[Samba] Solution: Multiple Instancies of Samba on a single System

Bard Bergfald bard at bergfald.no
Tue Feb 26 01:08:48 GMT 2002


Also note there's a howto on this. Google for the dual head howto :P

Tarjei

Gunther Hess wrote:

> Hi out there,
>              i asked the question, how to establish multiple
> Samba-instancies on a single system. Well, nobody made objections
> that this should work and apparently it really works with the following
> setup:
>
> - Compilation (config.status):
>   (nothing special about it, except that i enforce the existance
>    of /etc/smb.conf for samba to work properly)
>
>    ./configure  --prefix=/opt/samba-2.2.3a \
>    --localstatedir=/var/samba --with-configdir=/etc \
>    --with-automount --with-syslog --with-quotas --with-utmp \
>    --with-msdfs --with-vfs --with-libsmbclient --with-acl-support
>
>    /opt/samba-2.2.3a is a shared, readonly directory on a central
>    server, while /etc and /var are local, writable directories
>    on different samba-servers.
>
> -  Startup/Setup
>    - The attached Shell-Script "samba" is my startup/shutdown
>      script for the servers.
>
>      - /etc/smb.conf-<Server> - is the instance-configuration
>
>      - <Server> == zerberos is my PDC, which has an alter-Ego
>        /etc/nmb.conf (/etc/nmb.conf is symlinked to /etc/smb.conf-zerberos)
>
>        This is due to the fact, that apparently a Samba-PDC does
>        not work without a running nmbd, which processes the
>        logon-packets. But only one nmbd must run on a single system.
>
>      - /etc/smb.conf is a symlink to /etc/smb.conf-zerberos too,
>        which is required for smbpasswd to work properly, due to
>        my specific compilation.
>
>     ## And _never_ name your PDC with the domain-name!!
>
> - Instance-Setups (smb.conf-devil1):
>
>   As already seen in the zerberos-configuration, two parameters are
>   important to split the working-directories:
>
>    log file                = /var/samba/devil1/log/%M.%m
>    lock directory          = /var/samba/devil1/locks
>
>    (devil1 has an alter-ego named devil2, which shares his locks
>     and logs, what is the reason for the "config file"-parameter
>     in the attached file)
>
> And a final note:
>
>   Both configurations bind to a single interface (32Bit Mask).
>
>   The PDC also binds to the loopback-interface (for smbpasswd
>   to work on this system.
>
> Hope that this helps others and sorry for this lengthly mail.
>
> Regards
> Gunther
>
> P.S.: my `ps -axuww | fgrep samba` looks like this after /etc/init.d/samba start
>
> root     22823  0.1  0.2 2488 1912 ?        S 23:44:43  0:00 nmbd -D -d 1 -H /etc/lmhosts -l /var/samba/nmb/log -s /etc/nmb.conf
> root     22925  0.0  0.2 3472 1616 ?        S 23:46:22  0:00 smbd -D -d 1 -l /var/samba/devil1/log -s /etc/smb.conf-devil1
> root     22848  0.0  0.2 3456 1664 ?        S 23:44:44  0:00 smbd -D -d 1 -l /var/samba/zerberos/log -s /etc/smb.conf-zerberos
>
> Gunther Hess wrote:
> >
> > Hi out there,
> >              i intend to run multiple Instancies of Samba
> > on a single, multi-homed, server, with each instance bound
> > to a specific (logical) interface.
> >
> > If this works, it would be fine to me.
> > Mainly for administrative Reasons. (You won't believe,
> > but from time to time it becomes necessary to restart
> > some services, but restarting the entire server is a
> > real mess)
> >
> > Well here my questions:
> >
> >  - Most important:
> >    Can anyone out there tell me, that this is definitely impossible?
> >
> >  - Most helpful:
> >    Which settings must appear in the Configuration, to split the
> >    working-directories? (locks, logs, private-dir and so on)
> >
> >  - Very interesting:
> >    Has anyone experience with such a configuration?
