/[gentoo]/xml/htdocs/doc/en/quick-samba-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/quick-samba-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.2 Revision 1.26
1<?xml version = '1.0' encoding = 'UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.26 2006/12/25 17:30:26 nightmorph Exp $ -->
2<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
3<guide link="quick-samba-howto.xml"> 4<guide link="/doc/en/quick-samba-howto.xml">
4<title>Gentoo Samba3/CUPS/clamav HOWTO</title> 5<title>Gentoo Samba3/CUPS/ClamAV HOWTO</title>
5<author title="Author"> 6<author title="Author">
6 <mail link="daff at dword dot org">Andreas "daff" Ntaflos</mail> 7 <mail link="daff at dword dot org">Andreas "daff" Ntaflos</mail>
7</author> 8</author>
8<author title="Author"> 9<author title="Author">
9 <mail link="joshua@sungentoo.homeunix.com">Joshua Preston</mail> 10 <mail link="joshua@sungentoo.homeunix.com">Joshua Preston</mail>
10</author> 11</author>
11 12
12<abstract> 13<abstract>
13Setup, install and configure a Samba Server under Gentoo that shares 14Setup, install and configure a Samba Server under Gentoo that shares
14files, printers without the need to install drivers and provides 15files, printers without the need to install drivers and provides
15automatic virus scanning. 16automatic virus scanning.
16</abstract> 17</abstract>
17 18
18<!-- The content of this document is licensed under the CC-BY-SA license --> 19<!-- The content of this document is licensed under the CC-BY-SA license -->
19<!-- See http://creativecommons.org/licenses/by-sa/1.0 --> 20<!-- See http://creativecommons.org/licenses/by-sa/1.0 -->
20<license/> 21<license/>
21 22
22<version>1.2</version> 23<version>1.15</version>
23<date>May 13, 2004</date> 24<date>2006-12-25</date>
24 25
25<chapter> 26<chapter>
26<title>Introduction to this HOWTO</title> 27<title>Introduction to this HOWTO</title>
27<section> 28<section>
28<title>Purpose</title> 29<title>Purpose</title>
29<body> 30<body>
30 31
31<p> 32<p>
32This HOWTO is designed to help you move a network from many different 33This HOWTO is designed to help you move a network from many different
33clients speaking different languages, to many different manchines that 34clients speaking different languages, to many different machines that
34speak a common language. The ultimate goal is to help differing 35speak a common language. The ultimate goal is to help differing
35architechures and technologies, come together in a productive, 36architectures and technologies, come together in a productive,
36happily coexistant environment. 37happily coexisting environment.
37</p> 38</p>
38 39
39<p> 40<p>
40Following the directions outlined in this HOWTO should give you an 41Following the directions outlined in this HOWTO should give you an
41excellent step towards a peaceful cohabitation between Windows, and 42excellent step towards a peaceful cohabitation between Windows, and
85<section> 86<section>
86<title>Before you use this guide</title> 87<title>Before you use this guide</title>
87<body> 88<body>
88 89
89<p> 90<p>
90There are a several other guides for setting up CUPS and/or Samba, 91There are a several other guides for setting up CUPS and/or Samba, please read
91please read them as well, as they may tell you things left out of this 92them as well, as they may tell you things left out of this HOWTO (intentional
92HOWTO (intentional or otherwise). One such document is the very useful 93or otherwise). One such document is the very useful and well written <uri
93and well written <uri link="http://www.gentoo.org/doc/en/printing-howto.xml">Gentoo 94link="/doc/en/printing-howto.xml">Gentoo Printing Guide</uri>, as configuration
94Printing Guide</uri>, as configuration issues and specific printer setup 95issues and specific printer setup is not discussed here.
95is not discussed here.
96</p> 96</p>
97 97
98</body> 98</body>
99</section> 99</section>
100<section> 100<section>
107</p> 107</p>
108 108
109<ul> 109<ul>
110 <li>On the Samba server: 110 <li>On the Samba server:
111 <ul> 111 <ul>
112 <li>Install and configure CLAM-AV</li> 112 <li>Install and configure ClamAV</li>
113 <li>Install and configure Samba</li> 113 <li>Install and configure Samba</li>
114 <li>Install and configure CUPS</li> 114 <li>Install and configure CUPS</li>
115 <li>Adding the printer to CUPS</li> 115 <li>Adding the printer to CUPS</li>
116 <li>Adding the PS drivers for the Windows clients</li> 116 <li>Adding the PS drivers for the Windows clients</li>
117 </ul> 117 </ul>
141We will need the following: 141We will need the following:
142</p> 142</p>
143 143
144<ul> 144<ul>
145 <li>net-fs/samba</li> 145 <li>net-fs/samba</li>
146 <li>net-mail/clamav</li> 146 <li>app-antivirus/clamav</li>
147 <li>net-print/cups</li> 147 <li>net-print/cups</li>
148 <li>net-print/foomatic</li> 148 <li>net-print/foomatic</li>
149 <li>net-print/hpijs (if you have an HP printer)</li> 149 <li>net-print/hpijs (if you have an HP printer)</li>
150 <li>A kernel of sorts (preferably 2.4.24+ or 2.6.x)</li> 150 <li>A kernel of sorts (preferably 2.4.24+ or 2.6.x)</li>
151 <li>A printer (PS or non-PS, maybe not TOO new or fancy)</li> 151 <li>A printer (PS or non-PS, maybe not TOO new or fancy)</li>
156 156
157<p> 157<p>
158The main package we use here is net-fs/samba, however, you will need 158The main package we use here is net-fs/samba, however, you will need
159a kernel with smbfs support enabled in order to mount a samba or windows 159a kernel with smbfs support enabled in order to mount a samba or windows
160share from another computer. CUPS will be emerged if it is not already. 160share from another computer. CUPS will be emerged if it is not already.
