[Samba] Solution: Multiple Instancies of Samba on a single System
Bard Bergfald
bard at bergfald.no
Tue Feb 26 01:08:48 GMT 2002
Also note there's a howto on this. Google for the dual head howto :P
Tarjei
Gunther Hess wrote:
> Hi out there,
> i asked the question, how to establish multiple
> Samba-instancies on a single system. Well, nobody made objections
> that this should work and apparently it really works with the following
> setup:
>
> - Compilation (config.status):
> (nothing special about it, except that i enforce the existance
> of /etc/smb.conf for samba to work properly)
>
> ./configure --prefix=/opt/samba-2.2.3a \
> --localstatedir=/var/samba --with-configdir=/etc \
> --with-automount --with-syslog --with-quotas --with-utmp \
> --with-msdfs --with-vfs --with-libsmbclient --with-acl-support
>
> /opt/samba-2.2.3a is a shared, readonly directory on a central
> server, while /etc and /var are local, writable directories
> on different samba-servers.
>
> - Startup/Setup
> - The attached Shell-Script "samba" is my startup/shutdown
> script for the servers.
>
> - /etc/smb.conf-<Server> - is the instance-configuration
>
> - <Server> == zerberos is my PDC, which has an alter-Ego
> /etc/nmb.conf (/etc/nmb.conf is symlinked to /etc/smb.conf-zerberos)
>
> This is due to the fact, that apparently a Samba-PDC does
> not work without a running nmbd, which processes the
> logon-packets. But only one nmbd must run on a single system.
>
> - /etc/smb.conf is a symlink to /etc/smb.conf-zerberos too,
> which is required for smbpasswd to work properly, due to
> my specific compilation.
>
> ## And _never_ name your PDC with the domain-name!!
>
> - Instance-Setups (smb.conf-devil1):
>
> As already seen in the zerberos-configuration, two parameters are
> important to split the working-directories:
>
> log file = /var/samba/devil1/log/%M.%m
> lock directory = /var/samba/devil1/locks
>
> (devil1 has an alter-ego named devil2, which shares his locks
> and logs, what is the reason for the "config file"-parameter
> in the attached file)
>
> And a final note:
>
> Both configurations bind to a single interface (32Bit Mask).
>
> The PDC also binds to the loopback-interface (for smbpasswd
> to work on this system.
>
> Hope that this helps others and sorry for this lengthly mail.
>
> Regards
> Gunther
>
> P.S.: my `ps -axuww | fgrep samba` looks like this after /etc/init.d/samba start
>
> root 22823 0.1 0.2 2488 1912 ? S 23:44:43 0:00 nmbd -D -d 1 -H /etc/lmhosts -l /var/samba/nmb/log -s /etc/nmb.conf
> root 22925 0.0 0.2 3472 1616 ? S 23:46:22 0:00 smbd -D -d 1 -l /var/samba/devil1/log -s /etc/smb.conf-devil1
> root 22848 0.0 0.2 3456 1664 ? S 23:44:44 0:00 smbd -D -d 1 -l /var/samba/zerberos/log -s /etc/smb.conf-zerberos
>
> Gunther Hess wrote:
> >
> > Hi out there,
> > i intend to run multiple Instancies of Samba
> > on a single, multi-homed, server, with each instance bound
> > to a specific (logical) interface.
> >
> > If this works, it would be fine to me.
> > Mainly for administrative Reasons. (You won't believe,
> > but from time to time it becomes necessary to restart
> > some services, but restarting the entire server is a
> > real mess)
> >
> > Well here my questions:
> >
> > - Most important:
> > Can anyone out there tell me, that this is definitely impossible?
> >
> > - Most helpful:
> > Which settings must appear in the Configuration, to split the
> > working-directories? (locks, logs, private-dir and so on)
> >
> > - Very interesting:
> > Has anyone experience with such a configuration?
