From: frank Date: Wed, 25 Apr 2012 18:44:27 +0000 (+0200) Subject: committing changes in /etc after emerge run X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=461b1d14405ff7977e130948dabd218c70bdb7b3;p=config%2Fbruni%2Fetc.git committing changes in /etc after emerge run Package changes: --- diff --git a/init.d/samba b/init.d/samba deleted file mode 100755 index 7e6d2a8d..00000000 --- a/init.d/samba +++ /dev/null @@ -1,59 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License, v2 or later -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/samba.initd,v 1.4 2011/09/14 22:52:33 polynomial-c Exp $ - -extra_started_commands="reload" - -depend() { - after slapd - need net - use cupsd -} - -DAEMONNAME="${SVCNAME##samba.}" -[ "${DAEMONNAME}" != "samba" ] && daemon_list=${DAEMONNAME} - -signal_do() { - local signal="$1" - [ -z "${signal}" ] && return 0 - - local result=0 last_result=0 daemon= cmd_exec= - for daemon in ${daemon_list} ; do - eval cmd_exec=\$${daemon}_${signal} - if [ -n "${cmd_exec}" ]; then - ebegin "${my_service_name} -> ${signal}: ${daemon}" - #echo ${cmd} '->' ${!cmd} - ${cmd_exec} > /dev/null - last_result=$? - eend ${last_result} - fi - result=$(( ${result} + ${last_result} )) - done - return ${result} -} - -mkdir_sambadirs() { - [ -d /var/run/samba ] || mkdir -p /var/run/samba -} - -start() { - ${my_service_PRE} - mkdir_sambadirs - signal_do start && return 0 - - eerror "Error: starting services (see system logs)" - signal_do stop - return 1 -} -stop() { - ${my_service_PRE} - if signal_do stop ; then - ${my_service_POST} - return 0 - fi -} -reload() { - ${my_service_PRE} - signal_do reload -} diff --git a/openldap/schema/samba.schema b/openldap/schema/samba.schema deleted file mode 100644 index 8f82ddde..00000000 --- a/openldap/schema/samba.schema +++ /dev/null @@ -1,575 +0,0 @@ -## -## schema file for OpenLDAP 2.x -## Schema for storing Samba user accounts and group maps in LDAP -## OIDs are owned by the Samba Team -## -## Prerequisite schemas - uid (cosine.schema) -## - displayName (inetorgperson.schema) -## - gidNumber (nis.schema) -## -## 1.3.6.1.4.1.7165.2.1.x - attributetypes -## 1.3.6.1.4.1.7165.2.2.x - objectclasses -## -## Printer support -## 1.3.6.1.4.1.7165.2.3.1.x - attributetypes -## 1.3.6.1.4.1.7165.2.3.2.x - objectclasses -## -## Samba4 -## 1.3.6.1.4.1.7165.4.1.x - attributetypes -## 1.3.6.1.4.1.7165.4.2.x - objectclasses -## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls -## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations -## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track -## -## ----- READ THIS WHEN ADDING A NEW ATTRIBUTE OR OBJECT CLASS ------ -## -## Run the 'get_next_oid' bash script in this directory to find the -## next available OID for attribute type and object classes. -## -## $ ./get_next_oid -## attributetype ( 1.3.6.1.4.1.7165.2.1.XX NAME .... -## objectclass ( 1.3.6.1.4.1.7165.2.2.XX NAME .... -## -## Also ensure that new entries adhere to the declaration style -## used throughout this file -## -## ( 1.3.6.1.4.1.7165.2.XX.XX NAME .... -## ^ ^ ^ -## -## The spaces are required for the get_next_oid script (and for -## readability). -## -## ------------------------------------------------------------------ - -# objectIdentifier SambaRoot 1.3.6.1.4.1.7165 -# objectIdentifier Samba3 SambaRoot:2 -# objectIdentifier Samba3Attrib Samba3:1 -# objectIdentifier Samba3ObjectClass Samba3:2 -# objectIdentifier Samba4 SambaRoot:4 - -######################################################################## -## HISTORICAL ## -######################################################################## - -## -## Password hashes -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword' -# DESC 'LanManager Passwd' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword' -# DESC 'NT Passwd' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -## -## Account flags in string format ([UWDX ]) -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags' -# DESC 'Account Flags' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) - -## -## Password timestamps & policies -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet' -# DESC 'NT pwdLastSet' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime' -# DESC 'NT logonTime' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime' -# DESC 'NT logoffTime' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime' -# DESC 'NT kickoffTime' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange' -# DESC 'NT pwdCanChange' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange' -# DESC 'NT pwdMustChange' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -## -## string settings -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive' -# DESC 'NT homeDrive' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath' -# DESC 'NT scriptPath' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath' -# DESC 'NT profilePath' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations' -# DESC 