161net-mail/clamav will be used also, but others should be easily adapted 161app-antivirus/clamav will be used also, but others should be easily adapted
162to work with Samba. 162to work with Samba. Gentoo's samba ebuild supports all kinds of virus scanning
163technologies, such as Sophos, FProt, Fsav, Trend, Icap, Nai, ...
163</p> 164</p>
164 165
165</body> 166</body>
166</section> 167</section>
167</chapter> 168</chapter>
169
168<chapter> 170<chapter>
169<title>Getting acquainted with Samba</title> 171<title>Getting acquainted with Samba</title>
170<section> 172<section>
171<title>The USE Flags</title> 173<title>The USE Flags</title>
172<body> 174<body>
175Before emerging anything, take a look at the various USE flags 177Before emerging anything, take a look at the various USE flags
176available to Samba. 178available to Samba.
177</p> 179</p>
178 180
179<pre caption="Samba uses the following USE Variables:"> 181<pre caption="Samba uses the following USE Variables:">
180kerberos mysql xml acl cups ldap pam readline python oav 182kerberos mysql xml acl cups ldap pam readline python oav libclamav
181</pre> 183</pre>
182 184
183<p> 185<p>
184Depending on the network topology and the specific requirements of 186Depending on the network topology and the specific requirements of
185the server, the USE flags outlined below will define what to include or 187the server, the USE flags outlined below will define what to include or
254 </ti> 256 </ti>
255</tr> 257</tr>
256<tr> 258<tr>
257 <th><b>readline</b></th> 259 <th><b>readline</b></th>
258 <ti> 260 <ti>
259 Link Samba again libreadline. This is highly recommended and should 261 Link Samba against libreadline. This is highly recommended and should
260 probably not be disabled 262 probably not be disabled
261 </ti> 263 </ti>
262</tr> 264</tr>
263<tr> 265<tr>
264 <th><b>python</b></th> 266 <th><b>python</b></th>
273 Provides on-access scanning of Samba shares with FRISK F-Prot 275 Provides on-access scanning of Samba shares with FRISK F-Prot
274 Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep 276 Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep
275 (SAVI), Symantec CarrierScan, and Trend Micro (VSAPI). 277 (SAVI), Symantec CarrierScan, and Trend Micro (VSAPI).
276 </ti> 278 </ti>
277</tr> 279</tr>
280<tr>
281 <th><b>libclamav</b></th>
282 <ti>
283 Use the ClamAV library instead of the clamd daemon
284 </ti>
285</tr>
278</table> 286</table>
279 287
280<p> 288<p>
281A couple of things worth mentioning about the USE flags and different 289A couple of things worth mentioning about the USE flags and different
282Samba functions include: 290Samba functions include:
291 <li> 299 <li>
292 While Active Directory, ACL, and PDC functions are out of the intended 300 While Active Directory, ACL, and PDC functions are out of the intended
293 scope of this HOWTO, you may find these links as helpful to your cause: 301 scope of this HOWTO, you may find these links as helpful to your cause:
294 <ul> 302 <ul>
295 <li><uri>http://www.bluelightning.org/linux/samba_acl_howto/</uri></li> 303 <li><uri>http://www.bluelightning.org/linux/samba_acl_howto/</uri></li>
296 <li><uri>http://open-projects.linuxcare.com/research-papers/winbind-08162000.html</uri></li>
297 <li><uri>http://www.wlug.org.nz/HowtoSamba3AndActiveDirectory</uri></li> 304 <li><uri>http://www.wlug.org.nz/HowtoSamba3AndActiveDirectory</uri></li>
298 </ul> 305 </ul>
299 </li> 306 </li>
300</ul> 307</ul>
301 308
302</body> 309</body>
303</section> 310</section>
304</chapter> 311</chapter>
312
305<chapter> 313<chapter>
306<title>Server Software Installation</title> 314<title>Server Software Installation</title>
307<section> 315<section>
308<title>Emerging Samba</title> 316<title>Emerging Samba</title>
309<body> 317<body>
310 318
311<p> 319<p>
312First of all: be sure that all your hostnames resolve correctly. 320First of all: be sure that all your hostnames resolve correctly.
313Either have a working domain name system running on your network 321Either have a working domain name system running on your network
314or appropriate entries in your /etc/hosts file. cupsaddsmb often 322or appropriate entries in your <path>/etc/hosts</path> file.
