Merge branch 'core110'

[ipfire-2.x.git] / src / patches / samba / samba-3.6.99-doc_netbios_name_length_limit.patch

From caea507e6b57a82e059803e307f87fd39affde9c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 15 Jul 2015 13:22:40 +0200
Subject: [PATCH] PATCHSET31: docs: Documents length limitations for NetBIOS
 name

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11401

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 15 19:35:48 CEST 2015 on sn-devel-104
---
 docs-xml/smbdotconf/base/netbiosname.xml | 2 ++
 1 file changed, 2 insertions(+)

Index: samba-3.6.23/docs-xml/smbdotconf/base/netbiosname.xml
===================================================================
--- samba-3.6.23.orig/docs-xml/smbdotconf/base/netbiosname.xml
+++ samba-3.6.23/docs-xml/smbdotconf/base/netbiosname.xml
@@ -9,6 +9,8 @@
                the hosts DNS name) will be the name that these services are advertised under.
                </para>
 
+               <para>Note that the maximum length for a NetBIOS name is 15 charactars.</para>
+
                <para>
                There is a bug in Samba-3 that breaks operation of browsing and access to shares if the netbios name
                is set to the literal name <literal>PIPE</literal>. To avoid this problem, do not name your Samba-3
Index: samba-3.6.23/docs/manpages/smb.conf.5
===================================================================
--- samba-3.6.23.orig/docs/manpages/smb.conf.5
+++ samba-3.6.23/docs/manpages/smb.conf.5
@@ -1,13 +1,13 @@
 '\" t
 .\"     Title: smb.conf
 .\"    Author: [see the "AUTHOR" section]
-.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\"      Date: 09/18/2013
+.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
+.\"      Date: 10/15/2015
 .\"    Manual: File Formats and Conventions
 .\"    Source: Samba 3.6
 .\"  Language: English
 .\"
-.TH "SMB\&.CONF" "5" "09/18/2013" "Samba 3\&.6" "File Formats and Conventions"
+.TH "SMB\&.CONF" "5" "10/15/2015" "Samba 3\&.6" "File Formats and Conventions"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -1201,8 +1201,7 @@ add user to group script (G)
 .PP
 .RS 4
 Full path to the script that will be called when a user is added to a group using the Windows NT domain administration tools\&. It will be run by
-\fBsmbd\fR(8)
-\fIAS ROOT\fR\&. Any
+\fBsmbd\fR(8)\fIAS ROOT\fR\&. Any
 \fI%g\fR
 will be replaced with the group name and any
 \fI%u\fR
@@ -1563,8 +1562,7 @@ smbpasswd
 will fail to connect in it\*(Aqs default mode\&.
 smbpasswd
 can be forced to use the primary IP interface of the local host by using its
-\fBsmbpasswd\fR(8)
-\fI\-r \fR\fI\fIremote machine\fR\fR
+\fBsmbpasswd\fR(8)\fI\-r \fR\fI\fIremote machine\fR\fR
 parameter, with
 \fIremote machine\fR
 set to the IP name of the primary interface of the local host\&.
@@ -1868,8 +1866,7 @@ and
 \fIseal\fR
 are only available if Samba has been compiled against a modern OpenLDAP version (2\&.3\&.x or higher)\&.
 .sp
-This option is needed in the case of Domain Controllers enforcing the usage of signed LDAP connections (e\&.g\&. Windows 2000 SP3 or higher)\&. LDAP sign and seal can be controlled with the registry key "HKLM\eSystem\eCurrentControlSet\eServices\e
-NTDS\eParameters\eLDAPServerIntegrity" on the Windows server side\&.
+This option is needed in the case of Domain Controllers enforcing the usage of signed LDAP connections (e\&.g\&. Windows 2000 SP3 or higher)\&. LDAP sign and seal can be controlled with the registry key "HKLM\eSystem\eCurrentControlSet\eServices\eNTDS\eParameters\eLDAPServerIntegrity" on the Windows server side\&.
 .sp
