--- /dev/null
+<html>
+<body bgcolor="#ffffff">
+
+<img src="samba2_xs.gif" border="0" alt=" " height="100" width="76"
+hspace="10" align="left" />
+
+<h1 class="head0">Chapter 5. Unix Clients</h1>
+
+<p><a name="INDEX-1"/>In <a href="ch03.html">Chapter 3</a> we showed you how to configure Windows systems
+to access shared resources on both Windows and Samba servers. This
+has probably opened up a whole new world of computing for
+you—one in which you have to run to a Windows system every time
+you want to copy a file between Unix and Windows! In this chapter, we
+will show you the "other
+side"—how to access SMB shares from your
+favorite Unix system.</p>
+
+<p>You can access SMB resources from Unix in three ways, depending on
+your version of Unix. A program included with the Samba distribution
+called <em class="emphasis">smbclient</em><a name="INDEX-2"/> can be used to connect with a share on
+the network in a manner similar to using <em class="emphasis">ftp</em>
+when transferring files to or from an FTP site.</p>
+
+<p>If your system is running Linux, you can use the
+<a name="INDEX-3"/>smbfs
+filesystem to mount SMB shares right onto your Linux filesystem, just
+as you would mount a disk partition or NFS filesystem. The SMB shares
+can then be accessed and manipulated by all programs running on the
+Linux system: command shells, desktop GUI interfaces, and application
+software.</p>
+
+<p>On some BSD-based systems, including Mac OS X, a pair of utilities
+named <em class="emphasis">smbutil</em> <a name="INDEX-4"/>and <em class="emphasis">mount_smbfs</em>
+<a name="INDEX-5"/>can be used to query SMB servers and
+mount shares.</p>
+
+<p>For other Unix variants,
+<em class="emphasis">smbsh</em><a name="INDEX-6"/> can be run to enable common shell
+commands such as <em class="emphasis">cd</em>, <em class="emphasis">ls</em>,
+<em class="emphasis">mv, wc</em>, and <em class="emphasis">grep</em> to access
+and manipulate files and directories on SMB shares. This effectively
+extends the reach of the Unix shell and utilities beyond the Unix
+filesystem and into the SMB network.</p>
+
+<p>All the Unix clients can access shares offered by either Windows
+systems or Samba servers. We have already shown you how to set up a
+share on a Samba server and could use that as an example to work
+with. But it's much more fun to use the Unix clients
+with shares served by Windows systems. So before we start covering
+the Unix clients in detail, we will take a quick detour and show you
+how to set up file shares on both Windows 95/98/Me and Windows
+NT/2000/XP systems.</p>
+
+
+<div class="sect1"><a name="samba2-CHP-5-SECT-1"/>
+
+<h2 class="head1">Sharing Files on Windows 95/98/Me</h2>
+
+<p>When <a name="INDEX-7"/><a name="INDEX-8"/>sharing files on Windows 95/98/Me, you
+can authenticate users in two different ways.
+<a name="INDEX-9"/><a name="INDEX-10"/>Share-level security is the default
+and is easy to use. However, it is not as secure and can require
+users to type in passwords when connecting to shares. User-level
+security offers a better security model and can be used if you have
+either a Samba or Windows NT/2000 server on your network performing
+user authentication.</p>
+
+<p>To configure the type of access control for your system, open the
+Control Panel, double-click the Network icon, then click the Access
+Control tab. You should see the dialog box shown in <a href="ch05.html#samba2-CHP-5-FIG-1">Figure 5-1</a>.</p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-1"/><img src="figs/sam2_0501.gif"/></div><h4 class="head4">Figure 5-1. The Access Control tab of the Windows 98 Network Control Panel window</h4>
+
+<p>Click the "Share-level access
+control" or "User-level access
+control" radio button, depending on which you want
+to use. When using user-level access control, you will also need to
+fill in the name of your workgroup or Windows NT domain. Reboot as
+requested.</p>
+
+<p>To share a folder, right-click the folder's icon and
+select Sharing . . . . This will open the Sharing tab of the
+folder's Properties dialog box. Click the
+"Shared As:" radio button, and fill
+in a name for the share (which defaults to the
+folder's name) and a description, which will be
+visible to client users. If you don't want the share
+to be visible in the Network Neighborhood view of other Windows
+clients, pick a name for the share that ends in a dollar sign
+(<tt class="literal">$</tt>).</p>
+
+<p><a href="ch05.html#samba2-CHP-5-FIG-2">Figure 5-2</a> shows what the Sharing tab of the
+folder's Properties dialog box will look like when
+using share-level security. The security settings are very simple.
+You can select a radio button for read-only access or full
+(read/write) access, or have the user's permissions
+(either read-only or read/write) depend on which password they use.
+In accordance with which you select, you will be asked to assign
+either or both of the read-only and full-access passwords for the
+share.</p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-2"/><img src="figs/sam2_0502.gif"/></div><h4 class="head4">Figure 5-2. The Sharing tab of the folder's Properties dialog, with share-level security</h4>
+
+<p>If your system is configured with user-level security, the Sharing
+tab of the folder's Properties dialog box will look
+like <a href="ch05.html#samba2-CHP-5-FIG-3">Figure 5-3</a>. As you can see,
+we've created a share named
+"DATA", and used the Add . . .
+button to create permissions that allow read-only access for all
+domain users and read/write (full access) for <tt class="literal">jay</tt>.</p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-3"/><img src="figs/sam2_0503.gif"/></div><h4 class="head4">Figure 5-3. The Sharing tab of the folder Properties dialog, with user-level security</h4>
+
+<p>When you are done specifying your settings for the share, click on
+the OK button, and the share will become available to users on
+network clients. Unless you chose a share name ending in a dollar
+sign, you can see it in the Network Neighborhood or My Network Places
+of Windows clients on the network. You can also now use the Unix
+clients described in this chapter to connect to the share.</p>
+
+
+</div>
+
+
+
+<div class="sect1"><a name="samba2-CHP-5-SECT-2"/>
+
+<h2 class="head1">Sharing Files on Windows NT/2000/XP</h2>
+
+<p>To create a file share on <a name="INDEX-11"/><a name="INDEX-12"/><a name="INDEX-13"/><a name="INDEX-14"/>Windows NT/2000/XP, you first must
+log in to the system as any member of the Administrators, Power
+Users, or Server Operators groups. Right-click the icon of a folder
+you wish to share, and click Sharing . . . in the pop-up menu. The
+Sharing tab of the folder's Properties dialog box
+will appear, as shown in <a href="ch05.html#samba2-CHP-5-FIG-4">Figure 5-4</a>. Click the
+"Share this folder" radio button.</p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-4"/><img src="figs/sam2_0504.gif"/></div><h4 class="head4">Figure 5-4. The Sharing tab of the folder's Properties dialog on Windows 2000</h4>
+
+<p>Share name: will default to the name of the folder, and you can
+change it if you want. One reason you might want to use a different
+name for the share is to make the share not appear in browse lists
+(as displayed by the Network Neighborhood, for example). This can be
+done by using a share name ending in a dollar sign
+(<tt class="literal">$</tt>). You can also add a description of the share
+in the Comment: text area. The description will appear to users of
+network clients and can help them understand the contents of the
+share.</p>
+
+<p><a name="INDEX-15"/><a name="INDEX-16"/><a name="INDEX-17"/><a name="INDEX-18"/><a name="INDEX-19"/>By clicking the Permissions button,
+you can set permissions for the share on a user-by-user basis. This
+is equivalent to the user-level security of Windows 95/98/Me file
+sharing. On Windows NT/2000/XP, Microsoft recommends that share
+permissions be set to allow full access by everyone, with the
+permissions controlled on a file-by-file basis using filesystem
+access control lists
+(<a name="INDEX-20"/>ACLs). The actual permissions given
+to network clients are a combination of the share permissions and
+file access permissions. To edit the ACL for the folder, click the
+Security tab. For more information on ACLs, see <a href="ch08.html#samba2-CHP-8-SECT-3">Section 8.3</a> in <a href="ch08.html">Chapter 8</a>.</p>
+
+<p>If you want, you can limit the number of users who can concurrently
+connect to the share using the "User
+limit:" radio button. The New Share button allows
+you to create multiple file shares for the same folder, each having
+its own name, comment, user limit, and other parameters.</p>
+
+<p>When you are done, click the OK button, and the folder will be
+accessible from clients on the network.</p>
+
+
+</div>
+
+
+
+<div class="sect1"><a name="samba2-CHP-5-SECT-3"/>
+
+<h2 class="head1">smbclient</h2>
+
+<p>The Samba Team supplies <em class="emphasis">smbclient</em><a name="INDEX-21"/> as a basic part of the Samba suite. At
+first, it might seem to be a primitive interface to the SMB network,
+but <em class="emphasis">smbclient</em> is actually a versatile tool. It
+can be used for browsing shares on servers, testing configurations,
+debugging, accessing shared printers, backing up shared data, and
+automating administrative tasks in shell scripts. And unlike
+<tt class="literal">smbfs</tt><a name="INDEX-22"/><a name="INDEX-23"/><a name="INDEX-24"/> and <em class="emphasis">smbsh</em>,
+<em class="emphasis">smbclient</em> works on all Unix variants that