> >
> > Thanks in advance
> > Gunther
> > --
>
> --
> Dr. Gunther Hess Elmos Semiconductor AG
> Tel.: ++49 +231 7549-520 Heinrich Hertz Str. 1
> Fax: ++49 +231 7549-109 D-44227 Dortmund
> WWW: http://www.elmos.de Opinions are strictly of my own
>
> ------------------------------------------------------------------------
> #! /bin/sh
> # @(#) Start-Script for Samba
> # @(#) $Id: samba,v 1.4 2002/02/25 22:15:33 root Exp root $
>
> # Please send info on modifications to ghess at elmos.de
>
> PRGBASE=/opt/samba-2.2.3a
>
> # CNFBASE is a script-debugging-variable
>
> CNFBASE=""
>
> # if /usr ist not mounted, give up without comments
>
> if [ ! -d /usr/bin ]
> then # /usr not mounted
> exit
> fi
>
> # Gunther's universal Path
>
> PATH="/root/bin:/etc:/usr/local/bin:/opt/bin"
> PATH="/usr/ccs/bin:/usr/ucb:/usr/sbin:/usr/bin:/bin:/sbin:${PATH}"
>
> # /usr/lib is o.k. for Solaris, but not for SunOS or Linux
> # but with Samba it is not crucial
>
> LD_LIBRARY_PATH=/usr/lib
>
> export PATH LD_LIBRARY_PATH
> #
> # Add the Program-Base in front of the Path
> #
> if [ -d "$PRGBASE/bin" ]
> then
> PATH="${PRGBASE}/bin:${PATH}"
> fi
> if [ -d "$PRGBASE/sbin" ]
> then
> PATH="${PRGBASE}/sbin:${PATH}"
> fi
> if [ -d "$PRGBASE/lib" ]
> then
> LD_LIBRARY_PATH="${PRGBASE}/lib:${LD_LIBRARY_PATH}"
> fi
> #
> export PATH LD_LIBRARY_PATH
> #
> # Save the arguments
> #
> OPARG="${1-help}"
> if [ $# -gt 0 ]
> then
> shift
> fi
> SVARG="$*"
> #
> # Which servers do "exist" ?
> #
> SERVERS=""
> for F in $CNFBASE/etc/smb.conf-*
> do
> if [ -f "$F" ]
> then
> SVR="`echo $F | sed -e 's/.*\/etc\/smb.conf-//'`"
> if [ "$SERVERS" = "" -o "$SERVERS" = " " ]
> then
> SERVERS="$SVR"
> else
> SERVERS="$SERVERS $SVR"
> fi
> fi
> done
> if [ "$SERVERS" != "" -a "$SERVERS" != " " ]
> then
> if [ -f $CNFBASE/etc/nmb.conf ]
> then
> SERVERS="nmb $SERVERS"
> fi
> elif [ -f $CNFBASE/etc/smb.conf ]
> then
> SERVERS=simple
> fi
>
> if [ "$SERVERS" = "" -o "$SERVERS" = " " ]
> then
> echo "###"
> echo "### cannot start/stop samba without configuration file(s)"
> echo "### (no /etc/smb.conf and/or /etc/smb.conf-<server>)"
> echo "###"
> exit 1
> fi
>
> if [ "$SVARG" = "" -o "$SVARG" = " " ]
> then
> SVARG="$SERVERS"
> fi
> echo " OPARG=$OPARG"
> echo " SVARG=$SVARG"
> echo "SERVERS=$SERVERS"
>
> # Verify SVARG
>
> set $SVARG
> SVARG=""
> while [ $# -gt 0 ]
> do
> MATCH=false
> for SVR in $SERVERS
> do
> if [ "$1" = "$SVR" ]
> then
> MATCH=true
> if [ "$SVARG" = "" -o "$SVARG" = " " ]
> then
> SVARG="$SVR"
> else
> SVARG="$SVARG $SVR"
> fi
> break
> fi
> done
> if [ "$MATCH" = "false" ]
> then
> echo "### Server $1 is not configured"
> fi
> shift
> done
>
> echo " SVARG=$SVARG"
>
> if [ "$SVARG" = "" -o "$SVRAG" = " " ]
> then
> echo "###"
> echo "### no valid servers specified"
> echo "###"
> exit 1
> fi
>
> # Start/stop processes required for samba server
>
> case "$OPARG" in
>
> # Start Samba-Services
>
> start)
> for SVR in $SVARG
> do
>
> echo "# starting Samba-Server $SVR"
>
> if [ "$SVR" = "simple" ]
> then
> for D in /var/samba \
