[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Wed Aug 31 08:30:03 MDT 2011
The branch, master has been updated
via da23473 s3-rpc_server: Disable epmapper by default.
via 6d9eb66 docs: Add documentation for the rpc_daemon parametric option.
via 40006cf doc: Reflect the latest changes to the rpc_server option.
from 485da3e s3-waf: allow unresolved symbols in some idmap and nss_info modules.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit da2347379e04caf5b7bbd3a6704b03e03c8bf30a
Author: Andreas Schneider <asn at samba.org>
Date: Wed Aug 31 14:53:52 2011 +0200
s3-rpc_server: Disable epmapper by default.
We need more testing in the real world. We need to be sure that if a
Windows client can access port 135 it doesn't require that a service is
available via ncacn_ip_tcp. If possible please enable it using the
following smb.conf options for testing:
rpc_daemon:epmd = fork
rpc_server:epmapper = external
Autobuild-User: Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date: Wed Aug 31 16:29:20 CEST 2011 on sn-devel-104
commit 6d9eb66f29756f8df913b0057a8e66aa6f9acadd
Author: Simo Sorce <idra at samba.org>
Date: Tue Aug 30 17:11:48 2011 -0400
docs: Add documentation for the rpc_daemon parametric option.
commit 40006cf2127df247dd6fc2200b3fac4021c1c9d8
Author: Andreas Schneider <asn at samba.org>
Date: Wed Aug 31 12:13:22 2011 +0200
doc: Reflect the latest changes to the rpc_server option.
bug #8425.
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/misc/rpcdaemon.xml | 69 ++++++++++++++++++++++++++
docs-xml/smbdotconf/misc/rpcserver.xml | 84 +++++++++++++++++++++++++-------
source3/rpc_server/rpc_config.c | 4 +-
3 files changed, 137 insertions(+), 20 deletions(-)
create mode 100644 docs-xml/smbdotconf/misc/rpcdaemon.xml
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/misc/rpcdaemon.xml b/docs-xml/smbdotconf/misc/rpcdaemon.xml
new file mode 100644
index 0000000..e84db21
--- /dev/null
+++ b/docs-xml/smbdotconf/misc/rpcdaemon.xml
@@ -0,0 +1,69 @@
+<samba:parameter name="rpc_daemon"
+ context="G"
+ type="string"
+ advanced="1" print="1"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>
+ Defines whether to use the embedded code or start a separate daemon
+ for the defined rpc services.
+ The rpc_daemon prefix must be followed by the server name, and a value.
+ </para>
+
+ <para>
+ Two possible values are currently supported:
+ <command moreinfo="none">disabled</command>
+ <command moreinfo="none">fork</command>
+ </para>
+
+ <para>
+ The classic method is to run rpc services as internal daemons
+ embedded in smbd, therefore the external daemons are
+ <emphasis>disabled</emphasis> by default.
+ </para>
+
+ <para>
+ Choosing the <emphasis>fork</emphasis> option will cause samba to fork
+ a separate proces for each daemon configured this way. Each daemon may
+ in turn fork a number of children used to handle requests from multiple
+ smbds and direct tcp/ip connections (if the Endpoint Mapper is
+ enabled). Communication with smbd happens over named pipes and require
+ that said pipes are forward to the external daemon (see <smbconfoption
+ name="rpc_server"/>).
+ </para>
+
+ <para>
+ Forked RPC Daemons support dynamically forking children to handle
+ connections. The heuristics about how many children to keep around and
+ how fast to allow them to fork and also how many clients each child is
+ allowed to handle concurrently is defined by parametrical options named
+ after the daemon.
+ Five options are currently supported:
+ <command moreinfo="none">prefork_min_children</command>
+ <command moreinfo="none">prefork_max_children</command>
+ <command moreinfo="none">prefork_spawn_rate</command>
+ <command moreinfo="none">prefork_max_allowed_clients</command>
+ <command moreinfo="none">prefork_child_min_life</command>
+
+ To set one of these options use the follwing syntax:
+ <programlisting>
+ damonname:prefork_min_children = 5
+ </programlisting>
+ </para>
+
+ <para>
+ Samba includes separate daemons for spoolss and the lsarpc/lsass,
+ netlogon and samr pipes. Currently three daemons are available and they
+ are called:
+ <command moreinfo="none">empd</command>
+ <command moreinfo="none">lsasd</command>
+ <command moreinfo="none">spoolssd</command>
+ Example:
+ <programlisting>
+ rpc_daemon:spoolssd = fork
+ </programlisting>
+ </para>
+</description>
+
+<value type="default">disabled</value>
+</samba:parameter>
diff --git a/docs-xml/smbdotconf/misc/rpcserver.xml b/docs-xml/smbdotconf/misc/rpcserver.xml
index d92d203..6984668 100644
--- a/docs-xml/smbdotconf/misc/rpcserver.xml
+++ b/docs-xml/smbdotconf/misc/rpcserver.xml
@@ -5,42 +5,90 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- Defines what kind of rpc server to use for a named pipe.