+support Samba.</p>
+
+<p>In this chapter we'll focus mostly on running
+<em class="emphasis">smbclient</em> as an interactive shell, using its
+<em class="emphasis">ftp</em>-like commands to access shared directories
+on the network. Using <em class="emphasis">smbclient</em> to access
+printers and perform backups will be covered in <a href="ch10.html">Chapter 10</a>.</p>
+
+<p>A complete reference to <em class="emphasis">smbclient</em> is found in
+<a href="appc.html">Appendix C</a>.</p>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-3.1"/>
+
+<h3 class="head2">Listing Services</h3>
+
+<p><a name="INDEX-25"/>The <em class="emphasis">-L</em> option
+can be used with <em class="emphasis">smbclient</em> to list the resources
+on a single computer. Assuming the Samba server is configured to take
+the role of the master browser, we can obtain a list of the computers
+in the domain or workgroup like this:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient -L toltec</b></tt>
+added interface ip=172.16.1.1 bcast=172.16.1.255 nmask=255.255.255.0
+Password:
+Domain=[METRAN] OS=[Unix] Server=[Samba 2.2.5]
+
+ Sharename Type Comment
+ --------- ---- -------
+ test Disk For testing only, please
+ IPC$ IPC IPC Service (Samba 2.2.5)
+ ADMIN$ Disk IPC Service (Samba 2.2.5)
+
+ Server Comment
+ --------- -------
+ MAYA Windows 98
+ MIXTEC Samba 2.2.5
+ TOLTEC Samba 2.2.5
+ ZAPOTEC
+
+ Workgroup Master
+ --------- -------
+ METRAN TOLTEC</pre></blockquote>
+
+<p>In the column labeled "Server",
+<tt class="literal">maya</tt>, <tt class="literal">mixtec</tt>, and
+<tt class="literal">zapotec</tt> are shown along with toltec, the Samba
+server. The services on <tt class="literal">toltec</tt> are listed under
+"Sharename". The IPC$ and ADMIN$
+shares are standard Windows services that are used for network
+communication and administrative purposes, and
+<em class="filename">test</em> is the directory we added as a share in
+<a href="ch02.html">Chapter 2</a>.</p>
+
+<p>Now that we know the names of computers in the domain, we can list
+services on any of those computers. For example, here is how we would
+list the services offered by <tt class="literal">maya</tt>, a Windows 98
+workstation:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient -L maya</b></tt>
+added interface ip=172.16.1.1 bcast=172.16.1.255 nmask=255.255.255.0
+Password:
+
+
+ Sharename Type Comment
+ --------- ---- -------
+ PRINTER$ Disk
+ HP Printer HP 932C on Maya
+ D Disk D: on Maya
+ E Disk E: on Maya
+
+ ADMIN$ Disk
+ IPC$ IPC Remote Inter Process Communication
+
+ Server Comment
+ --------- -------
+
+ Workgroup Master
+ --------- -------</pre></blockquote>
+
+<p>A shared printer is attached to <tt class="literal">maya</tt>, so we see
+the PRINTER$ administrative service, along with the HP share for the
+printer itself. Also on <tt class="literal">maya</tt> are the D and E
+shares, which allow access across the network to
+<tt class="literal">maya</tt>'s D: and E: drives. It is
+normal for the Server and Workgroup sections to be empty when listing
+services on a Windows client.</p>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-3.2"/>
+
+<h3 class="head2">Authenticating with smbclient</h3>
+
+<p><a name="INDEX-26"/>As with any other SMB client,
+<em class="emphasis">smbclient</em> needs to supply a username and
+password if it is authenticating in a domain environment or if it is
+contacting a Samba server that is set up with user-level security. In
+a workgroup environment, it will at least need a password to use when
+connecting with a password-protected resource.</p>
+
+<p>By default, <em class="emphasis">smbclient</em> uses the username of the
+user who runs it and then prompts for a password. If you are using
+<em class="emphasis">smbclient</em> a lot, you might tire of entering your
+password every time.</p>
+
+<p><em class="emphasis">smbclient</em> supports some alternate methods of
+entering a username and password. The password can be entered on the
+command line, like this:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient //maya/e jayspassword</b></tt></pre></blockquote>
+
+<p>Or both the username and password can be supplied by using the
+<em class="emphasis">-U</em> option, including the username and password
+separated by a percent (<tt class="literal">%</tt>) character:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient //maya/e -U kelly%kellyspassword</b></tt></pre></blockquote>
+
+<p>This method is useful if you are logged in to the system under an
+account that is not Samba-enabled or you are testing your
+configuration to see how it treats another user. With either method,
+you can avoid having to enter the username and/or password each time
+you run <em class="emphasis">smbclient</em> by creating an alias for the
+command or creating a shell function or shell script. For example,
+with the <em class="emphasis">bash</em> shell, it is possible to define a
+function like this:</p>
+
+<blockquote><pre class="code">smbcl( )
+{
+ smbclient $* -U jay%jayspassword
+}</pre></blockquote>
+
+<p>Adding the definition to the shell's startup script
+(which would be <em class="filename">~/.bash_profile</em> for
+<em class="emphasis">bash</em>) would result in the definition affecting
+all subsequent shell invocations.</p>
+
+<p>Another method that can be used to supply both the username and
+password is to set the USER and <a name="INDEX-27"/><a name="INDEX-28"/>PASSWD environment variables. Either
+set the USER environment variable using the
+<em class="replaceable">username</em>%<em class="replaceable">password</em>
+format, or set the USER environment variable to the username, and set
+PASSWD to the user's password.</p>
+
+<p>It is also possible to create a credentials file containing the
+username on the first line and the password on the second line, like
+this:</p>
+
+<blockquote><pre class="code">username = jay
+password = jayspassword</pre></blockquote>
+
+<p>Then, <em class="emphasis">smbclient</em> is run using the
+<em class="emphasis">-A</em> option to specify the name of the file:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient //maya/e -A ~/.smbpw</b></tt></pre></blockquote>
+
+<a name="samba2-CHP-5-NOTE-120"/><blockquote class="note"><h4 class="objtitle">NOTE</h4>
+<p>Of the methods we described in this section, the only one that is
+really secure is the default method of allowing
+<em class="emphasis">smbclient</em><a name="INDEX-29"/> to
+prompt for the password and typing in the password without echoing.</p>
+
+<p>If security is a concern, you definitely should avoid providing your
+password on the command line because it is very easy for
+"shoulder surfers" to obtain, as
+well as anyone who looks through your shell's
+command history.</p>
+
+<p>If you keep your Samba password in a credentials file, shell startup
+file, or shell script, make sure the file's
+permissions prohibit other users from reading or writing it. (Use an
+octal permissions mode of 0600.) Security experts never keep
+passwords in files owned by nonroot users or accessible by anyone
+other than the superuser. As part of their security policy, some
+organizations do not permit passwords to be stored in files, so you
+might want to check first before using this method.</p>
+
+<p>The authentication method that uses the USER and PASSWD environment
+variables isn't any more secure. Environment
+variables are usually set either on the command line or in one or
+more of the shell's startup files, so this method
+suffers from the same weaknesses we've just
+discussed. In addition, any program run by the user has access to the
+shell's environment variables, making a Trojan horse
+attack on the PASSWD variable really easy!</p>
+</blockquote>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-3.3"/>
+
+<h3 class="head2">An Interactive smbclient Session</h3>
+
+<p><a name="INDEX-30"/>A common use for
+<em class="emphasis">smbclient</em> is to use it as an
+<em class="emphasis">ftp</em>-like shell to access SMB resources on the
+network. To begin a session, <em class="emphasis">smbclient</em> must be
+provided with the UNC of a resource (which you can find using the
+<em class="emphasis">-L</em> option) on the command line, like this:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient //maya/e</b></tt>
+added interface ip=172.16.1.3 bcast=172.16.1.255 nmask=255.255.255.0
+Password:
+smb: \></pre></blockquote>
+
+<p>Forward slashes are accepted by <em class="emphasis">smbclient</em> for
+the share's UNC, which makes entering the UNC on the
+command line easier. Backslashes can also be used, but they must be
+quoted or escaped, and it is somewhat more difficult to type
+'<tt class="literal">\\maya\e</tt>' or <tt class="literal">\\\\maya\\e</tt>.
+After connecting to the share, <em class="emphasis">smbclient</em>
+displays the <tt class="literal">smb: \></tt> prompt, waiting for a
+command to be entered. Commands are similar to those with which you
+might be familiar in <em class="emphasis">ftp</em> and are also somewhat
+similar to Unix shell commands. To get a list of
+<em class="emphasis">smbclient</em><a name="INDEX-31"/> commands, use the
+<em class="emphasis">help</em> command:</p>
+
+<blockquote><pre class="code">smb: \> <tt class="userinput"><b>help</b></tt>
+ls dir du lcd cd
+pwd get mget put mput
+rename more mask del open
+rm mkdir md rmdir rd
+prompt recurse translate lowercase print
+printmode queue cancel quit q
+exit newer archive tar blocksize
+tarmode setmode help ? history
+!</pre></blockquote>
+
+<p>Some commands in the previous list are synonyms for other commands.