> >
> > Thanks in advance
> > Gunther
> > --
>
> --
> Dr. Gunther Hess           Elmos Semiconductor AG
> Tel.: ++49 +231 7549-520   Heinrich Hertz Str. 1
> Fax:  ++49 +231 7549-109   D-44227 Dortmund
> WWW: http://www.elmos.de   Opinions are strictly of my own
>
>   ------------------------------------------------------------------------
> #! /bin/sh
> # @(#) Start-Script for Samba
> # @(#) $Id: samba,v 1.4 2002/02/25 22:15:33 root Exp root $
>
> # Please send info on modifications to ghess at elmos.de
>
> PRGBASE=/opt/samba-2.2.3a
>
> # CNFBASE is a script-debugging-variable
>
> CNFBASE=""
>
> # if /usr ist not mounted, give up without comments
>
> if [ ! -d /usr/bin ]
> then                    # /usr not mounted
>         exit
> fi
>
> # Gunther's universal Path
>
> PATH="/root/bin:/etc:/usr/local/bin:/opt/bin"
> PATH="/usr/ccs/bin:/usr/ucb:/usr/sbin:/usr/bin:/bin:/sbin:${PATH}"
>
> # /usr/lib is o.k. for Solaris, but not for SunOS or Linux
> # but with Samba it is not crucial
>
> LD_LIBRARY_PATH=/usr/lib
>
> export PATH LD_LIBRARY_PATH
> #
> # Add the Program-Base in front of the Path
> #
> if [ -d "$PRGBASE/bin" ]
> then
>   PATH="${PRGBASE}/bin:${PATH}"
> fi
> if [ -d "$PRGBASE/sbin" ]
> then
>   PATH="${PRGBASE}/sbin:${PATH}"
> fi
> if [ -d "$PRGBASE/lib" ]
> then
>   LD_LIBRARY_PATH="${PRGBASE}/lib:${LD_LIBRARY_PATH}"
> fi
> #
> export PATH LD_LIBRARY_PATH
> #
> # Save the arguments
> #
> OPARG="${1-help}"
> if [ $# -gt 0 ]
> then
>  shift
> fi
> SVARG="$*"
> #
> # Which servers do "exist" ?
> #
> SERVERS=""
> for F in $CNFBASE/etc/smb.conf-*
> do
>   if [ -f "$F" ]
>   then
>     SVR="`echo $F | sed -e 's/.*\/etc\/smb.conf-//'`"
>     if [ "$SERVERS" = "" -o "$SERVERS" = " " ]
>     then
>       SERVERS="$SVR"
>     else
>       SERVERS="$SERVERS $SVR"
>     fi
>   fi
> done
> if [ "$SERVERS" != "" -a "$SERVERS" != " " ]
> then
>   if [ -f $CNFBASE/etc/nmb.conf ]
>   then
>     SERVERS="nmb $SERVERS"
>   fi
> elif [ -f $CNFBASE/etc/smb.conf ]
> then
>   SERVERS=simple
> fi
>
> if [ "$SERVERS" = "" -o "$SERVERS" = " " ]
> then
>   echo "###"
>   echo "### cannot start/stop samba without configuration file(s)"
>   echo "### (no /etc/smb.conf and/or /etc/smb.conf-<server>)"
>   echo "###"
>   exit 1
> fi
>
> if [ "$SVARG" = "" -o "$SVARG" = " " ]
> then
>   SVARG="$SERVERS"
> fi
> echo "  OPARG=$OPARG"
> echo "  SVARG=$SVARG"
> echo "SERVERS=$SERVERS"
>
> # Verify SVARG
>
> set $SVARG
> SVARG=""
> while [ $# -gt 0 ]
> do
>   MATCH=false
>   for SVR in $SERVERS
>   do
>     if [ "$1" = "$SVR" ]
>     then
>       MATCH=true
>       if [ "$SVARG" = "" -o "$SVARG" = " " ]
>       then
>         SVARG="$SVR"
>       else
>         SVARG="$SVARG $SVR"
>       fi
>       break
>     fi
>   done
>   if [ "$MATCH" = "false" ]
>   then
>     echo "### Server $1 is not configured"
>   fi
>   shift
> done
>
> echo "  SVARG=$SVARG"
>
> if [ "$SVARG" = "" -o "$SVRAG" = " " ]
> then
>   echo "###"
>   echo "### no valid servers specified"
>   echo "###"
>   exit 1
> fi
>
> # Start/stop processes required for samba server
>
> case "$OPARG" in
>
> # Start Samba-Services
>
>   start)
>     for SVR in $SVARG
>     do
>
>       echo "#   starting Samba-Server $SVR"
>
>       if [ "$SVR" = "simple" ]
>       then
>         for D in /var/samba \
>                 /var/samba/log /var/samba/locks /var/samba/private
>         do
>           mkdir -p $D
>           chmod 755  $D
>           chown 0 $D
>           chgrp 0 $D
>         done
>         chmod 700 /var/samba/private
>         if [ ! -f   /var/samba/private/smbpasswd ]
>         then
>           touch     /var/samba/private/smbpasswd
>           chmod 700 /var/samba/private/smbpasswd
>         fi
>
>         rm -f /var/samba/locks/smbd.pid  /var/samba/locks/nmbd.pid
>
>         smbd -D -d 1 -l /var/samba/log -s $CNFBASE/etc/smb.conf
>
>         if [ -f "$CNFBASE/etc/lmhosts" ]
>         then
>           nmbd -D -d 1 -H $CNFBASE/etc/lmhosts -l /var/samba/log \
>                   -s $CNFBASE/etc/smb.conf
>         else