'userWorkstations' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome' -# DESC 'smbHome' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain' -# DESC 'Windows NT domain to which the user belongs' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) - -## -## user and group RID -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid' -# DESC 'NT rid' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID' -# DESC 'NT Group RID' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -## -## The smbPasswordEntry objectclass has been depreciated in favor of the -## sambaAccount objectclass -## -#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY -# DESC 'Samba smbpasswd entry' -# MUST ( uid $ uidNumber ) -# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags )) - -#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL -# DESC 'Samba Account' -# MUST ( uid $ rid ) -# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ -# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ -# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ -# description $ userWorkstations $ primaryGroupID $ domain )) - -#objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY -# DESC 'Samba Auxiliary Account' -# MUST ( uid $ rid ) -# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ -# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ -# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ -# description $ userWorkstations $ primaryGroupID $ domain )) - -######################################################################## -## END OF HISTORICAL ## -######################################################################## - -####################################################################### -## Attributes used by Samba 3.0 schema ## -####################################################################### - -## -## Password hashes -## -attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' - DESC 'LanManager Password' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' - DESC 'MD4 hash of the unicode password' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -## -## Account flags in string format ([UWDX ]) -## -attributetype ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' - DESC 'Account Flags' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) - -## -## Password timestamps & policies -## -attributetype ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' - DESC 'Timestamp of the last password update' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' - DESC 'Timestamp of when the user is allowed to update the password' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' - DESC 'Timestamp of when the password will expire' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' - DESC 'Timestamp of last logon' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' - DESC 'Timestamp of last logoff' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' - DESC 'Timestamp of when the user will be logged off automatically' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' - DESC 'Bad password attempt count' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' - DESC 'Time of the last bad password attempt' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' - DESC 'Logon Hours' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE ) - -## -## string settings -## -attributetype ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' - DESC 'Driver letter of home directory mapping' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' - DESC 'Logon script path' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' - DESC 'Roaming profile path' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' - DESC 'List of user workstations the user is allowed to logon to' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' - DESC 'Home directory UNC path' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' - DESC 'Windows NT domain to which the user belongs' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' - DESC 'Base64 encoded user parameter string' - EQUALITY caseExactMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' - DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) - -## -## SID, of any type -## - -attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' - DESC 'Security ID' - EQUALITY caseIgnoreIA5Match - SUBSTR caseExactIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) - -## -## Primary group SID, compatible with ntSid -## - -attributetype ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' - DESC 'Primary Group Security ID' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' - DESC 'Security ID List' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) - -## -## group mapping attributes -## -attributetype ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' - DESC 'NT Group Type' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -## -## Store info on the domain -## - -attributetype ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' - DESC 'Next NT rid to give our for users' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' - DESC 