+For example, the <em class="emphasis">?</em> command is a synonym for
+<em class="emphasis">help</em>. You can give this command the name of
+another command as an argument to get a concise reminder of what the
+command does and how to use it:</p>
+
+<blockquote><pre class="code">smb: \> <tt class="userinput"><b>? ls</b></tt>
+HELP ls:
+ <mask> list the contents of the current directory</pre></blockquote>
+
+<p>The term <tt class="literal"><mask></tt> refers to a file-matching
+pattern as commonly found in Unix shells and utilities. For example:</p>
+
+<blockquote><pre class="code">smb: \> <tt class="userinput"><b>ls *doc</b></tt>
+ ms-ProfPol-wp.doc A 131 Tue Dec 18 09:12:34 2002
+ smbclient.doc A 33969 Mon Dec 10 20:22:24 2002
+ smbmount.doc A 7759 Mon Dec 10 20:20:00 2002
+
+ 48590 blocks of size 524288. 40443 blocks available</pre></blockquote>
+
+<p>lists all files ending in "doc" in
+the current directory on the remote system. In the listing, the
+leftmost column shows the filename. Moving left to right, we see the
+file's MS-DOS attributes, then its size, and the
+time it was last modified.</p>
+
+<p>As with any other Unix utility, <em class="emphasis">smbclient</em> has a
+working directory on the local host. It also has another current
+directory on the remote SMB share. With
+<em class="citetitle">smbclient</em>, the <em class="emphasis">cd</em> command
+is used to move around on the remote system:</p>
+
+<blockquote><pre class="code">smb: \> <tt class="userinput"><b>cd trans </b></tt>
+smb: \trans\></pre></blockquote>
+
+<p>Notice how the prompt changes to reflect the new current working
+directory. To change your current directory on the local system, use
+the <em class="emphasis">lcd</em> command:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>lcd /u/snd</b></tt>
+the local directory is now /u/snd</pre></blockquote>
+
+<p>Most of <em class="emphasis">smbclient</em>'s commands
+are for performing operations on remote files and directories. There
+is no command for listing the contents of the local directory.
+However, <em class="emphasis">smbclient</em> allows a shell escape. Any
+command preceded by an exclamation point (<tt class="literal">!</tt>) is
+interpreted as a shell command and is run in a subshell on the local
+system. For example:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>! ls -l</b></tt>
+total 16
+drwxrwxr-x 2 jay jay 4096 Jan 10 14:46 dr220-fet
+drwxrwxr-x 2 jay jay 4096 Sep 22 12:16 dr220-tube
+-rw-rw-r-- 1 jay jay 131 Jan 10 02:22 readme.txt
+drwxrwxr-x 7 jay jay 4096 Jan 10 02:19 xl1</pre></blockquote>
+
+<p>lists the contents of <em class="filename">/u/snd</em>. By using
+<em class="emphasis">smbclient</em>'s commands to operate
+on the remote system—and shell-escaped commands to operate on
+the local system—it is possible to manipulate data on both
+systems without having to exit <em class="emphasis">smbclient</em> or open
+another shell window.</p>
+
+<p><a name="INDEX-32"/><a name="INDEX-33"/>File transfer is performed using
+the <em class="emphasis">get</em> and
+<em class="emphasis">put</em><a name="INDEX-34"/><a name="INDEX-35"/> commands. The <em class="emphasis">get</em>
+command transfers a single file from the remote to the local system,
+and the <em class="emphasis">put</em> command copies a file from the local
+to the remote system. For example, the following command copies the
+file <em class="filename">readme.txt</em> to the SMB share:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>put readme.txt</b></tt>
+putting file readme.txt as \trans\readme.txt (127.9 kb/s) (average 10.7 kb/s)</pre></blockquote>
+
+<a name="samba2-CHP-5-NOTE-121"/><blockquote class="note"><h4 class="objtitle">NOTE</h4>
+<p>Unlike <em class="emphasis">ftp</em>, <em class="emphasis">smbclient</em> does
+not have <em class="emphasis">ascii</em> and <em class="emphasis">binary</em>
+commands to set the type of the file that is being transferred.
+Before transferring a text file from a Unix system to a Windows or
+Macintosh system, you might want to use the GNU
+<em class="emphasis">unix2dos</em><a name="INDEX-36"/> command to reformat newlines in the
+file to work with the carriage return linefeed (CRLF) standard:</p>
+
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>unix2dos text_file >text_file.txt</b></tt></pre></blockquote>
+
+
+<p>and then transfer the CRLF-formatted version. After transferring a
+text file from a Windows or Macintosh system to Unix, you can use the
+GNU <em class="emphasis">dos2unix</em><a name="INDEX-37"/> command to perform the inverse
+operation:</p>
+
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>dos2unix text_file.txt >text_file</b></tt></pre></blockquote>
+</blockquote>
+
+<p>To transfer more than one file with a single command, you can use the
+<em class="emphasis">mget</em><a name="INDEX-38"/><a name="INDEX-39"/> and <em class="emphasis">mput</em> commands,
+which accept a list of filenames in the command line. The list can be
+provided by typing in the filenames on the command line separated by
+spaces, or the group of files can be specified with a pattern as one
+would use in Unix shell commands. The command:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>mget plain/*</b></tt></pre></blockquote>
+
+<p>copies all the files in the directory <em class="filename">plain</em> on
+the SMB share to the current directory on the local system. By
+default, <em class="emphasis">smbclient</em> prompts for each file, asking
+if you want to copy it:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>mget plain/*</b></tt>
+Get file tomm.wav? n
+Get file toml.wav? n
+Get file tomh.wav? n
+Get file snare.wav? n
+Get file rim.wav? n
+Get file handclap.wav? n
+Get file bassdrum.wav? n</pre></blockquote>
+
+<p>If you are sure you want to copy all the files, you can turn off
+prompting with the <em class="emphasis">prompt</em> command, like this:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>prompt</b></tt>
+prompting is now off</pre></blockquote>
+
+<p>By default, if you specify the name of a directory,
+<em class="emphasis">smbclient</em> will not copy the contents of the
+directory. To transfer the entire contents of directories listed in
+the <em class="emphasis">mput</em> or <em class="emphasis">mget</em> command,
+you must first use the <em class="emphasis">recurse</em> command:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>recurse</b></tt>
+directory recursion is now on</pre></blockquote>
+
+<p>After setting things up with the
+<em class="emphasis">prompt</em><a name="INDEX-40"/><a name="INDEX-41"/> and <em class="emphasis">recurse</em>
+commands, we can copy a directory like this:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>mget acc</b></tt>
+getting file tomm.wav of size 55494 as tomm.wav (2580.6 kb/s) (average 2087.3 kb/s)
+getting file toml.wav of size 57220 as toml.wav (2660.9 kb/s) (average 2167.6 kb/s)
+getting file tomh.wav of size 55936 as tomh.wav (2601.2 kb/s) (average 2220.8 kb/s)
+getting file snare.wav of size 22132 as snare.wav (1200.7 kb/s) (average 2123.7 kb/s)
+getting file rim.wav of size 8314 as rim.wav (1623.8 kb/s) (average 2110.8 kb/s)
+getting file handclap.wav of size 14180 as handclap.wav (1978.2 kb/s) (average 2106.2
+kb/s)
+getting file bassdrum.wav of size 6950 as bassdrum.wav (2262.3 kb/s) (average 2108.5
+kb/s)</pre></blockquote>
+
+<p><a name="INDEX-42"/>Directory recursion applies to all
+commands, so if an <em class="emphasis">ls</em> command is used while
+directory recursion is on, all files in the directory tree are
+listed. To turn directory recursion off again, simply re-enter the
+command. At the same time, you might also wish to toggle prompting
+back to its initial state:</p>
+
+<blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>recurse</b></tt>
+directory recursion is now off
+smb: \trans\> <tt class="userinput"><b>prompt</b></tt>
+prompting is now on</pre></blockquote>
+
+<p>There are other <em class="emphasis">smbclient</em> commands that you
+might find useful. The <em class="emphasis">mkdir</em> command can be used
+to create a directory; <em class="emphasis">rmdir</em> removes a
+directory; <em class="emphasis">rm</em> deletes a file; and
+<em class="emphasis">rename</em> changes a file's name.
