From: Frank Brehm Date: Tue, 17 Jan 2012 17:13:22 +0000 (+0100) Subject: Bla X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=1f8b879b5ea5ea5c3d87bef3d4d3fd1132350f02;p=config%2Fbruni%2Fetc.git Bla --- diff --git a/.etckeeper b/.etckeeper index 083e5168..f158398f 100755 --- a/.etckeeper +++ b/.etckeeper @@ -18,6 +18,7 @@ mkdir -p './polkit-1/localauthority/50-local.d' mkdir -p './polkit-1/localauthority/90-mandatory.d' mkdir -p './ppp/peers' mkdir -p './sabayon/profiles' +mkdir -p './samba/private' mkdir -p './sane.d/dll.d' mkdir -p './security/limits.d' mkdir -p './security/namespace.d' @@ -389,12 +390,25 @@ maybe chgrp lp './cups/cupsd.conf.default' maybe chmod 0640 './cups/cupsd.conf.default' maybe chmod 0755 './cups/interfaces' maybe chmod 0644 './cups/interfaces/.keep_net-print_cups-0' +maybe chgrp lp './cups/ppd' maybe chmod 0755 './cups/ppd' maybe chmod 0644 './cups/ppd/.keep_net-print_cups-0' +maybe chgrp lp './cups/printers.conf' +maybe chmod 0600 './cups/printers.conf' +maybe chgrp lp './cups/printers.conf.O' +maybe chmod 0600 './cups/printers.conf.O' maybe chgrp lp './cups/snmp.conf' maybe chmod 0640 './cups/snmp.conf' -maybe chmod 0755 './cups/ssl' +maybe chgrp lp './cups/ssl' +maybe chmod 0700 './cups/ssl' maybe chmod 0644 './cups/ssl/.keep_net-print_cups-0' +maybe chmod 0744 './cups/ssl/make-cert.sh' +maybe chgrp lp './cups/ssl/server.crt' +maybe chmod 0600 './cups/ssl/server.crt' +maybe chgrp lp './cups/ssl/server.key' +maybe chmod 0600 './cups/ssl/server.key' +maybe chgrp lp './cups/subscriptions.conf' +maybe chmod 0640 './cups/subscriptions.conf' maybe chmod 0755 './cupshelpers' maybe chmod 0644 './cupshelpers/preferreddrivers.xml' maybe chmod 0755 './dbus-1' @@ -1313,6 +1327,7 @@ maybe chmod 0644 './ppp/options' maybe chmod 0600 './ppp/pap-secrets' maybe chmod 0600 './ppp/pap-secrets.example' maybe chmod 0755 './ppp/peers' +maybe chmod 0644 './printcap' maybe chmod 0644 './procmailrc' maybe chmod 0644 './profile' maybe chmod 0755 './profile.d' @@ -1350,7 +1365,11 @@ maybe chmod 0755 './sabayon' maybe chmod 0755 './sabayon/profiles' maybe chmod 0755 './samba' maybe chmod 0644 './samba/lmhosts' +maybe chmod 0700 './samba/private' +maybe chmod 0644 './samba/smb.conf' maybe chmod 0644 './samba/smb.conf.default' +maybe chmod 0644 './samba/smb.conf.michael' +maybe chmod 0644 './samba/smb.conf.orig' maybe chmod 0644 './samba/smbusers' maybe chmod 0644 './sandbox.conf' maybe chmod 0755 './sandbox.d' diff --git a/cups/cupsd.conf b/cups/cupsd.conf index 4b078f51..936099fc 100644 --- a/cups/cupsd.conf +++ b/cups/cupsd.conf @@ -7,7 +7,7 @@ # Log general information in error_log - change "warn" to "debug" # for troubleshooting... -LogLevel warn +LogLevel info # Administrator user group... SystemGroup lpadmin @@ -15,8 +15,12 @@ SystemGroup lpadmin # Only listen for connections from the local machine. Listen localhost:631 +Listen 10.12.11.2:631 +# Port 631 Listen /var/run/cups/cups.sock - +AccessLog /var/log/cups/access.log +ErrorLog /var/log/cups/error.log +PageLog /var/log/cups/page.log # Show shared printers on the local network. Browsing On BrowseOrder allow,deny @@ -28,12 +32,16 @@ DefaultAuthType Basic # Restrict access to the server... + # Allow remote administration... Order