- The rpc_server prefix must be followed by the pipe name, and a value.
+ With this option you can define if a rpc service should be
+ running internal/embedded in smbd or should be redirected to an
+ external daemon like Samba4, the endpoint mapper daemon, the
+ spoolss daemon or the new LSA service daemon. The rpc_server
+ prefix must be followed by the pipe name, and a value.
</para>
<para>
- Three possible values are currently supported:
+ This option can be set for each available rpc service in Samba.
+ The following list shows all available pipe names services you
+ can modify with this options.
+ </para>
+
+ <itemizedlist>
+ <listitem><para>epmapper - Endpoint Mapper</para></listitem>
+ <listitem><para>winreg - Remote Registry Service</para></listitem>
+ <listitem><para>srvsvc - Remote Server Services</para></listitem>
+ <listitem><para>lsarpc - Local Security Authority</para></listitem>
+ <listitem><para>samr - Security Account Management</para></listitem>
+ <listitem><para>netlogon - Netlogon Remote Protocol</para></listitem>
+ <listitem><para>netdfs - Settings for Distributed File System</para></listitem>
+ <listitem><para>dssetup - Active Directory Setup</para></listitem>
+ <listitem><para>wkssvc - Workstation Services</para></listitem>
+ <listitem><para>spoolss - Network Printing Spooler</para></listitem>
+ <listitem><para>svcctl - Service Control</para></listitem>
+ <listitem><para>ntsvcs - Plug and Play Services</para></listitem>
+ <listitem><para>eventlog - Event Logger</para></listitem>
+ <listitem><para>initshutdown - Init Shutdown Service</para></listitem>
+ </itemizedlist>
+
+ <para>
+ Three possible values currently supported are:
<command moreinfo="none">embedded</command>
- <command moreinfo="none">daemon</command>
<command moreinfo="none">external</command>
+ <command moreinfo="none">disabled</command>
+ </para>
+
+ <para>
+ The classic method is to run every pipe as an internal function
+ <emphasis>embedded</emphasis> in smbd. The defaults may vary
+ depending on the service.
</para>
<para>
- The classic method is to run every pipe as an internal function
- <emphasis>embedded</emphasis> in smbd.
+ Choosing the <emphasis>external</emphasis> option allows to run
+ separate daemon or even a completely independent (3rd party)
+ server capable of interfacing with samba via the MS-RPC
+ interface over named pipes.
</para>
<para>
- An alternative method is to fork a <emphasis>daemon</emphasis>
- early on at smbd startup time. This is supported only for selected
- pipes.
+ Currently in Samba3 we support thre daemons, spoolssd, epmd and
+ lsasd. These daemons can be enabled using the
+ <emphasis>rpc_daemon</emphasis> option. For spoolssd you have
+ to to enable the deamon and proxy the named pipe with:
+ Currently in Samba3 we support thre daemons, spoolssd, epmd and
+ lsasd. These daemons can be enabled using the
+ <emphasis>rpc_daemon</emphasis> option.
</para>
<para>
- Choosing the <emphasis>external</emphasis> option allows to run a
- completely independent (3rd party) server capable of interfacing
- with samba via the MS-RPC interface over named pipes.
+ Examples:
+ <programlisting>
+ rpc_daemon:lsasd = fork
+ rpc_server:lsarpc = external
+ rpc_server:samr = external
+ rpc_server:netlogon = external
+
+ rpc_server:spoolss = external
+ rpc_server:epmapper = disabled
+ </programlisting>
</para>
<para>
- Currently only the spoolss pipe can be configured in
- <emphasis>daemon</emphasis> mode like this:
- <programlisting>
- rpc_server:spoolss = daemon
- </programlisting>
+ There is one special option which allows you to enable rpc
+ services to listen for ncacn_ip_tcp connections too. Currently
+ this is only used for testing and doesn't scale!
+
+ <programlisting>
+ rpc_server:tcpip = yes
+ </programlisting>
</para>
+
</description>
-<value type="default">none</value>
+<value type="default">embedded</value>
</samba:parameter>
diff --git a/source3/rpc_server/rpc_config.c b/source3/rpc_server/rpc_config.c
index 76df479..a1c639c 100644
--- a/source3/rpc_server/rpc_config.c
+++ b/source3/rpc_server/rpc_config.c
@@ -30,7 +30,7 @@ struct rpc_service_defaults {
const char *name;
const char *def_mode;
} rpc_service_defaults[] = {
- { "epmapper", "external" },
+ { "epmapper", "disabled" },
/* { "spoolss", "embedded" }, */
/* { "lsarpc", "embedded" }, */
/* { "samr", "embedded" }, */
@@ -77,7 +77,7 @@ struct rpc_daemon_defaults {
const char *name;
const char *def_type;
} rpc_daemon_defaults[] = {
- { "epmd", "fork" },
+ { "epmd", "disabled" },
/* { "spoolssd", "embedded" }, */
/* { "lsasd", "embedded" }, */
--
Samba Shared Repository
More information about the samba-cvs
mailing list