'Next NT rid to give out for groups' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' - DESC 'Next NT rid to give out for anything' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' - DESC 'Base at which the samba RID generation algorithm should operate' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' - DESC 'Share Name' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' - DESC 'Option Name' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' - DESC 'A boolean option' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' - DESC 'An integer option' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' - DESC 'A string option' - EQUALITY caseExactIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' - DESC 'A string list option' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) - - -##attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName' -## SUP name ) - -##attributetype ( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList' -## DESC 'Privileges List' -## EQUALITY caseIgnoreIA5Match -## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' - DESC 'Trust Password Flags' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - -# "min password length" -attributetype ( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' - DESC 'Minimal password length (default: 5)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "password history" -attributetype ( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' - DESC 'Length of Password History Entries (default: 0 => off)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "user must logon to change password" -attributetype ( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' - DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "maximum password age" -attributetype ( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' - DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "minimum password age" -attributetype ( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' - DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "lockout duration" -attributetype ( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' - DESC 'Lockout duration in minutes (default: 30, -1 => forever)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "reset count minutes" -attributetype ( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' - DESC 'Reset time after lockout in minutes (default: 30)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "bad lockout attempt" -attributetype ( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' - DESC 'Lockout users after bad logon attempts (default: 0 => off)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "disconnect time" -attributetype ( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' - DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "refuse machine password change" -attributetype ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' - DESC 'Allow Machine Password changes (default: 0 => off)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# -attributetype ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' - DESC 'Clear text password (used for trusted domain passwords)' - EQUALITY octetStringMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) - -# -attributetype ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' - DESC 'Previous clear text password (used for trusted domain passwords)' - EQUALITY octetStringMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) - - - -####################################################################### -## objectClasses used by Samba 3.0 schema ## -####################################################################### - -## The X.500 data model (and therefore LDAPv3) says that each entry can -## only have one structural objectclass. OpenLDAP 2.0 does not enforce -## this currently but will in v2.1 - -## -## added new objectclass (and OID) for 3.0 to help us deal with backwards -## compatibility with 2.2 installations (e.g. ldapsam_compat) --jerry -## -objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY - DESC 'Samba 3.0 Auxilary SAM Account' - MUST ( uid $ sambaSID ) - MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ - sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ - sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ - displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ - sambaProfilePath $ description $ sambaUserWorkstations $ - sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ - sambaBadPasswordCount $ sambaBadPasswordTime $ - sambaPasswordHistory $ sambaLogonHours)) - -## -## Group mapping info -## -objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY - DESC 'Samba Group Mapping' - MUST ( gidNumber $ sambaSID $ sambaGroupType ) - MAY ( displayName $ description $ sambaSIDList )) - -## -## Trust password for trust relationships (any kind) -## -objectclass ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL - DESC 'Samba Trust Password' - MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) - MAY ( sambaSID $ sambaPwdLastSet )) - -## -## Trust password for trusted domains -## (to be stored beneath the trusting sambaDomain object in the DIT) -## -objectclass ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL - DESC 'Samba Trusted Domain Password' - MUST ( sambaDomainName $ sambaSID $ - sambaClearTextPassword $ sambaPwdLastSet ) - MAY ( sambaPreviousClearTextPassword )) - -## -## Whole-of-domain info -## -objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL - DESC 'Samba Domain Information' - MUST ( sambaDomainName $ - sambaSID ) - MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ - sambaAlgorithmicRidBase $ - sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ - sambaMaxPwdAge $ sambaMinPwdAge $ - sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ - sambaForceLogoff $ sambaRefuseMachinePwdChange )) - -## -## used for idmap_ldap module -## -objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY - DESC 'Pool for allocating UNIX uids/gids' - MUST ( uidNumber $ gidNumber ) ) - - -objectclass ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY - DESC 'Mapping from a SID to an ID' - MUST ( sambaSID ) - MAY ( uidNumber $ gidNumber ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL - DESC 'Structural Class for a SID' - MUST ( sambaSID ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' SUP top AUXILIARY - DESC 'Samba Configuration Section' - MAY ( description ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL - DESC 'Samba Share Section' - MUST ( sambaShareName ) - MAY ( description ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL - DESC 'Samba Configuration Option' - MUST ( sambaOptionName ) - MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ - sambaStringListoption $ description ) ) - - -## retired during privilege rewrite -##objectclass ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' SUP top AUXILIARY -## DESC 'Samba Privilege' -## MUST ( sambaSID ) -## MAY ( sambaPrivilegeList ) ) diff --git a/pam.d/samba b/pam.d/samba deleted file mode 100644 index 91beadd4..00000000 --- a/pam.d/samba +++ /dev/null @@ -1,8 +0,0 @@ -#%PAM-1.0 -# * pam_smbpass.so authenticates against the smbpasswd file -# * changed Redhat's 'pam_stack' with 'include' for *BSD compatibility -# (Diego "Flameeyes" Petteno'): enable with pam>=0.78 only -auth required pam_smbpass.so nodelay -account include system-auth -session include system-auth -password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf diff --git a/pam.d/system-auth-winbind b/pam.d/system-auth-winbind deleted file mode 100644 index b58dcf64..00000000 --- a/pam.d/system-auth-winbind +++ /dev/null @@ -1,18 +0,0 @@ -#%PAM-1.0 -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/system-auth-winbind.pam,v 1.1 2010/03/01 16:19:54 patrick Exp $ - -auth required pam_env.so -auth sufficient pam_winbind.so -auth sufficient pam_unix.so likeauth nullok use_first_pass -auth required pam_deny.so - -account sufficient pam_winbind.so -account required pam_unix.so - -password required pam_cracklib.so retry=3 -password sufficient pam_unix.so nullok use_authtok md5 shadow -password required pam_deny.so - -session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 -session required pam_limits.so -session required pam_unix.so diff --git a/samba/lmhosts b/samba/lmhosts deleted file mode 100644 index 80e71756..00000000 --- a/samba/lmhosts +++ /dev/null @@ -1,2 +0,0 @@ -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/lmhosts,v 1.1 2010/03/01 16:19:54 patrick Exp $ -127.0.0.1 localhost diff --git a/samba/smb.conf.default b/samba/smb.conf.default deleted file mode 100644 index 57061345..00000000 --- a/samba/smb.conf.default +++ /dev/null @@ -1,274 +0,0 @@ -# This is the main Samba configuration file. You should read the -# smb.conf(5) manual page in order to understand the options listed -# here. Samba has a huge number of configurable options (perhaps too -# many!) most of which are not shown in this example -# -# For a step to step guide on installing, configuring and using samba, -# read the Samba-HOWTO-Collection. This may be obtained from: -# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf -# -# Many working examples of smb.conf files can be found in the -# Samba-Guide which is generated daily and can be downloaded from: -# http://www.samba.org/samba/docs/Samba-Guide.pdf -# -# Any line which starts with a ; (semi-colon) or a # (hash) -# is a comment and is ignored. In this example we will use a # -# for commentry and a ; for parts of the config file that you -# may wish to enable -# -# NOTE: Whenever you modify this file you should run the command "testparm" -# to check that you have not made any basic syntactic errors. -# -#======================= Global Settings ===================================== -[global] - -# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH - workgroup = MYGROUP - -# server string is the equivalent of the NT Description field - server string = Samba Server - -# Security mode. Defines in which mode Samba will operate. Possible -# values are share, user, server, domain and ads. Most people will want -# user level security. See the Samba-HOWTO-Collection for details. - security = user - -# This option is important for security. It allows you to restrict -# connections to machines which are on your local network. The -# following example restricts access to two C class networks and -# the "loopback" interface. For more examples of the syntax see -# the smb.conf man page -; hosts allow = 192.168.1. 