allow,deny + Allow @LOCAL # Restrict access to the admin pages... + Encryption Required Order allow,deny + Allow @LOCAL # Restrict access to configuration files... @@ -41,6 +49,7 @@ DefaultAuthType Basic AuthType Default Require user @SYSTEM Order allow,deny + Allow @LOCAL # Set the default printer/job policies... diff --git a/cups/printers.conf b/cups/printers.conf new file mode 100644 index 00000000..358a270e --- /dev/null +++ b/cups/printers.conf @@ -0,0 +1,37 @@ +# Printer configuration file for CUPS v1.4.8 +# Written by cupsd on 2012-01-17 18:10 +# DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING + +Info Kyocera FS-1020D +Location Local Printer +MakeModel Kyocera FS-1030D +DeviceURI usb://Kyocera/FS-1020D +State Idle +StateTime 1282984000 +Type 8388612 +Accepting Yes +Shared Yes +JobSheets none none +QuotaPeriod 0 +PageLimit 0 +KLimit 0 +OpPolicy default +ErrorPolicy stop-printer + + +Info PDF Printer +Location Local Printer +MakeModel Apple LaserWriter 4/600 Foomatic/Postscript (recommended) +DeviceURI cups-pdf:/ +State Idle +StateTime 1264666962 +Type 8388612 +Accepting Yes +Shared Yes +JobSheets none none +QuotaPeriod 0 +PageLimit 0 +KLimit 0 +OpPolicy default +ErrorPolicy stop-printer + diff --git a/cups/printers.conf.O b/cups/printers.conf.O new file mode 100644 index 00000000..78e006e6 --- /dev/null +++ b/cups/printers.conf.O @@ -0,0 +1,43 @@ +# Printer configuration file for CUPS v1.4.6 +# Written by cupsd on 2011-07-11 09:23 +# DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING + +Info Kyocera FS-1020D +Location Local Printer +MakeModel Kyocera FS-1030D +DeviceURI usb://Kyocera/FS-1020D +State Idle +StateTime 1282984000 +Type 8425556 +Filter application/vnd.cups-raw 0 - +Filter application/vnd.cups-command 0 commandtops +Filter application/vnd.cups-postscript 0 - +Accepting Yes +Shared Yes +JobSheets none none +QuotaPeriod 0 +PageLimit 0 +KLimit 0 +OpPolicy default +ErrorPolicy stop-printer + + +Info PDF Printer +Location Local Printer +MakeModel Apple LaserWriter 4/600 Foomatic/Postscript (recommended) +DeviceURI cups-pdf:/ +State Idle +StateTime 1264666962 +Type 8400916 +Filter application/vnd.cups-raw 0 - +Filter application/vnd.cups-postscript 0 foomatic-rip +Filter application/vnd.cups-command 0 commandtops +Accepting Yes +Shared Yes +JobSheets none none +QuotaPeriod 0 +PageLimit 0 +KLimit 0 +OpPolicy default +ErrorPolicy stop-printer + diff --git a/cups/ssl/make-cert.sh b/cups/ssl/make-cert.sh new file mode 100755 index 00000000..e0e38656 --- /dev/null +++ b/cups/ssl/make-cert.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +openssl req -new -x509 -keyout /etc/cups/ssl/server.key -out /etc/cups/ssl/server.crt -days 365 -nodes + diff --git a/cups/ssl/server.crt b/cups/ssl/server.crt new file mode 100644 index 00000000..1ca56dfb --- /dev/null +++ b/cups/ssl/server.crt @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEdjCCA2CgAwIBAgIESkcmHzALBgkqhkiG9w0BAQUwgcAxCzAJBgNVBAYTAkRF +MSQwIgYDVQQDExticnVuaS5ob21lLmJyZWhtLW9ubGluZS5jb20xJDAiBgNVBAoT +G2JydW5pLmhvbWUuYnJlaG0tb25saW5lLmNvbTEQMA4GA1UECxMHVW5rbm93bjEQ +MA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEvMC0GCSqGSIb3DQEJ +ARYgcm9vdEBicnVuaS5ob21lLmJyZWhtLW9ubGluZS5jb20wHhcNMDkwNjI4MDgx +MzE5WhcNMTkwNjI2MDgxMzE5WjCBwDELMAkGA1UEBhMCREUxJDAiBgNVBAMTG2Jy +dW5pLmhvbWUuYnJlaG0tb25saW5lLmNvbTEkMCIGA1UEChMbYnJ1bmkuaG9tZS5i +cmVobS1vbmxpbmUuY29tMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQIEwdVbmtu +b3duMRAwDgYDVQQHEwdVbmtub3duMS8wLQYJKoZIhvcNAQkBFiByb290QGJydW5p +LmhvbWUuYnJlaG0tb25saW5lLmNvbTCCAR8wCwYJKoZIhvcNAQEBA4IBDgAwggEJ +AoIBALA5FvlTvP9LeCaroX0gIBDsW5Mia2kyKBHQLzVWPmPdDW9UFpnh40sT+Dtb +WEEXzti2/bHzDvcT1F2b0c3P47dKY9j1FrQCb9asqxuJzC5KTAO0VfV3PNRlKmiK +nDGbryiLBZ9I6R67gSHyQYh2sVuaI1r9HPUa8fR49YunNlJNur/J12WQMssiEy8l ++izHBJ+K1tfPnOGc9FZl+OAtMF90CUndsuBlXVGG51CbprOab4lTkuK0zn+Cv1E2 +YxwpOunYL7JfvSpReZkNL65O5nguq6G0gs82viM52tqdYANGOUCI2httwUaS2ppu +TazHjfaPhvePEaRgVEMeb65z0ZsCAwEAAaN9MHswDAYDVR0TAQH/BAIwADAmBgNV +HREEHzAdghticnVuaS5ob21lLmJyZWhtLW9ubGluZS5jb20wEwYDVR0lBAwwCgYI +KwYBBQUHAwEwDwYDVR0PAQH/BAUDAwcgADAdBgNVHQ4EFgQUbaLsF/i7cBriwBVU +b1a+VdgctS4wCwYJKoZIhvcNAQEFA4IBAQAmCixL3HDXJGIpXk7g8Zq4YRv8Qeti +C7yp3VL2gURoN1AjTDqrGKBT03fctHvBtu1nVswr2yEjL5Uq+xgdHN09vcIxpfBG +p1p4t/B3panodRKMXtqZZsk8hKminq/+o7iqeGTMA2YucNo8HXy7mBNnSseKLZB/ +bApJRuce2aBnGQiUd7U9ZvO7bGo0/3j52sjroM4eGZ6sH2X6GuVlk377tG9mUnhm +XRqU35q+IKB9EZl7w2sLGNrBCDqy/1T96znv3N6tAnXwAn0vwM71leTr3dC3VRHP +8LDkyOwR53TgdekmtYdBKqp9ngCsoJOxEdzHal4uX06u4aFBXG9sEdWm +-----END CERTIFICATE----- diff --git a/cups/ssl/server.key b/cups/ssl/server.key new file mode 100644 index 00000000..0af16b29 --- /dev/null +++ b/cups/ssl/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAsDkW+VO8/0t4JquhfSAgEOxbkyJraTIoEdAvNVY+Y90Nb1QW +meHjSxP4O1tYQRfO2Lb9sfMO9xPUXZvRzc/jt0pj2PUWtAJv1qyrG4nMLkpMA7RV +9Xc81GUqaIqcMZuvKIsFn0jpHruBIfJBiHaxW5ojWv0c9Rrx9Hj1i6c2Uk26v8nX +ZZAyyyITLyX6LMcEn4rW18+c4Zz0VmX44C0wX3QJSd2y4GVdUYbnUJums5pviVOS +4rTOf4K/UTZjHCk66dgvsl+9KlF5mQ0vrk7meC6robSCzza+Izna2p1gA0Y5QIja +G23BRpLamm5NrMeN9o+G948RpGBUQx5vrnPRmwIDAQABAoIBABbVcZHL6meFXrkF +Wy7sjIsffSbS+mpOj/JC8KMEx5/GovjZGKFG1jNCZVNCR5djn4SQLXjd1C4VWS/p +7U+xj2w5YjeuBjY77JmQlQ6ZQSYsWq4jiKco6e5hehMYBsYcyfTtvURBknH40hzV +GEMM53fwQILdMjUw5nIK1vzfT+1uTYAcefGQDTgUUn29uGhIqMnSLeBF+HdZjHcT +6Idw4LybhMEmFyMcUJjtdcJgh+i/k7BdeKpoPHL5dyMt/Vp679N6njcCGGy9z6H7 +Qw+gqWqSw0FqvYBpshoHA54fyRDFXoHiGIXng7q7YE0MXJc7axLuOA3cn+jUHTTZ +QiInwh0CgYEAyaCYJzGp+IVpNWUS8KbidtqeZIhahXNxF31w8AHGPVnksR1JF4Ql +BvC3I/iuaw5PKANtqpSLRo0Qub+xINuRFP97o0kBPhQ0CiHdRgyA70Tsf3pNthpV +IkuMLAuvXGyySVVgPOePlVHjWjYQHxCVQQ4rZAgPRQJ9MMtH8jp27q8CgYEA376z +VQc1BbpWiTnoKgvKvwEXmwJ+INdtgzPl8rSbTwEmnT66ePJsT13mlBLOjNjiqE97 +z3+SCeH1MPml6/GH9xhlpuWInkhym8COoIE1l+Etzv7W5GhAsNPuh2MwTPp5xYZc +P3yhbqr4CIV4EFM2Fast/6bKTbTdJLH4vLVS5tUCgYBagwlKrvTKZ7lvCsyR05je +Gg34u21HcydVkC5ez60aZXxQNgFV2TB2CSFtuHkz/dxy7fcRGFXdef4EJJVzVp2u +e3IZPvCb2Z3y3njitUI8JwizwUeZdAC7wIZQT36NUw5F9VmafajrMzOIj7R0/ZDC +/4VjBms0Y4WnndnSV4SEaQKBgQDRk6QQ8hZFTjw+f6IquC7p6JD+3j/cbU2kBtnO +FEQhpZdQ1O//2DuBwBf5/P/CSGlOdF0piHn3jdKIVF+JeQz9c7nLsdbdREkuARjX +2Q+lOwQYjvYkrk5iE7Gq2Url3/xt+6OuyAPCUJzSBorm57qSY2xLuiRm0xINjDLM +OB/2HQKBgGv6h0zQ3QBOuxB4o3LA4Jv+Hp1DHc6N9bjpAKRvqlWspsSFsW7K1c1X +hMz6bw3//IO5WZF7jPhCXtGUE859/loHhPaf8xGSLZciqFJXQ+oxHo4XG7nywAgR +uCJyRQT8Z7FEXFv3I+49QKmZPlDglSAinjHFV8+eLGW/D5j/IbVJ +-----END RSA PRIVATE KEY----- diff --git a/cups/subscriptions.conf b/cups/subscriptions.conf new file mode 100644 index 00000000..e6c80aae --- /dev/null +++ b/cups/subscriptions.conf @@ -0,0 +1,3 @@ +# Subscription configuration file for CUPS v1.4.8 +# Written by cupsd on 2012-01-12 19:53 +NextSubscriptionId 119 diff --git a/motd b/motd index 428fb60f..4b7fd6f4 100644 --- a/motd +++ b/motd @@ -7,9 +7,11 @@ Gentoo Base System release 2.0.3 |____/|_| \__,_|_| |_|_| -Musik im besten Sinne bedarf weniger der Neuheit, ja vielmehr, -je älter sie ist, je gewohnter man sie ist, desto mehr wirkt sie. - -- Goethe, Maximen und Reflektionen, Nr. 1235 +Wer das Falsche verteidigen will, hat alle Ursache, leise +aufzutreten und sich zu einer feinen Lebensart zu bekennen. Wer das +Recht auf seiner Seite fühlt, muss derb auftreten; ein höfliches +Recht will gar nichts heißen. + -- Goethe, Maximen und Reflektionen, Nr. 1028 Today is Boomtime, the 17th day of Chaos in the YOLD 3178 diff --git a/printcap b/printcap new file mode 100644 index 00000000..f1748a3f --- /dev/null +++ b/printcap @@ -0,0 +1,5 @@ +# This file was automatically generated by cupsd(8) from the +# /etc/cups/printers.conf file. All changes to this file +# will be lost. +Kyocera_FS-1020D_USB_1|Kyocera FS-1020D:rm=bruni.home.brehm-online.com:rp=Kyocera_FS-1020D_USB_1: +Virtual_Printer|PDF Printer:rm=bruni.home.brehm-online.com:rp=Virtual_Printer: diff --git a/runlevels/default/cupsd b/runlevels/default/cupsd new file mode 120000 index 00000000..73c95ca3 --- /dev/null +++ b/runlevels/default/cupsd @@ -0,0 +1 @@ +/etc/init.d/cupsd \ No newline at end of file diff --git a/runlevels/default/samba b/runlevels/default/samba new file mode 120000 index 00000000..bdd7239f --- /dev/null +++ b/runlevels/default/samba @@ -0,0 +1 @@ +/etc/init.d/samba \ No newline at end of file diff --git a/samba/smb.conf b/samba/smb.conf new file mode 100644 index 00000000..c3ed0764 --- /dev/null +++ b/samba/smb.conf @@ -0,0 +1,174 @@ +#======================= Global Settings ===================================== +[global] + +; workgroup = Brehm + workgroup = HENNIG + netbios name = Bruni + server string = %h +; server string = %h - (Samba %v) +; printcap name = cups + printcap name = /etc/printcap + load printers = no + printing = CUPS +; printer admin = @adm +; printer admin = @"Domain Admins" + log file = /var/log/samba/log.%m + max log size = 5120 + log level = 2 passdb:5 auth:10 +; hosts allow = 10.12.11. 127. ::1 2001:6f8:1db7::/64 fe80::/64 2001:6f8:1c00:365::/64 + guest account = pcguest + map to guest = bad user + security = user +; password server = +; password server = * +; password level = 8 +; username level = 8 + encrypt passwords = true +; smb passwd file = /var/lib/samba/private/smbpasswd + passdb backend = tdbsam +; unix password sync = Yes +; pam password change = yes +; passwd program = /usr/bin/passwd %u +; passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \ +;*passwd:*all*authentication*tokens*updated*successfully* +; username map = /etc/samba/smbusers +; include = /etc/samba/smb.conf.