 Depending on the used KRB5 library (MIT and older Heimdal versions) it is possible that the message "integrity only" is not supported\&. In this case,
 \fIsign\fR
@@ -2513,8 +2510,7 @@ delete group script (G)
 .PP
 .RS 4
 This is the full pathname to a script that will be run
-\fIAS ROOT\fR
-\fBsmbd\fR(8)
+\fIAS ROOT\fR\fBsmbd\fR(8)
 when a group is requested to be deleted\&. It will expand any
 \fI%g\fR
 to the group name passed\&. This script is only useful for installations using the Windows NT domain administration tools\&.
@@ -2633,8 +2629,7 @@ delete user from group script (G)
 .PP
 .RS 4
 Full path to the script that will be called when a user is removed from a group using the Windows NT domain administration tools\&. It will be run by
-\fBsmbd\fR(8)
-\fIAS ROOT\fR\&. Any
+\fBsmbd\fR(8)\fIAS ROOT\fR\&. Any
 \fI%g\fR
 will be replaced with the group name and any
 \fI%u\fR
@@ -4895,8 +4890,7 @@ script\&.
 LDAP connections should be secured where possible\&. This may be done setting
 \fIeither\fR
 this parameter to
-\fIStart_tls\fR
-\fIor\fR
+\fIStart_tls\fR\fIor\fR
 by specifying
 \fIldaps://\fR
 in the URL argument of
@@ -4935,9 +4929,7 @@ Please note that this parameter does onl
 \fIrpc\fR
 methods\&. To enable the LDAPv3 StartTLS extended operation (RFC2830) for
 \fIads\fR, set
-\m[blue]\fBldap ssl = yes\fR\m[]
-\fIand\fR
-\m[blue]\fBldap ssl ads = yes\fR\m[]\&. See
+\m[blue]\fBldap ssl = yes\fR\m[]\fIand\fR\m[blue]\fBldap ssl ads = yes\fR\m[]\&. See
 smb\&.conf(5)
 for more information on
 \m[blue]\fBldap ssl ads\fR\m[]\&.
@@ -5100,8 +5092,7 @@ in elections for local master browser\&.
 Setting this value to
 \fBno\fR
 will cause
-nmbd
-\fInever\fR
+nmbd\fInever\fR
 to become a local master browser\&.
 .sp
 Default:
@@ -5463,7 +5454,6 @@ logon home (G)
 .RS 4
 This parameter specifies the home directory location when a Win95/98 or NT Workstation logs into a Samba PDC\&. It allows you to do
 .sp
-
 C:\e>\fBNET USE H: /HOME\fR
 .sp
 from a command prompt, for example\&.
@@ -5472,7 +5462,6 @@ This option takes the standard substitut
 .sp
 This parameter can be used with Win9X workstations to ensure that roaming profiles are stored in a subdirectory of the user\*(Aqs home directory\&. This is done in the following way:
 .sp
-
 logon home = \e\e%N\e%U\eprofile
 .sp
 This tells Samba to return the above string, with substitutions made when a client requests the info, generally in a NetUserGetInfo request\&. Win9X clients truncate the info to \e\eserver\eshare when a user does
@@ -6050,7 +6039,6 @@ The three settings are :
 .sp -1
 .IP \(bu 2.3
 .\}
-
 \fBYes\fR
 \- The read only DOS attribute is mapped to the inverse of the user or owner write bit in the unix permission mode set\&. If the owner write bit is not set, the read only attribute is reported as being set on the file\&. If the read only DOS attribute is set, Samba sets the owner, group and others write bits to zero\&. Write bits set in an ACL are ignored by Samba\&. If the read only DOS attribute is unset, Samba simply sets the write bit of the owner to one\&.
 .RE
@@ -6063,7 +6051,6 @@ The three settings are :
 .sp -1
 .IP \(bu 2.3
 .\}
-
 \fBPermissions\fR
 \- The read only DOS attribute is mapped to the effective permissions of the connecting user, as evaluated by
 \fBsmbd\fR(8)
@@ -6078,7 +6065,6 @@ by reading the unix permissions and POSI
 .sp -1
 .IP \(bu 2.3
 .\}
-
 \fBNo\fR
 \- The read only DOS attribute is unaffected by permissions, and can only be set by the
 \m[blue]\fBstore dos attributes\fR\m[]
@@ -6732,7 +6718,6 @@ The options are: "lmhosts", "host", "win
 .sp -1
 .IP \(bu 2.3
 .\}
-
 \fBlmhosts\fR