192.168.2. 127. - -# If you want to automatically load your printer list rather -# than setting them up individually then you'll need this - load printers = yes - -# you may wish to override the location of the printcap file -; printcap name = /etc/printcap - -# on SystemV system setting printcap name to lpstat should allow -# you to automatically obtain a printer list from the SystemV spool -# system -; printcap name = lpstat - -# It should not be necessary to specify the print system type unless -# it is non-standard. Currently supported print systems include: -# bsd, cups, sysv, plp, lprng, aix, hpux, qnx -; printing = cups - -# Uncomment this if you want a guest account, you must add this to /etc/passwd -# otherwise the user "nobody" is used -; guest account = pcguest - -# this tells Samba to use a separate log file for each machine -# that connects - log file = /var/log/samba/log.%m - -# Put a capping on the size of the log files (in Kb). - max log size = 50 - -# Use password server option only with security = server -# The argument list may include: -# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] -# or to auto-locate the domain controller/s -# password server = * -; password server = - -# Use the realm option only with security = ads -# Specifies the Active Directory realm the host is part of -; realm = MY_REALM - -# Backend to store user information in. New installations should -# use either tdbsam or ldapsam. smbpasswd is available for backwards -# compatibility. tdbsam requires no further configuration. If you're -# migrating from < samba 3.4, you'll have to convert your old user -# passwords to the new backend with the command: -# pdbedit -i smbpasswd:/var/lib/samba/private/smbpasswd -e -; passdb backend = tdbsam - -# Using the following line enables you to customise your configuration -# on a per machine basis. The %m gets replaced with the netbios name -# of the machine that is connecting. -# Note: Consider carefully the location in the configuration file of -# this line. The included file is read at that point. -; include = /etc/samba/smb.conf.%m - -# Configure Samba to use multiple interfaces -# If you have multiple network interfaces then you must list them -# here. See the man page for details. -; interfaces = 192.168.12.2/24 192.168.13.2/24 - -# Browser Control Options: -# set local master to no if you don't want Samba to become a master -# browser on your network. Otherwise the normal election rules apply -; local master = no - -# OS Level determines the precedence of this server in master browser -# elections. The default value should be reasonable -; os level = 33 - -# Domain Master specifies Samba to be the Domain Master Browser. This -# allows Samba to collate browse lists between subnets. Don't use this -# if you already have a Windows NT domain controller doing this job -; domain master = yes - -# Preferred Master causes Samba to force a local browser election on startup -# and gives it a slightly higher chance of winning the election -; preferred master = yes - -# Enable this if you want Samba to be a domain logon server for -# Windows95 workstations. -; domain logons = yes - -# if you enable domain logons then you may want a per-machine or -# per user logon script -# run a specific logon batch file per workstation (machine) -; logon script = %m.bat -# run a specific logon batch file per username -; logon script = %U.bat - -# Where to store roving profiles (only for Win95 and WinNT) -# %L substitutes for this servers netbios name, %U is username -# You must uncomment the [Profiles] share below -; logon path = \\%L\Profiles\%U - -# Windows Internet Name Serving Support Section: -# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server -; wins support = yes - -# WINS Server - Tells the NMBD components of Samba to be a WINS Client -# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both -; wins server = w.x.y.z - -# WINS Proxy - Tells Samba to answer name resolution queries on -# behalf of a non WINS capable client, for this to work there must be -# at least one WINS Server on the network. The default is NO. -; wins proxy = yes - -# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names -# via DNS nslookups. The default is NO. - dns proxy = no - -# These scripts are used on a domain controller or stand-alone -# machine to add or delete corresponding unix accounts -; add user script = /usr/sbin/useradd %u -; add group script = /usr/sbin/groupadd %g -; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u -; delete