%m +; winbind separator = + +; winbind use default domain = yes +; template homedir = /home/%D/%U +; obey pam restrictions = yes +; template shell = /bin/bash + #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 +; interfaces = eth0 eth1 10.12.11.0/24 + interfaces = eth0 +; remote browse sync = 192.168.3.25 192.168.5.255 +; remote browse sync = 10.12.11.255 +; remote announce = 192.168.1.255 192.168.2.44 +; remote announce = 10.12.11.255 +; local master = yes +; os level = 100 +; domain master = yes +; preferred master = yes +; domain logons = yes +; logon script = %m.bat +; logon script = %U.bat +; logon path = \\%L\Profiles\%U +; logon home = \\%L\%U\.profile +; enhanced browsing = yes + +; add user script = /usr/sbin/useradd -s /bin/false '%u' +; delete user script = /usr/sbin/userdel '%s' +; add user to group script = /usr/bin/gpasswd -a '%u' '%g' +; delete user from group script = /usr/bin/gpasswd -d '%u' '%g' +; set primary group script = /usr/sbin/usermod -g '%g' '%u' +; add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}' +; delete group script = /usr/sbin/groupdel '%g' + +; passdb backend = smbpasswd guest +; passdb backend = tdbsam smbpasswd guest +; passdb backend = ldapsam:ldaps://ldap.mydomain.com smbpasswd guest +; passdb backend = ldapsam_compat:ldaps://ldap.mydomain.com smbpasswd guest + +; idmap uid = 10000-20000 +; idmap gid = 10000-20000 + +; name resolve order = wins lmhosts bcast + name resolve order = wins lmhosts bcast host + +; wins support = yes +; wins server = 10.12.11.2 2001:6f8:1db7::1 fe80::2e0:4cff:fe69:50b7 127.0.0.1 ::1 + +; wins server = w.x.y.z + +; wins proxy = yes + +; dns proxy = no + +; preserve case = no +; short preserve case = no +; default case = lower +; case sensitive = no + + dos charset = 850 + unix charset = UTF-8 + + follow symlinks = yes +; wide links = yes +; unix extensions = no + wide links = no + unix extensions = yes + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = yes + writable = yes + printable = no + create mask = 0664 + directory mask = 0775 +; vfs object = /usr/lib/samba/vfs/recycle.so + follow symlinks = yes + wide links = yes + public = no + + +;[netlogon] +; comment = Network Logon Service +; path = /var/lib/samba/netlogon +; guest ok = yes +; writable = no + +;[Profiles] +; path = /var/lib/samba/profiles +; browseable = no +; guest ok = yes +; root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \ +; then mkdir -pm700 $PROFILE; chown %u:%g $PROFILE;fi + +[printers] + comment = Alle Drucker + path = /var/spool/samba + browseable = yes + guest ok = yes + writable = no + printable = yes + create mode = 0700 + #print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. +; print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). +; lpq command = lpq -P %p +; lprm command = cancel %p-%j + +[print$] + path = /var/lib/samba/printers + browseable = yes + read only = yes + write list = @adm root + guest ok = yes + +[all] + path = /data/all + browseable = yes + comment = Oeffentliches Zeug + #public = no + writable = no + write list = @users + printable = no + create mask = 0664 + directory mask = 0775 + guest ok = yes +; vfs object = /usr/lib/samba/vfs/audit.so + +[inst] + path = /data/inst + browseable = yes + comment = Installations-Dateien + public = yes +; only guest = yes + writable = no + write list = @users + printable = no +; force user = frank + create mask = 0664 + directory mask = 0775 + diff --git a/samba/smb.conf.michael b/samba/smb.conf.michael new file mode 100644 index 00000000..e572d12a --- /dev/null +++ b/samba/smb.conf.michael @@ -0,0 +1,56 @@ +[global] + + workgroup = ARBEITSGRUPPE + #server string = Samba %v + server string = Fileserver + netbios name = FILESERVER + interfaces = lo 10.1.0.0/24 + hosts allow = 127. 