|
|
- ;******************************************************************************
- ; File to define cifsd configuration parameters which are comparable with
- ; samba's ones
- ;
- ; Supported [global] level parameters list:
- ; - server string
- ; This controls what string will show up in browse lists next
- ; to the machine name
- ; - workgroup
- ; This controls what workgroup your server will appear to be
- ; in when queried by clients
- ; - netbios name
- ; This sets the NetBIOS name by which a SMB server is known.
- ; By default it is the same as the first component of the host's
- ; DNS name. If a machine is a browse server or logon server this
- ; name (or the first component of the hosts DNS name) will be
- ; the name that these services are advertised under.
- ; - server min protocol
- ; This setting controls the minimum protocol version that the
- ; server will allow the client to use.
- ; - server max protocol
- ; The value of the parameter (a string) is the highest protocol
- ; level that will be supported by the server.
- ; - server signing
- ; This controls whether the client is allowed or required to use
- ; SMB1 and SMB2 signing. Possible values are default, auto,
- ; mandatory and disabled.
- ; - guest account
- ; This is a username which will be used for access to services
- ; which are specified as guest ok.
- ; - max active sessions
- ; This option allows the number of simultaneous connections to
- ; a service to be limited.
- ; - ipc timeout
- ; This option specifies the number of seconds server will wait
- ; for the userspace to reply to heartbeat frames. If user space
- ; is down for more than `ipc timeout` seconds the server will
- ; reset itself - close all sessions and all TCP connections.
- ; - restrict anonymous
- ; The setting of this parameter determines whether user and
- ; group list information is returned for an anonymous connection.
- ; - map to guest
- ; This parameter can take four different values, which tell cifsd
- ; what to do with user login requests.(bad user
- ; - bind interfaces only
- ; This global parameter allows the cifsd admin to limit what
- ; interfaces on a machine will serve SMB requests.
- ; - interfaces
- ; This option allows you to override the default network
- ; interfaces list that cifsd will use for browsing. The option
- ; takes only list of interface name.
- ; - deadtime
- ; The value of the parameter (a decimal integer) represents
- ; the number of minutes of inactivity before a connection is
- ; considered dead, and it is disconnected. The deadtime only
- ; takes effect if the number of open files is zero.
- ; - root directory
- ; Sets up a root (base) directory for all shares. In some
- ; sense it's equal to chroot(). When this option set all shares'
- ; paths become relative to root directory, IOW the file name
- ; lookup resolves '/root directory/share path/file path' path.
- ;
- ; Supported [share] level parameters list:
- ; - comment
- ; comment string to associate with the new share
- ; - path
- ; This parameter specifies a directory to which the user of the
- ; service is to be given access.
- ; - guest ok
- ; If this parameter is yes for a service, then no password is
- ; required to connect to the service.
- ; - read only
- ; If this parameter is yes, then users of a service may not
- ; create or modify files in the service's directory.
- ; - browseable
- ; This controls whether this share is seen in the list of
- ; available shares in a net view and in the browse list.
- ; - write ok
- ; - writeable
- ; Inverted synonym for read only.
- ; - store dos attributes
- ; If this parameter is set cifsd attempts to first read DOS
- ; attributes (SYSTEM, HIDDEN, ARCHIVE or READ-ONLY) from a
- ; filesystem extended attribute, before mapping DOS attributes
- ; to UNIX permission bits (such as occurs with map hidden and
- ; map readonly).
- ; - oplocks
- ; This boolean option tells cifsd whether to issue oplocks
- ; (opportunistic locks) to file open requests on this share.
- ; - create mask
- ; When a file is created, the necessary permissions are calculated
- ; according to the mapping from DOS modes to UNIX permissions, and
- ; the resulting UNIX mode is then bit-wise 'AND'ed with this
- ; parameter.
- ; - directory mask
- ; This parameter is the octal modes which are used when converting
- ; DOS modes to UNIX modes when creating UNIX directories.
- ; - force group
- ; This specifies a UNIX group name that will be assigned as
- ; the default primary group for all users connecting to this
- ; service.
- ; - force user
- ; This specifies a UNIX user name that will be assigned as
- ; the default user for all users connecting to this service.
- ; - hide dot files
- ; This is a boolean parameter that controls whether files starting
- ; with a dot appear as hidden files.
- ; - hosts allow
- ; This parameter is a comma, space, or tab delimited set of hosts
- ; which are permitted to access a service
- ; - hosts deny
- ; The opposite of allow hosts - hosts listed here are NOT
- ; permitted access to services unless the specific services have
- ; their own lists to override this one. Where the lists conflict,
- ; the allow list takes precedence.
- ; - valid users
- ; This is a list of users that should be allowed to login to this
- ; service
- ; - invalid users
- ; This is a list of users that should not be allowed to login to
- ; this service.
- ; - read list
- ; This is a list of users that are given read-only access to
- ; a service.
- ; - write list
- ; This is a list of users that are given read-write access to
- ; a service.
- ; - max connections
- ; This option allows the number of simultaneous connections to
- ; a service to be limited.
- ; - veto files
- ; This is a list of files and directories that are neither visible
- ; nor accessible.
- ;
- ; Veto any files containing the word Security,
- ; any ending in .tmp, and any directory containing the
- ; word root.
- ; veto files = /*Security*/*.tmp/*root*/
- ;
- ; Veto the Apple specific files that a NetAtalk server
- ; creates.
- ; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
- ; - inherit owner
- ; The ownership for new files and directories should be controlled
- ; by the ownership of the parent directory.
- ; Valid options are yes or no.
- ; - inherit smack
- ; This parameter can be used to ensure that if smack label exist
- ; on parent directories.
- ; Valid options are yes or no.
- ; - force create mode
- ; This parameter specifies a set of UNIX mode bit permissions
- ; that will always be set on a file created by cifsd.
- ; - force directory mode
- ; This parameter specifies a set of UNIX mode bit permissions
- ; that will always be set on a directory created by cifsd.
- ;
- ; Rules to update this file:
- ; - Every [share] definition should start on new line
- ; - Every parameter should be indented with single tab
- ; - There should be single spaces around equal (eg: " = ")
- ; - Multiple parameters should be separated with comma
- ; eg: "invalid users = usr1,usr2,usr3"
- ;
- ; Make sure to configure the server after making changes to this file.
- ;******************************************************************************
-
- [global]
- netbios name = CIFSD
-
- [homes]
- comment = content server share
- path = /tmp
|