user script = /usr/sbin/userdel %u -; delete user from group script = /usr/sbin/deluser %u %g -; delete group script = /usr/sbin/groupdel %g - - -#============================ Share Definitions ============================== -[homes] - comment = Home Directories - browseable = no - writable = yes - -# Un-comment the following and create the netlogon directory for Domain Logons -; [netlogon] -; comment = Network Logon Service -; path = /var/lib/samba/netlogon -; guest ok = yes -; writable = no -; share modes = no - - -# Un-comment the following to provide a specific roving profile share -# the default is to use the user's home directory -;[Profiles] -; path = /var/lib/samba/profiles -; browseable = no -; guest ok = yes - - -# NOTE: If you have a BSD-style print system there is no need to -# specifically define each individual printer -[printers] - comment = All Printers - path = /var/spool/samba - browseable = no -# Set public = yes to allow user 'guest account' to print - guest ok = no - writable = no - printable = yes - -# This one is useful for people to share files -;[tmp] -; comment = Temporary file space -; path = /tmp -; read only = no -; public = yes - -# A publicly accessible directory, but read only, except for people in -# the "staff" group -;[public] -; comment = Public Stuff -; path = /home/samba -; public = yes -; writable = yes -; printable = no -; write list = @staff - -# Other examples. -# -# A private printer, usable only by fred. Spool data will be placed in fred's -# home directory. Note that fred must have write access to the spool directory, -# wherever it is. -;[fredsprn] -; comment = Fred's Printer -; valid users = fred -; path = /homes/fred -; printer = freds_printer -; public = no -; writable = no -; printable = yes - -# A private directory, usable only by fred. Note that fred requires write -# access to the directory. -;[fredsdir] -; comment = Fred's Service -; path = /usr/somewhere/private -; valid users = fred -; public = no -; writable = yes -; printable = no - -# a service which has a different directory for each machine that connects -# this allows you to tailor configurations to incoming machines. You could -# also use the %U option to tailor it by user name. -# The %m gets replaced with the machine name that is connecting. -;[pchome] -; comment = PC Directories -; path = /usr/pc/%m -; public = no -; writable = yes - -# A publicly accessible directory, read/write to all users. Note that all files -# created in the directory by users will be owned by the default user, so -# any user with access can delete any other user's files. Obviously this -# directory must be writable by the default user. Another user could of course -# be specified, in which case all files would be owned by that user instead. -;[public] -; path = /usr/somewhere/else/public -; public = yes -; only guest = yes -; writable = yes -; printable = no - -# The following two entries demonstrate how to share a directory so that two -# users can place files there that will be owned by the specific users. In this -# setup, the directory should be writable by both users and should have the -# sticky bit set on it to prevent abuse. Obviously this could be extended to -# as many users as required. -;[myshare] -; comment = Mary's and Fred's stuff -; path = /usr/somewhere/shared -; valid users = mary fred -; public = no -; writable = yes -; printable = no -; create mask = 0765 - - diff --git a/security/pam_winbind.conf b/security/pam_winbind.conf deleted file mode 100644 index dd0b112f..00000000 --- a/security/pam_winbind.conf +++ /dev/null @@ -1,38 +0,0 @@ -# -# pam_winbind configuration file -# -# /etc/security/pam_winbind.conf -# - -[global] - -# turn on debugging -;debug = no - -# turn on extended PAM state debugging -;debug_state = no - -# request a cached login if possible -# (needs "winbind offline logon = yes" in smb.conf) -;cached_login = no - -# authenticate using kerberos -;krb5_auth = no - -# when using kerberos, request a "FILE" krb5 credential cache type -# (leave empty to just do krb5 authentication but not have a ticket -# afterwards) -;krb5_ccache_type = - -# make successful authentication dependend on membership of one SID -# (can also take a name) -;require_membership_of = - -# password expiry warning period in days -;warn_pwd_expire = 14 - -# omit pam conversations -;silent = no - -# create homedirectory on the fly -;mkhomedir = no diff --git a/xinetd.d/swat b/xinetd.d/swat deleted file mode 100644 index 13b3ee23..00000000 --- a/xinetd.d/swat +++ /dev/null @@ -1,17 +0,0 @@ -# default: off -# description: SWAT is the Samba Web Admin Tool. Use swat \ -# to configure your Samba server. To use SWAT, \ -# connect to port 901 with your favorite web browser. -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/swat.xinetd,v 1.1 2010/03/01 16:19:54 patrick Exp $ - -service swat -{ - port = 901 - socket_type = stream - wait = no - only_from = localhost - user = root - server = /usr/sbin/swat - log_on_failure += USERID - disable = yes -}