>           nmbd -D -d 1 -l /var/samba/log -s $CNFBASE/etc/smb.conf
>         fi
>
>       else
>
>         for D in /var/samba /var/samba/$SVR \
>                 /var/samba/$SVR/log /var/samba/$SVR/locks \
>                 /var/samba/$SVR/private
>         do
>           mkdir -p $D
>           chmod 755  $D
>           chown 0 $D
>           chgrp 0 $D
>         done
>         chmod 700   /var/samba/$SVR/private
>         if [ ! -f   /var/samba/$SVR/private/smbpasswd ]
>         then
>           touch     /var/samba/$SVR/private/smbpasswd
>           chmod 700 /var/samba/$SVR/private/smbpasswd
>         fi
>
>         rm -f /var/samba/$SVR/locks/smbd.pid  /var/samba/$SVR/locks/nmbd.pid
>
>         if [ "$SVR" = "nmb" ]
>         then
>           if [ -f "$CNFBASE/etc/lmhosts" ]
>           then
>             nmbd -D -d 1 -H $CNFBASE/etc/lmhosts -l /var/samba/$SVR/log \
>                     -s $CNFBASE/etc/nmb.conf
>           else
>             nmbd -D -d 1 -l /var/samba/$SVR/log -s $CNFBASE/etc/nmb.conf
>           fi
>
>         else
>
>           smbd -D -d 1 -l /var/samba/$SVR/log -s $CNFBASE/etc/smb.conf-$SVR
>
>         fi
>       fi
>     done
>   ;;
>
> ## Stop Samba-Services
>
>   stop)
>     for SVR in $SVARG
>     do
>
>       echo "#   stopping Samba-Server $SVR"
>
>       if [ "$SVR" = "simple" ]
>       then
>
>         if [ -f     /var/samba/locks/smbd.pid ]
>         then
>           kill `cat /var/samba/locks/smbd.pid`
>         fi
>
>         if [ -f     /var/samba/locks/nmbd.pid ]
>         then
>           kill `cat /var/samba/locks/nmbd.pid`
>         fi
>
>         sleep 2
>
>         rm -f /var/samba/locks/smbd.pid  /var/samba/locks/nmbd.pid
>
>       else
>
>         if [ -f     /var/samba/$SVR/locks/smbd.pid ]
>         then
>           kill `cat /var/samba/$SVR/locks/smbd.pid`
>         fi
>
>         if [ -f     /var/samba/$SVR/locks/nmbd.pid ]
>         then
>           kill `cat /var/samba/$SVR/locks/nmbd.pid`
>         fi
>
>         sleep 2
>
>         rm -f /var/samba/$SVR/locks/smbd.pid  /var/samba/$SVR/locks/nmbd.pid
>
>       fi
>     done
>   ;;
>
> ## Help-Message
>
>   *)
>     echo "Usage: /etc/init.d/samba { start | stop } [server]*"
>   ;;
> esac
>
> exit 0
>
>   ------------------------------------------------------------------------
> # $Id: smb.conf-zerberos,v 1.35 2002/01/09 19:36:56 ghess Exp $
>
> [global]
>    workgroup               = devil
>    log file                = /var/samba/zerberos/log/%M.%m
>    max log size            = 2500
> ;  socket options          = TCP_NODELAY
> ;  keep alive              = 10
>    log level               = 1
>    syslog                  = 1
>    utmp                    = true
>    utmp directory          = /var/adm
>    lock directory          = /var/samba/zerberos/locks
>    time server             = yes
>
>    bind interfaces only    = true
>    interfaces              = 127.0.0.1/8 \
>                              192.168.18.19/32
>
>    netbios name            = zerberos
>
>    load printers           = false
>    encrypt passwords       = Yes
>    smb passwd file         = /var/samba/zerberos/private/smbpasswd
>    security                = user
>
> ;  I would prefer, that this machine is not a domain-master-browser,
> ;  but it has to, since othewise it would not be accepted by some
> ;  windows clients as the PDC. So sorry. GHess 11-Jan-2002
>
>    os level                = 64
>    local master            = yes
>    domain master           = yes
>    domain admin group      = +winadmin
>    preferred master        = yes
>
> ;  Nevertheless, we try to move (keep) the wins server to the real
> ;  fileserver with samba-2.2.2. GHess 11-Jan-2002
>
>    wins server             = samba1
>    wins support            = no
>    wins proxy              = no
>
>    default case            = lower
>    preserve case           = false
>    short preserve case     = false
>    mangle case             = no
>    case sensitive          = no
>
> ;  apparently it is better to disable oplocks, with 2.2.2 too.