315borks if hostnames don't point to the correct machines. 323<c>cupsaddsmb</c> often borks if hostnames don't point to the correct
324machines.
316</p> 325</p>
317 326
318<p> 327<p>
319Hopefully now you can make an assessment of what you'll actually need in 328Hopefully now you can make an assessment of what you'll actually need in
320order to use Samba with your particular setup. The setup used for this 329order to use Samba with your particular setup. The setup used for this
332To optimize performance, size and the time of the build, the 341To optimize performance, size and the time of the build, the
333USE flags are specifically included or excluded. 342USE flags are specifically included or excluded.
334</p> 343</p>
335 344
336<pre caption="Emerge Samba"> 345<pre caption="Emerge Samba">
337<comment>(Note the USE flags!)</comment> 346# <i>echo "net-fs/samba oav readline cups pam" &gt;&gt; /etc/portage/package.use</i>
338# <i>USE=&quot;oav readline cups pam -python -ldap -kerberos -xml -acl -mysql&quot; emerge net-fs/samba</i> 347# <i>emerge net-fs/samba</i>
339</pre> 348</pre>
340 349
341<note> 350<note>
342The following archs will need to add <e>~</e> to their <e>KEYWORDS</e>: x86, 351The following archs will need to add <e>~</e> to their <e>KEYWORDS</e>: x86,
343ppc, sparc, hppa, ia64 and alpha 352ppc, sparc, hppa, ia64 and alpha
348</p> 357</p>
349 358
350</body> 359</body>
351</section> 360</section>
352<section> 361<section>
353<title>Emerging clam-av</title> 362<title>Emerging ClamAV</title>
354<body> 363<body>
355 364
356<p> 365<p>
357Because the oav USE flag only provides an interface to allow on access 366Because the <e>oav</e> USE flag only provides an interface to allow on access
358virus scanning, the actual virus scanner must be emerged. The scanner 367virus scanning, the actual virus scanner must be emerged. The scanner
359used in this HOWTO is <e>net-mail/clamav</e>. 368used in this HOWTO is ClamAV.
360</p> 369</p>
361 370
362<pre caption="Emerge clam-av"> 371<pre caption="Emerge Clamav">
363# <i>emerge net-mail/clamav</i> 372# <i>emerge app-antivirus/clamav</i>
364</pre> 373</pre>
365 374
366</body> 375</body>
367</section> 376</section>
368<section> 377<section>
388</pre> 397</pre>
389 398
390</body> 399</body>
391</section> 400</section>
392</chapter> 401</chapter>
402
393<chapter> 403<chapter>
394<title>Server Configuration</title> 404<title>Server Configuration</title>
395<section> 405<section>
396<title>Configuring Samba</title> 406<title>Configuring Samba</title>
397<body> 407<body>
399<p> 409<p>
400The main Samba configuration file is <path>/etc/samba/smb.conf</path>. 410The main Samba configuration file is <path>/etc/samba/smb.conf</path>.
401It is divided in sections indicated by [sectionname]. Comments are either 411It is divided in sections indicated by [sectionname]. Comments are either
402# or ;. A sample <path>smb.conf</path> is included below with comments and 412# or ;. A sample <path>smb.conf</path> is included below with comments and
403suggestions for modifications. If more details are required, see the 413suggestions for modifications. If more details are required, see the
404man page for <path>smb.conf</path>, the installed smb.conf.example, the Samba 414man page for <path>smb.conf</path>, the installed
405Web site or any of the numerous Samba books available. 415<path>smb.conf.example</path>, the Samba Web site or any of the
416numerous Samba books available.
406</p> 417</p>
407 418
408<pre caption="A Sample /etc/samba/smb.conf"> 419<pre caption="A Sample /etc/samba/smb.conf">
409[global] 420[global]
410<comment># Replace MYWORKGROUPNAME with your workgroup/domain</comment> 421<comment># Replace MYWORKGROUPNAME with your workgroup/domain</comment>
411workgroup = <comment>MYWORKGROUPNAME</comment> 422workgroup = <comment>MYWORKGROUPNAME</comment>
412<comment># Of course this has no REAL purpose other than letting 423<comment># Of course this has no REAL purpose other than letting
413# everyone know its not Windows! 424# everyone knows it's not Windows!
414# %v prints the version of Samba we are using.</comment> 425# %v prints the version of Samba we are using.</comment>
415server string = Samba Server %v 426server string = Samba Server %v
416<comment># We are going to use cups, so we are going to put it in here ;-)</comment> 427<comment># We are going to use cups, so we are going to put it in here ;-)</comment>
417printcap name = cups 428printcap name = cups
418printing = cups 429printing = cups
440guest ok = yes 451guest ok = yes
441<comment># We now will implement the on access virus scanner. 452<comment># We now will implement the on access virus scanner.