+These behave very similarly to their Unix shell counterparts. <a href="appc.html">Appendix C</a> contains a complete reference to
+<em class="emphasis">smbclient</em> and its command set.</p>
+
+<p>To exit <em class="emphasis">smbclient</em>, use the
+<em class="emphasis">exit</em> or <em class="emphasis">quit</em> command:</p>
+
+<a name="INDEX-43"/><blockquote><pre class="code">smb: \trans\> <tt class="userinput"><b>quit </b></tt></pre></blockquote>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-3.4"/>
+
+<h3 class="head2">Programming with smbclient</h3>
+
+<p><a name="INDEX-44"/>The <em class="emphasis">-c</em> option
+<em class="emphasis">of smbclient</em> allows a list of commands to be
+passed on the command line. To copy the file
+<em class="filename">\\maya\e\trans\readme.txt</em> to
+<em class="filename">/u/snd/readme.txt</em>, we might use the command:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbclient //maya/e -c "lcd /u/snd; cd trans; get readme.txt" -A ~/.smbpw</b></tt></pre></blockquote>
+
+<p>Everything that <em class="emphasis">smbclient</em> needs to know to
+perform the operation has been specified in the command. There is no
+interactive session, so a command such as this can be placed inside a
+shell script or a program in some other programming language.</p>
+
+<p>By using <em class="emphasis">smbclient</em> in this manner, it is
+possible to create customized commands using shell functions, scripts
+or aliases. For example, suppose we wanted a command to print a short
+listing of files in a shared directory, showing just the names of the
+files. Using a <em class="emphasis">bash</em> function, we could define a
+command <em class="emphasis">smbls</em> as follows:</p>
+
+<blockquote><pre class="code">smbls( )
+{
+ share=`echo $1 | cut -d '/' -f '1-4'`
+ dir=`echo $1 | cut -d '/' -f '5-'`
+ smbclient $share -c "cd $dir; ls" -A ~/.smbpw | \
+ grep "^ " | cut -d ' ' -f 3 - | sort
+}</pre></blockquote>
+
+<p>After defining this function, we can use <em class="emphasis">smbls</em>
+like this:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbls //maya/e</b></tt>
+CD-images
+lectures
+ms-ProfPol-wp.doc
+profile-map
+readme.txt
+RECYCLED
+smbclient.doc
+smbmount.doc
+smbsh.txt
+trans
+$ <tt class="userinput"><b>smbls //maya/e/lectures</b></tt>
+.
+..
+lecture1.mp3
+lecture2.mp3
+lecture3.mp3
+lecture4.mp3
+lecture5.mp3
+lecture6.mp3
+lecture7.mp3
+lecture8.mp3
+lecture9.mp3</pre></blockquote>
+
+<p>Another use for <em class="emphasis">smbclient</em> in scripts is
+performing administrative tasks. Suppose a group of users on Windows
+clients are sharing a set of files as part of a project on which they
+are working. Instead of expecting them to coordinate making daily
+backups, we could write a script that copies the share to the Samba
+server and run the script nightly as a cron job. The directory on the
+Samba server could be shared as well, allowing any of the users to
+retrieve a backup file on their own, without having to bother an
+administrator.</p>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-3.5"/>
+
+<h3 class="head2">Backups with smbclient</h3>
+
+<p>A major use of <em class="emphasis">smbclient</em><a name="INDEX-45"/><a name="INDEX-46"/> is to create and restore backups of
+SMB file shares. The backup files <em class="emphasis">smbclient</em>
+writes are in tar format, making them easy to work with and portable
+among all Unix versions. Using <em class="emphasis">smbclient</em> on a
+Unix server to run network backups can result in a more centralized
+and easily managed solution for providing data integrity because both
+SMB shares and NFS filesystems can be backed up on the same system.</p>
+
+<p>You can use <em class="emphasis">smbclient</em> to perform backups in two
+ways. When backing up an entire share, the simplest method is to use
+the <em class="emphasis">-Tc</em> option on the command line:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbclient //maya/e -A samba-domain-pw -Tc >maya-e.tar</b></tt></pre></blockquote>
+
+<p>This will create a tar archive of the <em class="filename">\\maya\e</em>
+share in the file <em class="filename">maya-e.tar</em>. By using the
+<em class="emphasis">-D</em> option, it is possible to back up a directory
+in the share, rather than the whole share:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbclient //maya/e -A samba-domain-pw -D trans -Tc >maya-e.tar</b></tt></pre></blockquote>
+
+<p>This causes <em class="emphasis">smbclient</em> to change its working
+directory to the <em class="filename">trans</em> directory of the
+<em class="filename">\\maya\e</em> share before starting the backup. It is
+also possible to use
+<em class="emphasis">smbclient</em>'s
+<em class="emphasis">tar</em> command in interactive mode, like this:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbclient //maya/e </b></tt>
+added interface ip=172.16.1.3 bcast=172.16.1.255 nmask=255.255.255.0
+Password:
+smb: \> <tt class="userinput"><b>cd trans</b></tt>
+smb: \trans\> <tt class="userinput"><b>tarmode full hidden system quiet</b></tt>
+smb: \trans\> <tt class="userinput"><b>tar c maya-e-trans.tar</b></tt></pre></blockquote>
+
+<p>With the previous code, only the <em class="emphasis">trans</em>
+subdirectory in the <em class="emphasis">\\maya\e</em> share will be
+backed up, using the settings specified in the
+<em class="emphasis">tarmode</em> command. To have this type of backup run
+automatically from a script, use the <em class="emphasis">-c</em> option:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbclient //maya/e -A samba-domain-pw -c "cd trans; tarmode full hidden \</b></tt>
+<tt class="userinput"><b> system quiet; tar >maya-e-trans.tar"</b></tt></pre></blockquote>
+
+<p>Using either the <em class="emphasis">-T</em> command-line option or
+<em class="emphasis">smbclient</em>'s
+<em class="emphasis">tar</em> command, additional options can be supplied.
+It is necessary to specify either the <em class="emphasis">c</em> option
+to create a backup archive or the <em class="emphasis">x</em> option to
+extract (restore) one.<a name="FNPTR-1"/><a href="#FOOTNOTE-1">[1]</a> </p>
+
+<p>The other options can be appended to the option string
+and are explained in the section on <em class="emphasis">smbclient</em> in
+<a href="appc.html">Appendix C</a>. They allow you to create incremental
+backups, specify which files to include or exclude from the backup,
+and specify a few other miscellaneous settings. For example, suppose
+we wish to create an incremental backup of a share and reset the
+archive bit on the files to set things up for the next incremental
+backup. Instead of using the interactive commands:</p>
+
+<blockquote><pre class="code">smb: \> <tt class="userinput"><b>tarmode inc reset quiet</b></tt>
+smb: \> <tt class="userinput"><b>tar c backup.tar</b></tt></pre></blockquote>
+
+<p>we could either use the interactive command:</p>
+
+<blockquote><pre class="code">smb: \> <tt class="userinput"><b>tar cgaq backup.tar</b></tt></pre></blockquote>
+
+<p>or specify the <em class="emphasis">-Tcgaq</em> option on the
+<em class="emphasis">smbclient</em> command line.</p>
+
+<p>Your best strategy for using <em class="emphasis">smbclient</em> for
+network backups depends on your local configuration. If you have only
+a few Windows systems sharing a small amount of data, you might
+create a script containing <em class="emphasis">smbclient -Tc</em>
+commands to back up each share to a separate tar file, placing the
+files in a directory that is included with regular backups of the
+Unix system. If you have huge SMB shares on your network, you might
+prefer to write the backup directly to a tape drive. You can do this
+with <em class="emphasis">smbclient</em> just as you would with a Unix
+<em class="emphasis">tar</em> command:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbclient //maya/d -A samba-domain-pw -Tc >/dev/tape</b></tt></pre></blockquote>
+
+<p>After you have become more familiar with
+<em class="emphasis">smbclient</em> and have an automated backup system in
+place, you might find that using Samba has dramatically decreased
+your anxiety regarding the integrity of your
+network's data. The authors of this book are
+experienced Unix system administrators, and we highly recommend
+having a backup strategy that has been carefully planned,
+implemented, and most importantly, <em class="emphasis">tested and known to work
+as it is supposed to</em>.</p>
+
+
+</div>
+
+
+</div>
+
+
+
+<div class="sect1"><a name="samba2-CHP-5-SECT-4"/>
+
+<h2 class="head1">smbfs</h2>
+
+<p>On Linux, the <a name="INDEX-47"/>smbfs filesystem can be used to mount
+SMB shares onto the Linux filesystem in a manner similar to mounting
+disk partitions on NFS filesystems. The result is so transparent that
+users on the Linux system might never be aware that they are
+accessing files through a Windows or Samba server. Files and
+directories appear as any other files or directories on the local
+Linux system, although there are a few differences in behavior
+relating to ownership and permissions.<a name="FNPTR-2"/><a href="#FOOTNOTE-2">[2]</a></p>
+
+<p>Although smbfs is based on the Samba code, it is not itself part of
+the Samba distribution. Instead, it is included with Linux as a
+standard part of the Linux filesystem support.</p>
+
+<p>The <em class="emphasis">smbmount</em> and
+<em class="emphasis">smbmnt</em><a name="INDEX-48"/> programs are part of the Samba
+distribution and are needed on the client to mount smbfs filesystems.
+Samba must be compiled with the <tt class="literal">--with-smbmount</tt>
+configure option to make sure these programs are compiled. They refer
+to <em class="filename">smb.conf</em> for information they need regarding
+the local system and network configuration, so you will need a
+working <em class="filename">smb.conf</em><a name="INDEX-49"/><a name="INDEX-50"/>
+file on the system, even if it is not acting as a Samba server.