10.1.0. + name resolve order = wins lmhosts hosts + #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE IPTOS_LOWDELAY + #socket options = TCP_NODELAY SO_RCVBUF=65520 SO_SNDBUF=65520 + #strict sync = yes + #sync always = yes + # This will prevent nmbd to search for NetBIOS names through DNS. + dns proxy = no + # fix umlaute when using windows clients + dos charset = 850 + unix charset = UTF-8 + force create mode = 0644 + force directory mode = 0755 + create mask = 000 + directory mask = 000 + security = user + passdb backend = tdbsam + # You may wish to use password encryption. See the section on + # 'encrypt passwords' in the smb.conf(5) manpage before enabling. + encrypt passwords = true + # disable printer support completely + load printers = no + cups options = raw + printcap name = /etc/printcap + printing = + # This tells Samba to use a separate log file for each machine + # that connects + log file = /var/log/samba/log.%m + # Put a capping on the size of the log files (in Kb). + max log size = 1000 + # We want Samba to log a minimum amount of information to syslog. Everything + # should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log + # through syslog you should set the following parameter to something higher. + syslog = 0 + # Using the following line enables you to customise your configuration + # on a per machine basis. The %m gets replaced with the netbios name + # of the machine that is connecting + include = /etc/samba/smb.conf.%m +;/etc/samba/smb.conf.irgendeinhostname: +;[dms] +; comment = DMS +; path = /storage/antea/dms +; browseable = yes +; writable = yes +; valid users = mbalser +; force user = nobody +; force group = nogroup + +; vim: filetype=samba ts=4 expandtab diff --git a/samba/smb.conf.orig b/samba/smb.conf.orig new file mode 100644 index 00000000..ba7dc10e --- /dev/null +++ b/samba/smb.conf.orig @@ -0,0 +1,184 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +; workgroup = Brehm + workgroup = Hennig + netbios name = Bruni +; netbios name = Brunhilde + server string = %h +; server string = %h - (Samba %v) + printcap name = cups + load printers = yes + printing = cups +; printer admin = @adm +; printer admin = @"Domain Admins" + log file = /var/log/samba/log.%m + max log size = 1024 + log level = 2 +; hosts allow = 10.12.11. 127. ::1 2001:6f8:1db7::/64 fe80::/64 2001:6f8:1c00:365::/64 +; guest account = pcguest + map to guest = bad user + security = user +; password server = +; password server = * +; password level = 8 +; username level = 8 + encrypt passwords = yes +; smb passwd file = /var/lib/samba/private/smbpasswd + passdb backend = tdbsam +; unix password sync = Yes +; pam password change = yes +; passwd program = /usr/bin/passwd %u +; passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \ +;*passwd:*all*authentication*tokens*updated*successfully* +; username map = /etc/samba/smbusers +; include = /etc/samba/smb.conf.