442# NOTE: By putting this in our [Global] section, we enable 453# NOTE: By putting this in our [Global] section, we enable
443# scanning of ALL shares, you could optionally move 454# scanning of ALL shares, you could optionally move
444# these to a specific share and only scan it.</comment> 455# these to a specific share and only scan it.</comment>
445vfs object = /usr/lib/samba/vfs/vscan-clamav.so 456
457<comment># For Samba 3.x. This enables ClamAV on access scanning.</comment>
458vfs object = vscan-clamav
446vfs options = config-file = /etc/samba/vscan-clamav.conf 459vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
447 460
448<comment># Now we setup our print drivers information!</comment> 461<comment># Now we setup our print drivers information!</comment>
449[print$] 462[print$]
450comment = Printer Drivers 463comment = Printer Drivers
451path = /etc/samba/printer <comment># this path holds the driver structure</comment> 464path = /etc/samba/printer <comment># this path holds the driver structure</comment>
452guest ok = no 465guest ok = yes
453browseable = yes 466browseable = yes
454read only = yes 467read only = yes
455<comment># Modify this to "username,root" if you don't want root to 468<comment># Modify this to "username,root" if you don't want root to
456# be the only printer admin)</comment> 469# be the only printer admin)</comment>
457write list = <i>root</i> 470write list = <i>root</i>
470 483
471<comment># Now we setup our printers share. This should be 484<comment># Now we setup our printers share. This should be
472# browseable, printable, public.</comment> 485# browseable, printable, public.</comment>
473[printers] 486[printers]
474comment = All Printers 487comment = All Printers
475browseable = yes 488browseable = no
476printable = yes 489printable = yes
490writable = no
477public = yes 491public = yes
478guest ok = yes 492guest ok = yes
479path = /var/spool/samba 493path = /var/spool/samba
480<comment># Modify this to "username,root" if you don't want root to 494<comment># Modify this to "username,root" if you don't want root to
481# be the only printer admin)</comment> 495# be the only printer admin)</comment>
491create mode = 0766 505create mode = 0766
492guest ok = yes 506guest ok = yes
493path = /home/samba/public 507path = /home/samba/public
494</pre> 508</pre>
495 509
496<p> 510<warn>
497There are several warnings that we should put here:
498</p>
499
500<ul>
501 <li>
502 If you like to use Samba's guest account to do anything concerning 511If you like to use Samba's guest account to do anything concerning
503 printing from Windows clients: don't 512printing from Windows clients: don't set <c>guest only = yes</c> in
504 </li> 513the <c>[global]</c> section. The guest account seems to cause
505 <li>Don't set guest only = yes in the global section</li> 514problems when running <c>cupsaddsmb</c> sometimes when trying to
506 <li>
507 The guest account seems to cause problems when running cupsaddsmb sometimes
508 when trying to connect from Windows machines. See below, too, when we talk 515connect from Windows machines. See below, too, when we talk about
509 about cupsaddsmb and the problems that can arise. Use a dedicated printer 516<c>cupsaddsmb</c> and the problems that can arise. Use a dedicated
510 user, like "printeruser" or "printer" or "printme" or whatever. It doesn't 517printer user, like <c>printeruser</c> or <c>printer</c> or
511 hurt and it will certainly protect you from a lot of problems. 518<c>printme</c> or whatever. It doesn't hurt and it will certainly
512 </li> 519protect you from a lot of problems.
513</ul> 520</warn>
521
522<warn>
523Turning on ClamAV on access scanning in the <c>[global]</c> section will slow
524down the performance of your Samba server dramatically.
525</warn>
514 526
515<p> 527<p>
516Now create the directories required for the minimum configuration of 528Now create the directories required for the minimum configuration of
517Samba to share the installed printer throughout the network. 529Samba to share the installed printer throughout the network.
518</p> 530</p>
539<p> 551<p>
540The Samba passwords need not be the same as the system passwords 552The Samba passwords need not be the same as the system passwords
541in <path>/etc/passwd</path>. 553in <path>/etc/passwd</path>.
542</p> 554</p>
543 555
556<p>
557You will also need to update <path>/etc/nsswitch.conf</path> so that Windows
558systems can be found easily using NetBIOS:
559</p>
560
561<pre caption="Editing /etc/nsswitch.conf">
562# <i>nano -w /etc/nsswitch.conf</i>
563<comment>(Edit the hosts: line)</comment>
564hosts: files dns <i>wins</i>
565</pre>
566
544</body> 567</body>
545</section>
546<section> 568</section>
569<section>
547<title>Configuring clam-av</title> 570<title>Configuring ClamAV</title>
548<body> 571<body>
549 572
550<p> 573<p>
551The configuration file specified to be used in <path>smb.conf</path> is 574The configuration file specified to be used in <path>smb.conf</path> is
552<path>/etc/samba/vscan-clamav.conf</path>. While these options are set 575<path>/etc/samba/vscan-clamav.conf</path>. While these options are set
575 598
576<comment>; if communication to clamd fails, should access to file denied? 599<comment>; if communication to clamd fails, should access to file denied?
577; (default: yes)</comment> 600; (default: yes)</comment>
578deny access on error = yes 601deny access on error = yes
579 602
580<comment>; if daemon files with a minor error (corruption, etc.), 603<comment>; if daemon fails with a minor error (corruption, etc.),
581; should access to file denied? 604; should access to file denied?