> /var/samba/log /var/samba/locks /var/samba/private
> do
> mkdir -p $D
> chmod 755 $D
> chown 0 $D
> chgrp 0 $D
> done
> chmod 700 /var/samba/private
> if [ ! -f /var/samba/private/smbpasswd ]
> then
> touch /var/samba/private/smbpasswd
> chmod 700 /var/samba/private/smbpasswd
> fi
>
> rm -f /var/samba/locks/smbd.pid /var/samba/locks/nmbd.pid
>
> smbd -D -d 1 -l /var/samba/log -s $CNFBASE/etc/smb.conf
>
> if [ -f "$CNFBASE/etc/lmhosts" ]
> then
> nmbd -D -d 1 -H $CNFBASE/etc/lmhosts -l /var/samba/log \
> -s $CNFBASE/etc/smb.conf
> else
> nmbd -D -d 1 -l /var/samba/log -s $CNFBASE/etc/smb.conf
> fi
>
> else
>
> for D in /var/samba /var/samba/$SVR \
> /var/samba/$SVR/log /var/samba/$SVR/locks \
> /var/samba/$SVR/private
> do
> mkdir -p $D
> chmod 755 $D
> chown 0 $D
> chgrp 0 $D
> done
> chmod 700 /var/samba/$SVR/private
> if [ ! -f /var/samba/$SVR/private/smbpasswd ]
> then
> touch /var/samba/$SVR/private/smbpasswd
> chmod 700 /var/samba/$SVR/private/smbpasswd
> fi
>
> rm -f /var/samba/$SVR/locks/smbd.pid /var/samba/$SVR/locks/nmbd.pid
>
> if [ "$SVR" = "nmb" ]
> then
> if [ -f "$CNFBASE/etc/lmhosts" ]
> then
> nmbd -D -d 1 -H $CNFBASE/etc/lmhosts -l /var/samba/$SVR/log \
> -s $CNFBASE/etc/nmb.conf
> else
> nmbd -D -d 1 -l /var/samba/$SVR/log -s $CNFBASE/etc/nmb.conf
> fi
>
> else
>
> smbd -D -d 1 -l /var/samba/$SVR/log -s $CNFBASE/etc/smb.conf-$SVR
>
> fi
> fi
> done
> ;;
>
> ## Stop Samba-Services
>
> stop)
> for SVR in $SVARG
> do
>
> echo "# stopping Samba-Server $SVR"
>
> if [ "$SVR" = "simple" ]
> then
>
> if [ -f /var/samba/locks/smbd.pid ]
> then
> kill `cat /var/samba/locks/smbd.pid`
> fi
>
> if [ -f /var/samba/locks/nmbd.pid ]
> then
> kill `cat /var/samba/locks/nmbd.pid`
> fi
>
> sleep 2
>
> rm -f /var/samba/locks/smbd.pid /var/samba/locks/nmbd.pid
>
> else
>
> if [ -f /var/samba/$SVR/locks/smbd.pid ]
> then
> kill `cat /var/samba/$SVR/locks/smbd.pid`
> fi
>
> if [ -f /var/samba/$SVR/locks/nmbd.pid ]
> then
> kill `cat /var/samba/$SVR/locks/nmbd.pid`
> fi
>
> sleep 2
>
> rm -f /var/samba/$SVR/locks/smbd.pid /var/samba/$SVR/locks/nmbd.pid
>
> fi
> done
> ;;
>
> ## Help-Message
>
> *)
> echo "Usage: /etc/init.d/samba { start | stop } [server]*"
> ;;
> esac
>
> exit 0
>
> ------------------------------------------------------------------------
> # $Id: smb.conf-zerberos,v 1.35 2002/01/09 19:36:56 ghess Exp $
>
> [global]
> workgroup = devil
> log file = /var/samba/zerberos/log/%M.%m
> max log size = 2500
> ; socket options = TCP_NODELAY
> ; keep alive = 10
> log level = 1
> syslog = 1
> utmp = true
> utmp directory = /var/adm
> lock directory = /var/samba/zerberos/locks
> time server = yes
>
> bind interfaces only = true
> interfaces = 127.0.0.1/8 \
> 192.168.18.19/32
>
> netbios name = zerberos
>
> load printers = false
> encrypt passwords = Yes
> smb passwd file = /var/samba/zerberos/private/smbpasswd
> security = user
>
> ; I would prefer, that this machine is not a domain-master-browser,
> ; but it has to, since othewise it would not be accepted by some