 : Lookup an IP address in the Samba lmhosts file\&. If the line in lmhosts has no name type attached to the NetBIOS name (see the manpage for lmhosts for details) then any name type matches for lookup\&.
 .RE
@@ -6745,7 +6730,6 @@ The options are: "lmhosts", "host", "win
 .sp -1
 .IP \(bu 2.3
 .\}
-
 \fBhost\fR
 : Do a standard host name to IP address resolution, using the system
 /etc/hosts, NIS, or DNS lookups\&. This method of name resolution is operating system depended for instance on IRIX or Solaris this may be controlled by the
@@ -6833,6 +6817,8 @@ netbios name (G)
 .RS 4
 This sets the NetBIOS name by which a Samba server is known\&. By default it is the same as the first component of the host\*(Aqs DNS name\&. If a machine is a browse server or logon server this name (or the first component of the hosts DNS name) will be the name that these services are advertised under\&.
 .sp
+Note that the maximum length for a NetBIOS name is 15 charactars\&.
+.sp
 There is a bug in Samba\-3 that breaks operation of browsing and access to shares if the netbios name is set to the literal name
 PIPE\&. To avoid this problem, do not name your Samba\-3 server
 PIPE\&.
@@ -7639,7 +7625,6 @@ This option specifies a command to be ru
 .sp
 An interesting example is to send the users a welcome message every time they log in\&. Maybe a message of the day? Here is an example:
 .sp
-
 preexec = csh \-c \*(Aqecho \e"Welcome to %S!\e" | /usr/local/samba/bin/smbclient \-M %m \-I %I\*(Aq &
 .sp
 Of course, this could get annoying after a while :\-)
@@ -8452,9 +8437,7 @@ rpc_server (G)
 Defines what kind of rpc server to use for a named pipe\&. The rpc_server prefix must be followed by the pipe name, and a value\&.
 .sp
 Three possible values are currently supported:
-embedded
-daemon
-external
+embeddeddaemonexternal
 .sp
 The classic method is to run every pipe as an internal function
 \fIembedded\fR
@@ -8632,8 +8615,7 @@ security = share
 server)\&. Instead, the clients send authentication information (passwords) on a per\-share basis, at the time they attempt to connect to that share\&.
 .sp
 Note that
-smbd
-\fIALWAYS\fR
+smbd\fIALWAYS\fR
 uses a valid UNIX user to act on behalf of the client, even in
 security = share
 level security\&.
@@ -10177,8 +10159,6 @@ This parameter specifies the absolute pa
 .sp
 For example, a valid usershare directory might be /usr/local/samba/lib/usershares, set up as follows\&.
 .sp
-
-.sp
 .if n \{\
 .RS 4
 .\}
@@ -10650,10 +10630,10 @@ and
 .sp -1
 .IP \(bu 2.3
 .\}
-\fI<sfu | rfc2307 >\fR
-\- When Samba is running in security = ads and your Active Directory Domain Controller does support the Microsoft "Services for Unix" (SFU) LDAP schema, winbind can retrieve the login shell and the home directory attributes directly from your Directory Server\&. Note that retrieving UID and GID from your ADS\-Server requires to use
+\fI<sfu | sfu20 | rfc2307 >\fR
+\- When Samba is running in security = ads and your Active Directory Domain Controller does support the Microsoft "Services for Unix" (SFU) LDAP schema, winbind can retrieve the login shell and the home directory attributes directly from your Directory Server\&. For SFU 3\&.0 or 3\&.5 simply choose "sfu", if you use SFU 2\&.0 please choose "sfu20"\&. Note that retrieving UID and GID from your ADS\-Server requires to use
 \fIidmap config DOMAIN:backend\fR
-= ad as well\&.
+= ad as well\&. The primary group membership is currently always calculated via the "primaryGroupID" LDAP attribute\&.
 .RE
 .sp
 .RE
@@ -11036,7 +11016,6 @@ special sections make life for an admini
 This man page is correct for version 3 of the Samba suite\&.
 .SH "SEE ALSO"
 .PP
-
 \fBsamba\fR(7),
 \fBsmbpasswd\fR(8),
 \fBswat\fR(8),