582; (default: yes)</comment> 605; (default: yes)</comment>
583deny access on minor error = yes 606deny access on minor error = yes
584 607
585<comment>; send a warning message via Windows Messenger service 608<comment>; send a warning message via Windows Messenger service
603; of period, samba-vscan use a last recently used file mechanism to avoid 626; of period, samba-vscan use a last recently used file mechanism to avoid
604; multiple scans of a file. This setting specified the maximum number of 627; multiple scans of a file. This setting specified the maximum number of
605; elements of the last recently used file list. (default: 100)</comment> 628; elements of the last recently used file list. (default: 100)</comment>
606max lru files entries = 100 629max lru files entries = 100
607 630
608<comment>; an entry is invalidad after lru file entry lifetime (in seconds). 631<comment>; an entry is invalidated after lru file entry lifetime (in seconds).
609; (Default: 5)</comment> 632; (Default: 5)</comment>
610lru file entry lifetime = 5 633lru file entry lifetime = 5
611 634
612<comment>; socket name of clamd (default: /var/run/clamd)</comment> 635<comment>; socket name of clamd (default: /var/run/clamd)</comment>
613clamd socket name = /var/run/clamd 636clamd socket name = /tmp/clamd
637
638<comment>; port number the ScannerDaemon listens on</comment>
639oav port = 8127
614</pre> 640</pre>
615 641
616<p> 642<p>
617It is generally a good idea to start the virus scanner immediately. Add 643It is generally a good idea to start the virus scanner immediately. Add
618it to the default runlevel and then start the clamd service immediately. 644it to the <e>default</e> runlevel and then start the <c>clamd</c> service
645immediately. The service has two processes: freshclam keeps the virus definition
646database up to date while clamd is the actual anti-virus daemon. First you may
647want to set the paths of the logfiles so that it fits your needs.
648</p>
649
650<pre caption="Checking the location of the logfiles">
651# <i>vim /etc/clamd.conf</i>
652<comment>(Check the line "LogFile /var/log/clamd.log")</comment>
653# <i>vim /etc/freshclam.conf</i>
654<comment>(Check the line "UpdateLogFile /var/log/freshclam.log")</comment>
655# <i>vim /etc/conf.d/clamd</i>
656<comment>(Set "START_CLAMD=yes" and "START_FRESHCLAM=yes")</comment>
657</pre>
658
659<p>
660Now fire up the virus scanner.
619</p> 661</p>
620 662
621<pre caption="Add clamd to bootup and start it"> 663<pre caption="Add clamd to bootup and start it">
622# <i>rc-update add clamd default</i> 664# <i>rc-update add clamd default</i>
623# <i>/etc/init.d/clamd start</i> 665# <i>/etc/init.d/clamd start</i>
628<section> 670<section>
629<title>Configuring CUPS</title> 671<title>Configuring CUPS</title>
630<body> 672<body>
631 673
632<p> 674<p>
633This is a little more complicated). CUPS' main config file is 675This is a little more complicated. CUPS' main config file is
634<path>/etc/cups/cupsd.conf</path>. It's structure is similar to Apache's 676<path>/etc/cups/cupsd.conf</path>. It's structure is similar to Apache's
635<path>httpd.conf</path> file, so many you may find it familiar. Outlined 677<path>httpd.conf</path> file, so many you may find it familiar. Outlined
636in the example are the directives that need to be changed: 678in the example are the directives that need to be changed:
637</p> 679</p>
638 680
639<pre caption="/etc/cups/cupsd.conf"> 681<pre caption="/etc/cups/cupsd.conf">
640ServerName <i>PrintServer</i> <comment># your printserver name</comment> 682ServerName <i>PrintServer</i> <comment># your printserver name</comment>
641ServerAdmin <i>root@PrintServer</i> <comment># the person for printer-related hate-mail, eg you</comment> 683ServerAdmin <i>root@PrintServer</i> <comment># the person for printer-related hate-mail, e.g. you</comment>
642 684
643AccessLog /var/log/cups/access_log <comment># probably doesn't need changing</comment> 685AccessLog /var/log/cups/access_log <comment># probably doesn't need changing</comment>
644ErrorLog /var/log/cups/error_log <comment># doesn't really need changing either</comment> 686ErrorLog /var/log/cups/error_log <comment># doesn't really need changing either</comment>
645 687
646LogLevel debug <comment># only while isntalling and testing, should later be 688LogLevel debug <comment># only while isntalling and testing, should later be
647 # changed to 'info'</comment> 689 # changed to 'info'</comment>
648 690
649MaxClients 100 <comment># I've had to set this to 1000000000 or so because some time back, 691MaxClients 100 <comment># I've had to set this to 1000000000 or so because some time back,
650 # there seemed to be a bug in CUPS' controlling of the web interface, 692 # there seemed to be a bug in CUPS' controlling of the web interface,
651 # making CUPS think a denial of service attack was in progress when 693 # making CUPS think a denial of service attack was in progress when
652 # I tried to configure a printer with the web interface. weird.</comment> 694 # I tried to configure a printer with the web interface. weird.</comment>
655 697
656&lt;Location /&gt; 698&lt;Location /&gt;
657Order Deny,Allow 699Order Deny,Allow
658Deny From All 700Deny From All
659Allow From <i>192.168.1.*</i> <comment># the addresses of your internel network 701Allow From <i>192.168.1.*</i> <comment># the addresses of your internel network
660 # eg 192.168.1.* will allow connections from any host on 702 # e.g. 192.168.1.* will allow connections from any host on
661 # the 192.168.1.0 network. change to whatever suits you</comment> 703 # the 192.168.1.0 network. change to whatever suits you</comment>
662&lt;/Location&gt; 704&lt;/Location&gt;
663 705
664&lt;Location /admin&gt; 706&lt;Location /admin&gt;
665AuthType Basic 707AuthType Basic
672&lt;/Location&gt; 714&lt;/Location&gt;
673</pre> 715</pre>
674 716
675<p> 717<p>
676Edit <path>/etc/cups/mime.convs</path> to uncomment some lines. 718Edit <path>/etc/cups/mime.convs</path> to uncomment some lines.