> ;  GHess 11-Jan-2002
>
>    oplocks                 = false
>
> ;  Es wird ein spezielle NIS-MAp für die Heimatverzeichnisse verwendet
>    nis homedir             = true
>    homedir map             = auto.devil
>
> ;  Dies ist der Anmelde-Server!
>    domain logons           = yes
>
> ;  Derzeit genau Ein Logon-Script unter netlogon zu finden
>    logon script            = %M.bat
>
> ;  Die Profiles liegen in den PC-Heimatverzeichnissen
> ;  W95, WfW use logon home
> ;  all use the sharename as Home-Directory
>    logon drive             = Z:
>    logon home              = \\%N\%U\profiles\%a
> ;  logon path is used by NT
>    logon path              = \\%N\%U\profiles\%a
>
> ;  Der netlogon-Dienst muss fuer jedermann lesbar sein
>
> [netlogon]
>    comment                 = Network Logon Scripts
>    path                    = /var/samba/netlogon
>    guest ok                = Yes
>    writable                = no
>    browseable              = yes
>    root preexec            = /var/samba/etc/mklogon.sh %U %M %a %N
>    root preexec close      = true
>    write list              = @winadmin
>
>   ------------------------------------------------------------------------
> # $Id: smb.conf-devil1,v 1.31 2002/01/02 21:34:52 root Exp $
> [global]
>    config file             = /var/samba/etc/smb.conf-%L
>
>    workgroup               = devil
>    log file                = /var/samba/devil1/log/%M.%m
>    max log size            = 2500
>    socket options          = TCP_NODELAY
>    keep alive              = 10
>    log level               = 1
>    syslog                  = yes
>    utmp                    = true
>    utmp directory          = /var/adm
>    lock directory          = /var/samba/devil1/locks
>    time server             = yes
>    host msdfs              = true
>
>    bind interfaces only    = true
>    interfaces              = 192.168.18.20/32
>
>    netbios name            = devil1
>    netbios aliases         = devil2
>
>    load printers           = false
>    encrypt passwords       = Yes
>    smb passwd file         = /var/samba/devil1/private/smbpasswd
>    password server         = zerberos
>    security                = server
>    map to guest            = nobody
>
>    os level                = 64
>    local master            = yes
>    domain master           = no
>    domain admin group      = +winadmin
>    preferred master        = yes
>    wins server             = samba1
>    wins support            = no
>    wins proxy              = no
>
>    default case            = lower
>    preserve case           = false
>    short preserve case     = false
>    mangle case             = no
>    case sensitive          = no
>
> #==================== spezielle Shares des Servers ===========================
>
> [homes]
>    comment              = %u PC-Heimatverzeichnis
>    path                 = /pchome/%u
>    browseable           = yes
>    read only            = no
>    security mask           = 03777
>    directory security mask = 03777
>    inherit permissions     = true
>    invalid users           = root
>
> [common]
>    comment             = Produktions Common Tree
>    path                = /common
>    read only           = no
>    public              = no
>    browseable          = yes
>    security mask           = 03777
>    directory security mask = 03777
>    inherit permissions     = true
>    invalid users           = root





More information about the samba mailing list