+ <a name="INDEX-51"/><a name="INDEX-52"/><a name="INDEX-53"/></p>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-4.1"/>
+
+<h3 class="head2">Mounting an smbfs Filesystem</h3>
+
+<p>The <em class="emphasis">smbmount</em><a name="INDEX-54"/> command is used to mount an smbfs
+filesystem into the Linux filesystem. The basic usage is:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbmount </b></tt><em class="replaceable">Share-UNC mount-point</em><tt class="userinput"><b> -o </b></tt><em class="replaceable">options</em></pre></blockquote>
+
+<p>Replace <em class="replaceable">Share-UNC</em> with the UNC for the SMB
+share, and <em class="replaceable">mount-point</em> with the full path
+to the directory in the Linux filesystem to use as the mount point.
+The <em class="replaceable">options</em> argument is used to set the
+exact manner in which the share is mounted. Let's
+look at an example of a <em class="emphasis">smbmount</em> command:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>smbmount //maya/e /smb/e \</b></tt>
+<tt class="userinput"><b> -o "credentials=/home/jay/.smbpw,uid=jay,gid=jay,fmask=664,dmask=775"</b></tt></pre></blockquote>
+
+<p>Here we are mounting share <em class="filename">\\maya\e</em> from a
+Windows 98 system on the mount point <em class="filename">/smb/e</em> on
+the Linux system.</p>
+
+<a name="samba2-CHP-5-NOTE-122"/><blockquote class="note"><h4 class="objtitle">NOTE</h4>
+<p>If your Linux kernel doesn't include smbfs support,
+you will get the error message:</p>
+
+<blockquote><pre class="code">ERROR: smbfs filesystem not supported by the kernel</pre></blockquote>
+
+
+<p>In this case, you must configure and compile a new kernel to include
+support for smbfs. When smbfs is installed, and an SMB share is
+mounted, you can run the command:</p>
+
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>cat /proc/filesystems</b></tt></pre></blockquote>
+
+<p>and see a line that looks like:</p>
+
+<blockquote><pre class="code">nodev smbfs</pre></blockquote>
+
+
+<p>in the command's output.</p>
+</blockquote>
+
+<p>The mount point must exist before <em class="emphasis">smbmount</em> is
+run and can be created using the <em class="emphasis">mkdir</em> command:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>mkdir /smb/e</b></tt></pre></blockquote>
+
+<p>The argument to the <em class="emphasis">-o</em> option might look a
+little complex. It is a comma-separated list of
+<em class="replaceable">key</em><tt class="literal">=</tt><em class="replaceable">value</em>
+pairs. The <tt class="literal">credentials</tt> key is set to the name of
+the credentials file, which is used to give
+<em class="emphasis">smbmount</em> a valid username and password with
+which to authenticate while connecting to the share. The format is
+identical to that used by <em class="emphasis">smbclient</em> (as
+explained in the previous section), so you can use the same
+credentials file for both clients. If you want, you can use the
+<em class="replaceable">key</em>=<em class="replaceable">value</em> pair
+<tt class="literal">username</tt>=<em class="replaceable">name</em>%<em class="replaceable">password</em>
+to specify the username and password directly in the
+<em class="emphasis">smbmount</em> command, although this is considerably
+less secure.</p>
+
+<a name="samba2-CHP-5-NOTE-123"/><blockquote class="note"><h4 class="objtitle">TIP</h4>
+<p>The <em class="emphasis">smbmount</em> command accepts the same
+authentication methods as <em class="emphasis">smbclient</em>. The
+comments in the section on <em class="emphasis">smbclient</em> regarding
+supplying passwords on the command line—and keeping passwords
+in files and environment variables—also apply here.</p>
+</blockquote>
+
+<p>The rest of the options tell <em class="emphasis">smbmount</em> how to
+translate between the SMB filesystem and the Unix filesystem, which
+differ in their handling of ownership and permissions. The
+<em class="emphasis">uid</em> and <em class="emphasis">gid</em> options specify
+the owner and group to be assigned to all directories and files in
+the mounted share.</p>
+
+<p>The <em class="emphasis">fmask</em><a name="INDEX-55"/> and
+<em class="emphasis">dmask</em><a name="INDEX-56"/> options specify
+<a name="INDEX-57"/>bitmasks for
+permissions of files and directories, respectively. These bitmasks
+are logically ANDed with whatever permissions are granted by the
+server to create the effective permissions on the client Unix system.
+On the server side, the permissions granted depend on the
+server's operating system. For a Windows 95/98/Me
+server using share-mode security, the MS-DOS read-only attribute can
+be set on individual files and directories and combined with the Full
+Access or Read Only permissions on the share as a whole. In
+user-level security mode, Windows 95/98/Me can have ACL-like
+permissions applied to the entire share, as discussed in <a href="ch04.html">Chapter 4</a>. Windows NT/2000/XP support ACLs on individual
+files and directories, with Full Control, Change, or Read permissions
+that can be applied to the entire share. If the server is a Samba
+server, the permissions are whatever is defined by the Samba share
+and the local Unix system for the individual files and directories.
+In every case, the permissions applied to the share act to further
+limit access, beyond what is specified for the individual files and
+directories.</p>
+
+<a name="samba2-CHP-5-NOTE-124"/><blockquote class="note"><h4 class="objtitle">TIP</h4>
+<p>You might think that the <em class="emphasis">fmask</em> and
+<em class="emphasis">dmask</em> permission masks can be used only to
+reduce the effective permissions on files and directories, but this
+is not always the case. For example, suppose that a file is being
+shared by a Windows 95/98/Me server using share-mode security and
+that some number of users have been given the Full Access password
+for the share. If the share is mounted with
+<em class="emphasis">smbmount</em> using an <em class="emphasis">fmask</em> of
+666, read/write permissions are granted on the Unix system not only
+for the owner, but for everyone else on the Unix system as well!</p>
+</blockquote>
+
+<p>After mounting the <em class="filename">\\maya\d</em> share to
+<em class="filename">/smb/e</em>, here is what the contents of
+<em class="filename">/smb/e</em> look like:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>cd /smb/e ; ls -l</b></tt>
+total 47
+drwxrwxr-x 1 jay jay 512 Jan 8 20:21 CD-images
+drwxrwxr-x 1 jay jay 512 Jan 6 21:50 lectures
+-rw-rw-r-- 1 jay jay 131 Dec 18 09:12 ms-ProfPol-wp.doc
+-rw-rw-r-- 1 jay jay 59 Dec 18 09:12 profile-map
+-rw-rw-r-- 1 jay jay 131 Jan 15 05:01 readme.txt
+drwxrwxr-x 1 jay jay 512 Feb 4 2002 RECYCLED
+-rw-rw-r-- 1 jay jay 33969 Dec 10 20:22 smbclient.doc
+-rw-rw-r-- 1 jay jay 7759 Dec 10 20:20 smbmount.doc
+-rw-rw-r-- 1 jay jay 1914 Dec 10 20:17 smbsh.txt
+drwxrwxr-x 1 jay jay 512 Jan 10 03:54 trans</pre></blockquote>
+
+<p>For the most part, the files and directories contained in the mounted
+smbfs filesystem will work just like any others, except for
+limitations imposed by the nature of SMB networking. For example, not
+even the superuser can perform the operation:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>chown root lectures</b></tt>
+chown: changing ownership of 'lectures': Operation not permitted</pre></blockquote>
+
+<p>because SMB shares do not intrinsically support the idea of
+ownership. Some odd behaviors can result from this. For example, the
+command:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>chmod 777 readme.txt</b></tt></pre></blockquote>
+
+<p>does not produce an error message, although nothing has been changed.