677The changes to mime.convs and mime.types are needed to make CUPSprint Microsoft Office document files. 719The changes to <path>mime.convs</path> and <path>mime.types</path> are
720needed to make CUPS print Microsoft Office document files.
678</p> 721</p>
679 722
680<pre caption="/etc/cups/mime.convs"> 723<pre caption="/etc/cups/mime.convs">
681<comment>(The following line is found near the end of the file. Uncomment it)</comment> 724<comment>(The following line is found near the end of the file. Uncomment it)</comment>
682application/octet-stream application/vnd.cups-raw 0 725application/octet-stream application/vnd.cups-raw 0
683</pre> 726</pre>
684 727
685<p> 728<p>
686Edit <path>/etc/cups/mime.convs</path> to uncomment some lines. 729Edit <path>/etc/cups/mime.types</path> to uncomment some lines.
687</p> 730</p>
688 731
689<pre caption="/etc/cups/mime.types"> 732<pre caption="/etc/cups/mime.types">
690<comment>(The following line is found near the end of the file. Uncomment it)</comment> 733<comment>(The following line is found near the end of the file. Uncomment it)</comment>
691application/octet-stream 734application/octet-stream
696</p> 739</p>
697 740
698<pre caption="Setting up the CUPS service" > 741<pre caption="Setting up the CUPS service" >
699<comment>(To start CUPS on boot)</comment> 742<comment>(To start CUPS on boot)</comment>
700# <i>rc-update add cupsd default</i> 743# <i>rc-update add cupsd default</i>
701<comment>(To start CUPS if it isn't started)</comment> 744<comment>(To start or restart CUPS now)</comment>
702# <i>/etc/init.d/cupsd start</i>
703<comment>(If CUPS is already started we'll need to restart it!)</comment>
704# <i>/etc/init.d/cupsd restart</i> 745# <i>/etc/init.d/cupsd restart</i>
705</pre> 746</pre>
706 747
707</body> 748</body>
708</section> 749</section>
709<section> 750<section>
710<title>Installing a printer for and with CUPS</title> 751<title>Installing a printer for and with CUPS</title>
711<body> 752<body>
712 753
713<p> 754<p>
714First, go to <uri link="http://linuxprinting.org">LinuxPrinting.Org</uri> 755First, go to <uri link="http://linuxprinting.org">LinuxPrinting.Org</uri> to
715to find and download the correct PPD file for your printer and CUPS. To 756find and download the correct PPD file for your printer and CUPS. To do so,
716do so, click the link Printer Listings to the left. Select your 757click the link Printer Listings to the left. Select your printers manufacturer
717printers manufacturer and the model in the pulldown menu, eg HP and 758and the model in the pulldown menu, e.g. HP and DeskJet 930C. Click "Show". On
718DeskJet 930C. Click "Show". On the page coming up click the "recommended 759the page coming up click the "recommended driver" link after reading the
719driver" link after reading the various notes and information. Then fetch 760various notes and information. Then fetch the PPD file from the next page,
720the PPD file from the next page, again after reading the notes and 761again after reading the notes and introductions there. You may have to select
721introductions there. You may have to select your printers manufacturer 762your printers manufacturer and model again. Reading the <uri
722and model again. Reading the <uri link="http://www.linuxprinting.org/cups-doc.html">CUPS 763link="http://www.linuxprinting.org/cups-doc.html">CUPS quickstart guide</uri>
723quickstart guide</uri> is also very helpful when working with CUPS. 764is also very helpful when working with CUPS.
724</p> 765</p>
725 766
726<p> 767<p>
727Now you have a PPD file for your printer to work with CUPS. Place it in 768Now you have a PPD file for your printer to work with CUPS. Place it in
728<path>/usr/share/cups/model</path>. The PPD for the HP DeskJet 930C was 769<path>/usr/share/cups/model</path>. The PPD for the HP DeskJet 930C was
729named HP-DeskJet_930C-hpijs.ppd. You should now install the printer. 770named <path>HP-DeskJet_930C-hpijs.ppd</path>. You should now install the printer.
