessionid.tdb
 
     root# tdbbackup -s .bak printing.tdb
      printing.tdb : 135 records
 
     root# ls -l printing.tdb*
      -rw-------    1 root     root        40960 May  2 03:44 printing.tdb
      -rw-------    1 root     root        40960 May  2 03:44 printing.tdb.bak
    ----

vfs - An example for a recycle container on a samba share

vfs objects =  recycle
      recycle:keeptree = yes
      recycle:versions = yes
      recycle:touch = yes
      recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP
      recycle:exclude_dir=  /tmp,/temp,/cache
      recycle:repository = .recycle/.recycle.%u
      recycle:noversions = *.doc,*.xls,*.ppt
      #hide files = /.recycle.*/.recycle/
      #veto files = /.recycle.*/.recycle/

inherit permissions

Use the UNIX form of setgid to make all files and subdirectories belong to the enclosing group.

For example: the root directory for a samba share appears as:

# ls -ld /home/storage
drwxrwxr-x  47 root dom_users 4096 Jan 31 08:09 /home/storage

change the directory so all files & subdirectories created will belong to 'dom_users' group:

# chmod g+s /home/storage

verify the results:

# ls -ld /home/storage
drwxrwsr-x  47 root dom_users 4096 Jan 31 08:09 /home/storage

if you create a new file 'abc' as user 'foo' who has the primary group 'users' the file is created as

# ls -ld /home/storage/*
drwxrwsr-x  47 foo  dom_users 4096 Jan 31 08:09 /home/storage/abc

guest access

To provide Guest Access to samba please see the page: Setting up Samba as a Standalone Server