+The file <em class="filename">readme.txt</em> still has permissions set to
+664:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>ls -l readme.txt</b></tt>
+-rw-rw-r-- 1 jay jay 131 Jan 15 05:01 readme.txt</pre></blockquote>
+
+<p>Aside from little things such as these, the mounted smbfs filesystem
+can be used in conjunction with virtually any application, and you
+might be pleasantly surprised at how nicely it integrates with your
+Linux-based computing environment. You can even create symbolic links
+in the Unix filesystem, pointing to files and directories inside SMB
+shares. However, unless the server is a Samba server that supports
+Unix CIFS extensions, you will not be able to create a symbolic link
+inside the mounted smbfs filesystem.</p>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-4.2"/>
+
+<h3 class="head2">Mounting smbfs Filesystems Automatically</h3>
+
+<p><a name="INDEX-58"/>As with other types of
+filesystems, an smbfs filesystem can be mounted automatically during
+system bootup by creating an entry for it in
+<em class="filename">/etc/fstab</em>. The format for the entry is as
+follows:</p>
+
+<blockquote><pre class="code"><em class="replaceable">Share-UNC mount-point</em> smbfs <em class="replaceable">options</em> 0 0</pre></blockquote>
+
+<p>Replace <em class="replaceable">Share-UNC</em> with the UNC of the
+share (using the forward slash format), and replace
+<em class="replaceable">mount-point</em> with the name of the directory
+in the Linux filesystem on which the share will be mounted. In place
+of <em class="replaceable">options</em>, simply use the string that you
+used with the <em class="emphasis">-o</em> flag in the
+<em class="emphasis">smbmount</em> command.</p>
+
+<p>Once you have found the arguments to use with the
+<em class="emphasis">smbmount</em> command to mount the share the way you
+like it, it is a very simple matter to create the entry for
+<em class="filename">/etc/fstab</em>. The <em class="emphasis">smbmount</em>
+command we used to mount the share <em class="filename">\\maya\e</em> on
+<em class="filename">/smb/e</em> would translate to this
+<em class="filename">/etc/fstab</em> entry:</p>
+
+<blockquote><pre class="code">//maya/e /smb/e smbfs
+credentials=/home/jay/.smbpw,uid=jay,gid=jay,fmask=664,dmask=775 0 0
+
+<i class="lineannotation">(Please note that this should all go on one line.)</i></pre></blockquote>
+<a name="samba2-CHP-5-NOTE-125"/><blockquote class="note"><h4 class="objtitle">WARNING</h4>
+<p>If you make a mistake in modifying
+<em class="filename">/etc/fstab</em><a name="INDEX-59"/><a name="INDEX-60"/>, your system might not
+reboot properly, and you might be forced to boot into single-user
+mode to fix the problem. Before you edit
+<em class="filename">/etc/fstab</em>, be sure to make a backup copy of it,
+and be prepared to recover your system if anything goes wrong.</p>
+</blockquote>
+
+<p>Once the entry has been added, the system will automatically mount
+the share when booting. Or, the system administrator can manually
+mount or unmount the share with commands such as these:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>mount /smb/e</b></tt>
+# <tt class="userinput"><b>umount /smb/e</b></tt></pre></blockquote>
+
+<a name="samba2-CHP-5-NOTE-126"/><blockquote class="note"><h4 class="objtitle">TIP</h4>
+<p>It is possible to use <em class="emphasis">mount</em> and
+<em class="emphasis">umount</em> by giving them the UNC for the share
+using forward slashes, as in our <em class="filename">/etc/fstab</em>
+entry. However, be careful about this. A share might be listed more
+than once in <em class="filename">/etc/fstab</em> so that it can be
+mounted at more than one place in the Linux filesystem. If you use
+the UNC to specify the share you wish to mount or unmount, you might
+cause it to be mounted or unmounted at another mount point from the
+one you intended.</p>
+</blockquote>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-4.3"/>
+
+<h3 class="head2">Common smbmount Options</h3>
+
+<p><a href="ch05.html#samba2-CHP-5-TABLE-1">Table 5-1</a> lists
+<em class="replaceable">key</em><tt class="literal">=</tt><em class="replaceable">value</em>
+pairs that can be used with the <em class="emphasis">-o</em> option of
+<em class="emphasis">smbmount</em> or in the options field of the
+<em class="filename">/etc/fstab</em> entry for the smbfs filesystem. See
+the <em class="emphasis">smbmount</em> manual page for a complete list of
+options.</p>
+
+<a name="samba2-CHP-5-TABLE-1"/><h4 class="head4">Table 5-1. smbmount options</h4><table border="1">
+
+
+
+
+<tr>
+<th>
+<p>Key</p>
+</th>
+<th>
+<p>Value</p>
+</th>
+<th>
+<p>Function</p>
+</th>
+</tr>
+
+
+<tr>
+<td>
+<p><tt class="literal">username</tt></p>
+</td>
+<td>
+<p>string</p>
+</td>
+<td>
+<p>Provides the username, and optionally the password and workgroup, for
+authentication.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">password</tt></p>
+</td>
+<td>
+<p>string</p>
+</td>
+<td>
+<p>Provides the share or domain password, if it hasn't
+been supplied by another means.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">credentials</tt></p>
+</td>
+<td>
+<p>string</p>
+</td>
+<td>
+<p>Name of file containing the username and password.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">uid</tt></p>
+</td>
+<td>
+<p>string or numeric</p>
+</td>
+<td>
+<p>User ID to apply to all files and directories of the mounted share.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">gid</tt></p>
+</td>
+<td>
+<p>string or numeric</p>
+</td>
+<td>
+<p>Group ID to apply to all files and directories of the mounted share.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">fmask</tt></p>
+</td>
+<td>
+<p>numeric</p>
+</td>
+<td>
+<p>Permissions to apply to files. Default is based on current umask.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">dmask</tt></p>
+</td>
+<td>
+<p>numeric</p>
+</td>
+<td>
+<p>Permissions to apply to directories. Default is based on current
+umask.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">debug</tt></p>
+</td>
+<td>
+<p>numeric</p>
+</td>
+<td>
+<p>Debug level.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">workgroup</tt></p>
+</td>
+<td>
+<p>string</p>
+</td>
+<td>
+<p>Name of workgroup of remote server.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">guest</tt></p>
+</td>
+<td>
+<p>(none)</p>
+</td>
+<td>
+<p>Suppresses password prompt.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">ro</tt></p>
+</td>
+<td>
+<p>(none)</p>
+</td>
+<td>
+<p>Mount read-only.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">rw</tt></p>
+</td>
+<td>
+<p>(none)</p>
+</td>
+<td>
+<p>Mount read/write. This is the default.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><tt class="literal">ttl</tt></p>
+</td>
+<td>
+<p>numeric</p>
+</td>
+<td>
+<p>Amount of time to cache the contents of directories. Defaults to 1000
+ms <a name="INDEX-62"/>.</p>
+</td>
+</tr>
+
+</table>
+
+
+</div>
+
+
+</div>
+
+
+
+<div class="sect1"><a name="samba2-CHP-5-SECT-5"/>
+
+<h2 class="head1">smbsh</h2>
+
+<p>The <em class="emphasis">smbsh</em><a name="INDEX-63"/> program is part of the Samba suite and
+works on some, but not all, Unix variants.<a name="FNPTR-3"/><a href="#FOOTNOTE-3">[3]</a> Effectively, it adds a wrapper around the
+user's command shell, enabling it and common Unix
+utilities to work on files and directories in SMB shares, in addition
+to files and directories in the local Unix filesystem. From the
+user's perspective, the effect is that of a
+simulated mount of the SMB shares onto the Unix filesystem.</p>
+
+<p><em class="emphasis">smbsh</em> works by running the shell and programs
+run from it in an environment in which calls to the standard C
+library are redirected to the
+<em class="emphasis">smbwrapper</em><a name="INDEX-64"/> library, which has support for
+operating on SMB shares. This redirection can work only if the
+program being run is dynamically linked. Fortunately, modern Unix
+versions ship with most common utilities linked dynamically rather
+than statically.</p>
+
+<a name="samba2-CHP-5-NOTE-127"/><blockquote class="note"><h4 class="objtitle">TIP</h4>
+<p>To determine whether a program is dynamically or statically linked,
+try using the <em class="emphasis">file</em> command.</p>
+</blockquote>
+
+<p>To use <em class="emphasis">smbsh</em>, your Samba installation must be
+configured using the configure option
+<tt class="literal">--with-smbwrapper</tt>.</p>
+
+<p>If you have a number of Unix systems with the same host operating
+system and architecture and don't want to bother
+with a full Samba installation, you can simply move the following
+files to the other systems:</p>
+
+<blockquote><pre class="code">/usr/local/samba/bin/smbsh
+/usr/local/samba/bin/smbwrapper.so
+/usr/local/samba/lib/smb.conf</pre></blockquote>
+
+<p>Make sure that <em class="filename">/usr/local/samba/bin</em> is in your
+shell's search path. The
+<em class="filename">smb.conf</em><a name="INDEX-65"/><a name="INDEX-66"/> file is
+needed only for <em class="emphasis">smbsh</em> to determine the workgroup
+or domain and does not need to be as elaborate as your Samba
+server's configuration file.</p>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-5.1"/>
+
+<h3 class="head2">An Interactive Session with smbsh</h3>
+
+<p><a name="INDEX-67"/>To start <em class="emphasis">smbsh</em>,
+simply type in the <em class="emphasis">smbsh</em> command at the shell
+prompt. You will be prompted for a username and password with which
+to authenticate on the SMB network:</p>
+
+<blockquote><pre class="code">$ <tt class="userinput"><b>smbsh</b></tt>
+Username: davecb
+Password:
+smbsh$</pre></blockquote>
+
+<p>While working within the <em class="emphasis">smbsh</em> shell, you have a
+virtual <em class="filename">/smb</em> directory. This does not actually
+exist in the Unix filesystem and is supported within
+<em class="emphasis">smbsh</em> only to help organize the SMB shares in a
+structure familiar to Unix users. You can list the contents of the
+<em class="filename">/smb</em> virtual directory and get a list of
+workgroups in the local network, which are also presented as virtual
+directories:</p>
+
+<blockquote><pre class="code">smbsh$ <tt class="userinput"><b>cd /smb ; ls</b></tt>
+ZOOL PLANK BACIL</pre></blockquote>
+
+<p>You can change your working directory to one of the workgroup virtual
+directories, and listing one of them will show the computers in the
+workgroup:</p>
+
+<blockquote><pre class="code">smbsh$ <tt class="userinput"><b>cd ZOOL ; ls</b></tt>
+ANTILLES DODO MILO SEAL
+ARGON HANGGLIDE OSTRICH SPARTA
+BALLET INFUSION PLAQUE THEBES
+CHABLIS JAZ PRAETORIAN TJ
+COBRA KIKO RAYOPCI TRANCE
+COUGUR MACHINE-HEADPCI RUMYA VIPERPCI
+CRUSTY MATHUMA SCOT</pre></blockquote>
+
+<p>Likewise, you can change your current directory to, and list the
+contents of, a computer virtual directory, and then you can see a
+listing of shares offered by that computer:</p>
+
+<blockquote><pre class="code">smbsh$ <tt class="userinput"><b>cd scot ; ls</b></tt>
+ADMIN$ davecb nc np2s pl
+ace dhcp-mrk03 np nps xp
+cl ep np2 opcom</pre></blockquote>
+
+<p>This is the lowest level of
+<em class="emphasis">smbsh</em>'s virtual directory
+system. Once you <em class="emphasis">cd</em> into a share, you are within
+the SMB share on the remote computer:</p>
+
+<blockquote><pre class="code">smbsh$ <tt class="userinput"><b>cd davecb ; ls</b></tt>
+Mail mkanalysis_dirs.idx
+SUNWexplo nfs.ps
+Sent nsmail
+allsun.html projects.txt
+bin sumtimex</pre></blockquote>
+
+<p>Once in a remote share, most of the Unix shell utilities will work,
+and you can operate on files and directories much as you would on any
+Unix system. You can even create symbolic links in the Unix
+filesystem pointing to files and directories in the SMB share.