730This can be done via the CUPS web interface or via command line. The web 771This can be done via the CUPS web interface or via command line. The web
731interface is found at http://PrintServer:631 once CUPS is running. 772interface is found at <path>http://PrintServer:631</path> once CUPS is running.
732</p> 773</p>
733 774
734<pre caption="Install the printer via command line"> 775<pre caption="Install the printer via command line">
735# <i>lpadmin -p HPDeskJet930C -E -v usb:/dev/ultp0 -m HP-DeskJet_930C-hpijs.ppd</i> 776# <i>lpadmin -p HPDeskJet930C -E -v usb:/dev/ultp0 -m HP-DeskJet_930C-hpijs.ppd</i>
777# <i>/etc/init.d/cupsd restart</i>
736</pre> 778</pre>
737 779
738<p> 780<p>
739Remember to adjust to what you have. Be sure to have the name (-p) right (the 781Remember to adjust to what you have. Be sure to have the name
740name you set above during the Samba configuration!) and to put in the 782(<c>-p</c> argument) right (the name you set above during the Samba
741correct usb:/dev/usb/blah, parallel:/dev/blah or whatever device you 783configuration!) and to put in the correct <c>usb:/dev/usb/blah</c>,
742are using for your printer. 784<c>parallel:/dev/blah</c> or whatever device you are using for your
743</p> 785printer.
744
745<p> 786</p>
787
788<p>
746You should now be able to access the printer from the web interface. You 789You should now be able to access the printer from the web interface
747should now be able to print a test page. 790and be able to print a test page.
748</p> 791</p>
749 792
750</body> 793</body>
751</section> 794</section>
752<section> 795<section>
761drivers automagically to the connecting client, avoiding the hassle of 804drivers automagically to the connecting client, avoiding the hassle of
762manually installing printer drivers locally. 805manually installing printer drivers locally.
763</p> 806</p>
764 807
765<p> 808<p>
766There are two sets of printer drivers for this. First, the Adobe PS 809There are two sets of printer drivers for this. First, the Adobe PS drivers
767drivers which can be obtained from <uri 810which can be obtained from <uri
768link="http://www.adobe.com/support/downloads/main.html">Adobe</uri> 811link="http://www.adobe.com/support/downloads/main.html">Adobe</uri> (PostScript
769(PostScript printer drivers). Second, there are the CUPS PS drivers, 812printer drivers). Second, there are the CUPS PS drivers, to be obtained <uri
770to be obtained from <uri link="http://www.cups.org/software.php">the 813link="http://dev.gentoo.org/~nightmorph/misc/cups-samba-5.0rc2.tar.gz">here</uri>.
771CUPS homepage</uri> and selecting "CUPS Driver for Windows" from the 814There doesn't seem to be a difference between the functionality of the two, but
772pull down menu. There doesn't seem to be a difference between the 815the Adobe PS drivers need to be extracted on a Windows System since it's a
773functionality of the two, but the Adobe PS drivers need to be extracted 816Windows binary. Also the whole procedure of finding and copying the correct
774on a Windows System since it's a Windows binary. Also the whole procedure 817files is a bit more hassle. The CUPS drivers seem to support some options the
775of finding and copying the correct files is a bit more hassle. The CUPS 818Adobe drivers don't.
776drivers seem to support some options the Adobe drivers don't.
777</p> 819</p>
820<!--
821used to be available at www.cups.org/articles.php?L142+p4, but only 6.0 is
822available. at some point, we should update this for 6.0.
823-->
778 824
779<p> 825<p>
780This HOWTO uses the CUPS drivers for Windows. The downloaded file is 826This HOWTO uses the CUPS drivers for Windows. The downloaded file is
781called <path>cups-samba-5.0rc2.tar.gz</path>. Extract the files 827called <path>cups-samba-5.0rc2.tar.gz</path>. Extract the files
782contained into a directory. 828contained into a directory.
788<comment>(Only use this script if CUPS resides in /usr/share/cups)</comment> 834<comment>(Only use this script if CUPS resides in /usr/share/cups)</comment>
789# <i>./cups-samba.install</i> 835# <i>./cups-samba.install</i>
790</pre> 836</pre>
791 837
792<p> 838<p>
793cups-samba.ss is a TAR archive containing three files: 839<path>cups-samba.ss</path> is a TAR archive containing three files:
794cups5.hlp, cupsdrvr5.dll and cupsui5.dll. These are the actual driver 840<path>cups5.hlp</path>, <path>cupsdrvr5.dll</path> and
795files. 841<path>cupsui5.dll</path>. These are the actual driver files.
796</p> 842</p>
797 843
798<warn> 844<warn>
799The script cups-samba.install may not work for all *nixes (ie FreeBSD) 845The script <c>cups-samba.install</c> may not work for all *nixes (i.e. FreeBSD)
800because almost everything which is not part of the base system is 846because almost everything which is not part of the base system is
801installed somewhere under the prefix <path>/usr/local/</path>. This 847installed somewhere under the prefix <path>/usr/local/</path>. This
802seems not to be the case for most things you install under GNU/Linux. 848seems not to be the case for most things you install under GNU/Linux.
