FHS defaults for samba4

Steve Langasek vorlon at debian.org
Fri Jan 6 05:57:17 GMT 2006

On Fri, Jan 06, 2006 at 06:05:32AM +1100, Andrew Bartlett wrote:
> As we move towards the tech preview, I have been thinking about old
> Samba habits that should not die hard.

> One of these is FHS.  The use of lib for the smb.conf file in the
> default prefix and the like has been with us for many long years, and we
> need to fix that up.  In Samba3, debian and the like have patches that
> change Samba's core to fix this up (even in addition to the --with-fhs
> configure option), but we should avoid having to do that.

> Can I have some advise/confirmation, on where we should have:

>                (packages)           (source install)
>  - smbd
>                /usr/sbin            PREFIX/sbin
>  - smbclient (et al)
>                /usr/bin             PREFIX/bin
>  - smb.conf?
>                /etc/samba           PREFIX/etc
>  - sam.ldb
>    secrets.ldb
>    secrets.keytab
>    <other private files>
>                /var/lib/samba/private PREFIX/var/lib/private

FWIW, I'm not sure why there was ever a separate "private" directory for
these files; ISTR lkcl arguing for this back in the day based on the
behavior on some obscure and not terribly Unix-like platform.  We've
installed the samba3 equivalents to /var/lib/samba directly, since the names
of the files are predictable and that's all anyone gets out of having these
in a readable directory.

>  - WINS database
>                /var/lib/samba       PREFIX/var/lib
>  - Samba3 winbindd_privileged pipe (permissions persistent)
>                /var/lib/samba       PREFIX/var/lib

My understanding is that the permissions are set on the winbindd_privileged
directory, not on the socket itself; and at least in Debian, the current
practice is that files under /var/run are cleaned at boot time, directories
are not.  This might change in the future, though.  Anyway, for comparison
we currently store this in /var/run/samba, similar to a number of other
packages which use Unix sockets.

>  - interprocess communication pipes
>                /var/run/samba/      PREFIX/var/run
>  - swat files (HTML, client-side js)
>                /usr/share/samba/swat  PREFIX/share/swat
>  - templates, provision scripts
>                /usr/share/samba     PREFIX/share
>  - logs
>                /var/log/samba       PREFIX/var/log
>  - include files
>                /usr/include         PREFIX/include
>  - shared libraries
>                /usr/lib             PREFIX/lib
>  - plugins
>                /usr/lib             PREFIX/lib
>  - locking databases (non-persistent)
>                /var/run/samba      PREFIX/var/run
>  - cache databases (winbindd cache)
>                /var/cache/samba   PREFIX/var/cache
>  - printing (persistent cache, but you loose print job tracking if you
> scrub it)
>                /var/lib/samba     PREFIX/var/
>    (or should this be /var/cache/samba or /var/spool/samba?)

> I have no doubt missed some stuff, but it would be nice to try and get
> this right this time.

That looks pretty complete to me, save a few details that others have
already commented on.

BTW, here's what I have in /var/lib/samba on a current 3.0 system; I don't
know how many of these apply (or have yet been implemented) for samba4:

$ ls /var/lib/samba/
account_policy.tdb  ntdrivers.tdb  ntprinters.tdb  printers      secrets.tdb
group_mapping.tdb   ntforms.tdb    passdb.tdb      registry.tdb  share_info.tdb

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon at debian.org                                   http://www.debian.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20060105/1bd277b3/attachment.bin

More information about the samba-technical mailing list