+However, attempts to create symbolic links in the SMB share will fail
+unless the share is being served by Samba with support for Unix CIFS
+extensions.</p>
+
+
+</div>
+
+
+</div>
+
+
+
+<div class="sect1"><a name="samba2-CHP-5-SECT-6"/>
+
+<h2 class="head1">smbutil and mount_smbfs</h2>
+
+<p>The <em class="emphasis">smbutil</em> and <em class="emphasis">mount_smbfs</em>
+programs provide SMB client functionality for FreeBSD, Darwin, and
+Mac OS X. Neither of the programs is part of the Samba distribution;
+however, we are including them to give you a little additional
+support in case you have BSD-related Unix systems on your network.</p>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-6.1"/>
+
+<h3 class="head2">smbutil</h3>
+
+<p>The <em class="emphasis">smbutil</em><a name="INDEX-68"/> program provides functionality similar
+to some of the Samba suite's command-line utilities.
+It can be used to list the shares available on an SMB server or
+perform NetBIOS name lookups.</p>
+
+<p>The first argument given to <em class="emphasis">smbutil</em> is one of a
+number of subcommands and is usually followed by arguments specific
+to the subcommand. For example, to list the resources offered by a
+server, use the <em class="emphasis">view</em> subcommand, and enter your
+server password when prompted:</p>
+
+<blockquote><pre class="code">% <tt class="userinput"><b>smbutil view //vamana</b></tt>
+Password:
+Share Type Comment
+-------------------------------------------------------------
+public disk
+SS2500 printer Stylus Scan 2500
+IPC$ pipe IPC Service (Samba 2.2.5)
+ADMIN$ disk IPC Service (Samba 2.2.5)
+leonvs disk User Home Directories
+
+5 shares listed from 5 available</pre></blockquote>
+
+<p>If you wish to connect to the server with a username that differs
+from that on your client, you can specify it on the command line by
+preceding the name of the server with the username and using an at
+sign (<tt class="literal">@</tt>) as a separator:</p>
+
+<blockquote><pre class="code">% <tt class="userinput"><b>smbutil view //leonvs@vamana</b></tt></pre></blockquote>
+
+<p>You can also include the password after the username, using a colon
+(:) as a separator, to avoid being prompted for
+it:</p>
+
+<blockquote><pre class="code">% <tt class="userinput"><b>smbutil view //leonvs:leonspassword@vamana</b></tt></pre></blockquote>
+
+<p>Typing your password in the open like this is strongly discouraged.
+It's a little better if you use an encrypted
+password, which you can generate using
+<em class="emphasis">smbutil</em>'s
+<em class="emphasis">crypt</em> subcommand:</p>
+
+<blockquote><pre class="code">% <tt class="userinput"><b>smbutil crypt leonspassword</b></tt>
+$$1625a5723293f0710e5faffcfc6</pre></blockquote>
+
+<p>This can then be used in place of a clear-text password. However, the
+encryption is not particularly strong and will foil only the most
+casual inspection. As noted earlier, the only reasonably secure
+method of providing a password is to be prompted for it.</p>
+
+<p>While starting up, <em class="emphasis">smbutil</em> reads the file
+<em class="filename">.nsmbrc</em><a name="INDEX-69"/> in the user's home
+directory. Also, the file
+<em class="filename">/usr/local/etc/nsmb.conf</em><a name="INDEX-70"/><a name="INDEX-71"/> is read, and directives in that file
+override those in users'
+<em class="filename">~/.nsmbrc</em> files. This is to allow administrators
+to apply mandatory settings to all users. Directives can be placed in
+this file using the section and parameter format similar to that of
+the Samba configuration file. A list of common configuration
+parameters is given in <a href="ch05.html#samba2-CHP-5-TABLE-2">Table 5-2</a>.</p>
+
+<p>For example, to keep your password in your
+<em class="filename">~/.nsmbrc</em> file, you can create an entry in the
+file such as the following:</p>
+
+<blockquote><pre class="code">[VAMANA:LEONVS]
+ password=$$1625a5723293f0710e5faffcfc6</pre></blockquote>
+
+<p>The section heading in brackets specifies the SMB
+server's NetBIOS name and the username to which the
+subsequent parameter settings apply. (The hostname and username
+should be supplied in uppercase characters.) Section headings can
+also consist of just a hostname or can contain a share name as a
+third element for specifying parameters applicable to a single share.
+Finally, if a <tt class="literal">[default]</tt> section is present, the
+settings in it apply to all connections.</p>
+
+<p>The following example <em class="filename">.nsmbrc</em> shows some of the
+other parameters you might use:</p>
+
+<blockquote><pre class="code">[default]
+ username=leonvs
+ # NetBIOS name server
+ nbns=192.168.1.3
+
+[VAMANA]
+ # server IP address
+ addr=192.168.1.6
+ workgroup=TEST
+
+[VAMANA:LEONVS]
+ password=$$1625a5723293f0710e5faffcfc6</pre></blockquote>
+
+<p>Another thing you can do with <em class="emphasis">smbutil</em> is
+<a name="INDEX-72"/><a name="INDEX-73"/><a name="INDEX-74"/>translate between IP addresses or DNS
+names and
+<a name="INDEX-75"/>NetBIOS
+names. For example, the <em class="emphasis">status</em> subcommand takes
+an IP address or DNS hostname as an argument and returns the
+corresponding SMB server's NetBIOS name and
+workgroup:</p>
+
+<blockquote><pre class="code">% <tt class="userinput"><b>smbutil status 192.168.1.6</b></tt>
+Workgroup: TEST
+Server: VAMANA</pre></blockquote>
+
+<p>The <em class="emphasis">lookup</em> subcommand returns the IP address
+associated with a given NetBIOS hostname. A NetBIOS name server can
+be optionally specified with the <em class="emphasis">-w</em> argument:</p>
+
+<blockquote><pre class="code">% <tt class="userinput"><b>smbutil lookup -w 192.168.1.3 VAMANA</b></tt>
+Got response from 192.168.1.3
+IP address of VAMANA: 192.168.1.6</pre></blockquote>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-6.2"/>
+
+<h3 class="head2">mount_smbfs</h3>
+
+<p>The <em class="emphasis">mount_smbfs</em><a name="INDEX-76"/> program performs essentially the same
+function as <em class="emphasis">smbmount</em> on Linux. It mounts an SMB
+share on a directory in the local filesystem. The SMB share can then
+be accessed just like any other directory, subject to some behavioral
+differences noted earlier in <a href="ch05.html#samba2-CHP-5-SECT-4.1">Section 5.4.1</a>.</p>
+
+<p>The command synopsis for <em class="emphasis">mount_smbfs</em> is:</p>
+
+<blockquote><pre class="code">mount_smbfs <em class="replaceable">[options]</em> <em class="replaceable">Share-UNC</em> <em class="replaceable">mount-point</em></pre></blockquote>
+
+<p>where <em class="replaceable">Share-UNC</em> is of the form:</p>
+
+<blockquote><pre class="code">//[<em class="replaceable">workgroup</em>;][<em class="replaceable">username</em>[:<em class="replaceable">password</em>]@]<em class="replaceable">server</em>[/<em class="replaceable">share</em>]</pre></blockquote>
+
+<p>For example:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>mount_smbfs '//TEST;leonvs:$$1625a5723293f0710e5faffcfc6@vamana/leonvs' /</b></tt>
+\<tt class="userinput"><b>Volumes/leonvs</b></tt></pre></blockquote>
+
+<p>The ownership and permissions of the mount point determine the
+default ownership and permissions for files and directories in the
+mounted share. These can be modified with command-line arguments,
+like this:</p>
+
+<blockquote><pre class="code"># <tt class="userinput"><b>mount_smbfs -u leonvs -g admin -f 0750 -d 0755 //leonvs@vamana/leonvs </b></tt>
+\<tt class="userinput"><b>/Volumes/leonvs</b></tt></pre></blockquote>
+
+<p>In this example, the files and directories in the mounted share will
+be owned by the user leonvs and the group admin, with files and
+directories having permissions 750 and 755, respectively. (As usual,
+the permissions are specified in the octal format used by the Unix
+<em class="emphasis">chmod</em> command.)</p>
+
+<p>The <em class="emphasis">mount_smbfs</em><a name="INDEX-77"/><a name="INDEX-78"/> command
+also makes use of settings in
+<em class="filename">/usr/local/etc/nsmb.conf</em> and
+<em class="filename">~/.nsmbrc</em>, as described earlier. A list of