%m +; winbind separator = + +; winbind use default domain = yes +; template homedir = /home/%D/%U +; obey pam restrictions = yes +; template shell = /bin/bash + socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 +; interfaces = eth0 eth1 10.12.11.0/24 + interfaces = eth1 +; remote browse sync = 192.168.3.25 192.168.5.255 +; remote browse sync = 10.12.11.255 +; remote announce = 192.168.1.255 192.168.2.44 +; remote announce = 10.12.11.255 + local master = yes + os level = 100 + domain master = yes + preferred master = yes +; domain logons = yes +; logon script = %m.bat +; logon script = %U.bat +; logon path = \\%L\Profiles\%U +; logon home = \\%L\%U\.profile + enhanced browsing = yes + +; add user script = /usr/sbin/useradd -s /bin/false '%u' +; delete user script = /usr/sbin/userdel '%s' +; add user to group script = /usr/bin/gpasswd -a '%u' '%g' +; delete user from group script = /usr/bin/gpasswd -d '%u' '%g' +; set primary group script = /usr/sbin/usermod -g '%g' '%u' +; add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}' +; delete group script = /usr/sbin/groupdel '%g' + +; passdb backend = smbpasswd guest +; passdb backend = tdbsam smbpasswd guest +; passdb backend = ldapsam:ldaps://ldap.mydomain.com smbpasswd guest +; passdb backend = ldapsam_compat:ldaps://ldap.mydomain.com smbpasswd guest + +; idmap uid = 10000-20000 +; idmap gid = 10000-20000 + +; name resolve order = wins lmhosts bcast + name resolve order = wins lmhosts bcast host + +; wins support = yes +; wins server = 10.12.11.2 2001:6f8:1db7::1 fe80::2e0:4cff:fe69:50b7 127.0.0.1 ::1 + +; wins server = w.x.y.z + +; wins proxy = yes + + dns proxy = no + +; preserve case = no +; short preserve case = no +; default case = lower +; case sensitive = no + + dos charset = 850 + unix charset = UTF-8 + + follow symlinks = yes + wide links = yes + unix extensions = no + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = yes + writable = yes + printable = no + create mask = 0664 + directory mask = 0775 +; vfs object = /usr/lib/samba/vfs/recycle.so + follow symlinks = yes + wide links = yes + public = no + + +;[netlogon] +; comment = Network Logon Service +; path = /var/lib/samba/netlogon +; guest ok = yes +; writable = no + +;[Profiles] +; path = /var/lib/samba/profiles +; browseable = no +; guest ok = yes +; root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \ +; then mkdir -pm700 $PROFILE; chown %u:%g $PROFILE;fi + +[printers] + comment = Alle Drucker + path = /var/spool/samba + browseable = yes + guest ok = yes + writable = no + printable = yes + create mode = 0700 + #print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. +; print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). +; lpq command = lpq -P %p +; lprm command = cancel %p-%j + +[print$] + path = /var/lib/samba/printers + browseable = yes + read only = yes + write list = @adm root + guest ok = yes + +[all] + path = /data/all + browseable = yes + comment = Oeffentliches Zeug + public = no + writable = no + write list = @users + printable = no + create mask = 0664 + directory mask = 0775 +; vfs object = /usr/lib/samba/vfs/audit.so + +[inst] + path = /data/inst + browseable = yes + comment = Installations-Dateien + public = no +; only guest = yes + writable = no + write list = @users + printable = no +; force user = frank + create mask = 0664 + directory mask = 0775 +