> ; windows clients as the PDC. So sorry. GHess 11-Jan-2002
>
> os level = 64
> local master = yes
> domain master = yes
> domain admin group = +winadmin
> preferred master = yes
>
> ; Nevertheless, we try to move (keep) the wins server to the real
> ; fileserver with samba-2.2.2. GHess 11-Jan-2002
>
> wins server = samba1
> wins support = no
> wins proxy = no
>
> default case = lower
> preserve case = false
> short preserve case = false
> mangle case = no
> case sensitive = no
>
> ; apparently it is better to disable oplocks, with 2.2.2 too.
> ; GHess 11-Jan-2002
>
> oplocks = false
>
> ; Es wird ein spezielle NIS-MAp für die Heimatverzeichnisse verwendet
> nis homedir = true
> homedir map = auto.devil
>
> ; Dies ist der Anmelde-Server!
> domain logons = yes
>
> ; Derzeit genau Ein Logon-Script unter netlogon zu finden
> logon script = %M.bat
>
> ; Die Profiles liegen in den PC-Heimatverzeichnissen
> ; W95, WfW use logon home
> ; all use the sharename as Home-Directory
> logon drive = Z:
> logon home = \\%N\%U\profiles\%a
> ; logon path is used by NT
> logon path = \\%N\%U\profiles\%a
>
> ; Der netlogon-Dienst muss fuer jedermann lesbar sein
>
> [netlogon]
> comment = Network Logon Scripts
> path = /var/samba/netlogon
> guest ok = Yes
> writable = no
> browseable = yes
> root preexec = /var/samba/etc/mklogon.sh %U %M %a %N
> root preexec close = true
> write list = @winadmin
>
> ------------------------------------------------------------------------
> # $Id: smb.conf-devil1,v 1.31 2002/01/02 21:34:52 root Exp $
> [global]
> config file = /var/samba/etc/smb.conf-%L
>
> workgroup = devil
> log file = /var/samba/devil1/log/%M.%m
> max log size = 2500
> socket options = TCP_NODELAY
> keep alive = 10
> log level = 1
> syslog = yes
> utmp = true
> utmp directory = /var/adm
> lock directory = /var/samba/devil1/locks
> time server = yes
> host msdfs = true
>
> bind interfaces only = true
> interfaces = 192.168.18.20/32
>
> netbios name = devil1
> netbios aliases = devil2
>
> load printers = false
> encrypt passwords = Yes
> smb passwd file = /var/samba/devil1/private/smbpasswd
> password server = zerberos
> security = server
> map to guest = nobody
>
> os level = 64
> local master = yes
> domain master = no
> domain admin group = +winadmin
> preferred master = yes
> wins server = samba1
> wins support = no
> wins proxy = no
>
> default case = lower
> preserve case = false
> short preserve case = false
> mangle case = no
> case sensitive = no
>
> #==================== spezielle Shares des Servers ===========================
>
> [homes]
> comment = %u PC-Heimatverzeichnis
> path = /pchome/%u
> browseable = yes
> read only = no
> security mask = 03777
> directory security mask = 03777
> inherit permissions = true
> invalid users = root
>
> [common]
> comment = Produktions Common Tree
> path = /common
> read only = no
> public = no
> browseable = yes
> security mask = 03777
> directory security mask = 03777
> inherit permissions = true
> invalid users = root
More information about the samba
mailing list