+common configuration parameters and command-line options is provided
+in <a href="ch05.html#samba2-CHP-5-TABLE-2">Table 5-2</a>.</p>
+
+<a name="samba2-CHP-5-TABLE-2"/><h4 class="head4">Table 5-2. Common smbutil and mount_smbfs options</h4><table border="1">
+
+
+
+
+<tr>
+<th>
+<p>Command-line option</p>
+</th>
+<th>
+<p>Configuration file parameter</p>
+</th>
+<th>
+<p>Description</p>
+</th>
+</tr>
+
+
+<tr>
+<td>
+<p><tt class="literal">-I</tt> <em class="replaceable">hostname</em></p>
+</td>
+<td>
+<p><tt class="literal">addr</tt></p>
+</td>
+<td>
+<p>Avoid NetBIOS name resolution and connect to the server using the
+specified DNS hostname or IP address.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-N</p>
+</td>
+<td>
+<p><em class="emphasis">none</em></p>
+</td>
+<td>
+<p>Do not prompt for a password.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-R <em class="replaceable">count</em></p>
+</td>
+<td>
+<p><tt class="literal">retry_count</tt></p>
+</td>
+<td>
+<p>Number of times to retry connection before giving up.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-T <em class="replaceable">seconds</em></p>
+</td>
+<td>
+<p><tt class="literal">timeout</tt></p>
+</td>
+<td>
+<p>Timeout, in seconds, per connection request.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-U <em class="replaceable">username</em></p>
+</td>
+<td>
+<p><tt class="literal">username</tt></p>
+</td>
+<td>
+<p>Username to use for authentication. Defaults to Unix username.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-W <em class="replaceable">workgroup</em></p>
+</td>
+<td>
+<p><tt class="literal">workgroup</tt></p>
+</td>
+<td>
+<p>Name of workgroup of remote server.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-d <em class="replaceable">mode</em></p>
+</td>
+<td>
+<p><em class="emphasis">none</em></p>
+</td>
+<td>
+<p>Permissions to apply to directories in the mounted share. Defaults to
+the same as the file permissions, plus an execute (search) bit
+whenever the read bit is set.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-f <em class="replaceable">mode</em></p>
+</td>
+<td>
+<p><em class="filename">none</em></p>
+</td>
+<td>
+<p>Permissions to apply to files in the mounted share. Defaults to the
+same as the permissions set on the directory used as the mount point.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-g <em class="replaceable">group</em></p>
+</td>
+<td>
+<p><em class="emphasis">none</em></p>
+</td>
+<td>
+<p>Name or numeric GID to apply to all files and directories in the
+mounted share. Defaults to the group of the directory used as the
+mount point.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-n <em class="replaceable">long</em></p>
+</td>
+<td>
+<p><em class="emphasis">none</em></p>
+</td>
+<td>
+<p>Disable support for long filenames. Restrict filenames to 8.3 naming
+standard.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-u <em class="replaceable">username</em></p>
+</td>
+<td>
+<p><em class="emphasis">none</em></p>
+</td>
+<td>
+<p>Username or numeric UID to apply as the owner of all files and
+directories in the mounted share. Defaults to the owner of the
+directory used as the mount point.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p>-w <em class="replaceable">hostname</em></p>
+</td>
+<td>
+<p><tt class="literal">nbns</tt></p>
+</td>
+<td>
+<p>Hostname or IP address of the NetBIOS name server.</p>
+</td>
+</tr>
+<tr>
+<td>
+<p><em class="emphasis">none</em></p>
+</td>
+<td>
+<p><tt class="literal">password</tt></p>
+</td>
+<td>
+<p>Password to use for authentication.</p>
+</td>
+</tr>
+
+</table>
+
+
+</div>
+
+
+<div class="sect2"><a name="samba2-CHP-5-SECT-6.3"/>
+
+<h3 class="head2">Mac OS X</h3>
+
+<p><a name="INDEX-79"/>In addition to
+<em class="emphasis">smbutil</em> and <em class="emphasis">mount_smbfs</em>, OS
+X includes a graphical interface to the functionality they provide.
+To use this interface, open the Go menu and select the Connect to
+Server . . . menu item. Instead of using a UNC, specify the share in
+the form of a Uniform Resource Identifier (URI) with a prefix of
+<tt class="literal">smb://</tt> entered in the Address field, as shown in
+<a href="ch05.html#samba2-CHP-5-FIG-5">Figure 5-5</a>.</p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-5"/><img src="figs/sam2_0505.gif"/></div><h4 class="head4">Figure 5-5. OS X Connect to Server dialog</h4>
+
+<p>You can specify a server, share, workgroup, username, and password
+(optionally encrypted with <em class="emphasis">smbutil crypt</em>) in the
+URI, in the same format as the UNC argument to
+<em class="emphasis">mount_smbfs</em>. If you don't
+specify a share name in the URI, you will be shown a window that lets
+you choose from a list of shares available to mount. See <a href="ch05.html#samba2-CHP-5-FIG-6">Figure 5-6</a>.</p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-6"/><img src="figs/sam2_0506.gif"/></div><h4 class="head4">Figure 5-6. Selecting a share to mount</h4>
+
+<p>Only guest-accessible shares will show up in the list until
+you've authenticated. After pressing the
+Authenticate button, you'll be prompted for a
+workgroup, username, and password, as shown in <a href="ch05.html#samba2-CHP-5-FIG-7">Figure 5-7</a>. You'll also see this dialog
+if you provide a share name in the URI, but not a username and
+password.<a name="FNPTR-4"/><a href="#FOOTNOTE-4">[4]</a></p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-7"/><img src="figs/sam2_0507.gif"/></div><h4 class="head4">Figure 5-7. Client authentication</h4>
+
+<p>As usual for Mac OS X, shares are mounted under
+<em class="filename">/Volumes</em>, but show up in the root of the Finder
+hierarchy.</p>
+
+<p>If you have a WINS server on your network, you can provide the
+server's IP address in the Directory Access
+application, or by using the <tt class="literal">wins</tt>
+<tt class="literal">server</tt> parameter in
+<em class="filename">/etc/smb.conf</em>.</p>
+
+<p>If you don't know the name of a server to which you
+wish to connect, you can look for it in the browse list, using the
+graphical frontend to the <em class="emphasis">nmblookup</em> command
+provided with Samba. Click the downward-pointing arrow in the Connect
+to Server . . . dialog box to show a hierarchical, column-based view
+of available workgroups and servers, similar to that shown in <a href="ch05.html#samba2-CHP-5-FIG-8">Figure 5-8</a>. If your client is also acting as an SMB file
+server, it won't show up in its own browse
+list.<a name="INDEX-80"/></p>
+
+<div class="figure"><a name="samba2-CHP-5-FIG-8"/><a name="INDEX-81"/><img src="figs/sam2_0508.gif"/></div><h4 class="head4">Figure 5-8. Browsing the network</h4>
+
+
+</div>
+
+
+</div>
+
+<hr/><h4 class="head4">Footnotes</h4><blockquote><a name="FOOTNOTE-1"/> <p><a href="#FNPTR-1">[1]</a> An alternative to extracting
+the tar archive directly to the SMB share is to use the Unix
+system's <em class="emphasis">tar</em> command to extract
+it to a directory on the Unix server, then copy the desired file(s)
+to a shared directory. This allows a greater amount of control over
+the restoration process, as when correcting for an accidental file
+deletion or reverting a set of files to a previous condition.</p>
+<a name="FOOTNOTE-2"/> <p><a href="#FNPTR-2">[2]</a> Samba Versions
+2.2.4 and later have support for Unix CIFS extensions developed by
+Hewlett-Packard, which add full support for Unix ownership, group,
+and permissions in smbfs filesystems when shared between two Samba
+systems. You will also need a recent version of smbfs in your Linux
+kernel.</p> <a name="FOOTNOTE-3"/> <p><a href="#FNPTR-3">[3]</a> At the
+time of this writing, <em class="emphasis">smbsh</em> does not work on
+HP/UX or Linux. However, Linux support might return in the
+future.</p> <a name="FOOTNOTE-4"/> <p><a href="#FNPTR-4">[4]</a> If you've previously
+stored your authentication information in a Keychain, you will
+instead be prompted for your Keychain password.</p> </blockquote><hr/><h4 class="head4"><a href="toc.html">TOC</a></h4></body></html>
projects / samba / blobdiff