803However, if your CUPS installation is somewhere other than 849However, if your CUPS installation is somewhere other than
804<path>/usr/share/cups/</path> See the example below. 850<path>/usr/share/cups/</path> see the example below.
805</warn> 851</warn>
806 852
807<p> 853<p>
808Suppose your CUPS installation resides under 854Suppose your CUPS installation resides under
809<path>/usr/local/share/cups/</path>, and you want to install the drivers there. 855<path>/usr/local/share/cups/</path>, and you want to install the drivers there.
815# <i>tar -xf cups-samba.ss</i> 861# <i>tar -xf cups-samba.ss</i>
816<comment>(This extracts the files to usr/share/cups/drivers under the CURRENT WORKING DIRECTORY)</comment> 862<comment>(This extracts the files to usr/share/cups/drivers under the CURRENT WORKING DIRECTORY)</comment>
817# <i>cd usr/share/cups/drivers</i> 863# <i>cd usr/share/cups/drivers</i>
818<comment>(no leading / !)</comment> 864<comment>(no leading / !)</comment>
819# <i>cp cups* /usr/local/share/cups/drivers</i> 865# <i>cp cups* /usr/local/share/cups/drivers</i>
866# <i>/etc/init.d/cupsd restart</i>
820</pre> 867</pre>
821 868
822<p> 869<p>
823Now we'll use the script <c>cupsaddsmb</c> provided by the CUPS 870Now we'll use the script <c>cupsaddsmb</c> provided by the CUPS distribution.
824distribution. It's man page is an interesting read. 871Its man page is an interesting read.
825</p> 872</p>
826 873
827<pre caption="Run cupsaddsmb"> 874<pre caption="Run cupsaddsmb">
828# <i>cupsaddsmb -H PrintServer -U root -h PrintServer -v HPDeskJet930C</i> 875# <i>cupsaddsmb -H PrintServer -U root -h PrintServer -v HPDeskJet930C</i>
829<comment>(Instead of HPDeskJet930C you could also specify "-a", which will 876<comment>(Instead of HPDeskJet930C you could also specify "-a", which will
830"export all known printers".)</comment> 877"export all known printers".)</comment>
831# <i>cupsaddsmb -H PrintServer -U root -h PrintServer -a</i> 878# <i>cupsaddsmb -H PrintServer -U root -h PrintServer -a</i>
832</pre> 879</pre>
833 880
834<warn> 881<warn>
835The execution of this command often causes the most trouble. 882The execution of this command often causes the most trouble. Read through the
836Reading through the <uri
837link="http://forums.gentoo.com/viewtopic.php?t=110931">posts in this 883<uri link="http://forums.gentoo.org/viewtopic.php?t=110931">posts in this
838thread</uri>. 884thread</uri> for some troubleshooting tips.
839</warn> 885</warn>
840 886
841<p> 887<p>
842Here are common errors that may happen: 888Here are common errors that may happen:
843</p> 889</p>
844 890
845<ul> 891<ul>
846 <li> 892 <li>
847 The hostname given as a parameter for -h and -H (PrintServer) often does 893 The hostname given as a parameter for <c>-h</c> and <c>-H</c>
848 not resolve correctly and doesn't identify the print server for CUPS/Samba 894 (<c>PrintServer</c>) often does not resolve correctly and doesn't
849 interaction. 895 identify the print server for CUPS/Samba interaction. If an error
850 If an error like: <b>Warning: No PPD file for printer "CUPS_PRINTER_NAME" - 896 like: <b>Warning: No PPD file for printer "CUPS_PRINTER_NAME" -
851 skipping!</b> occurs, the first thing you should do is substitute 897 skipping!</b> occurs, the first thing you should do is substitute
852 PrintServer with localhost and try it again. 898 <c>PrintServer</c> with <c>localhost</c> and try it again.
853 </li> 899 </li>
854 <li> 900 <li>
855 The command fails with an <b>NT_STATUS_UNSUCCESSFUL</b>. This error message 901 The command fails with an <b>NT_STATUS_UNSUCCESSFUL</b>. This error message
856 is quite common, but can be triggered by many problems. It's unfortunately 902 is quite common, but can be triggered by many problems. It's unfortunately
857 not very helpful. One thing to try is to temporarily set <b>security = 903 not very helpful. One thing to try is to temporarily set <c>security =
858 user</b> in your <path>smb.conf</path>. After/if the installation completes 904 user</c> in your <path>smb.conf</path>. After/if the installation completes
859 successfully, you should set it back to share, or whatever it was set to 905 successfully, you should set it back to share, or whatever it was set to
860 before. 906 before.
861 </li> 907 </li>
862</ul> 908</ul>
863 909
952</pre> 998</pre>
953 999
954</body> 1000</body>
955</section> 1001</section>
956</chapter> 1002</chapter>
1003
957<chapter> 1004<chapter>
958<title>Configuration of the Clients</title> 1005<title>Configuration of the Clients</title>
959<section> 1006<section>
960<title>Printer configuration of *nix based clients</title> 1007<title>Printer configuration of *nix based clients</title>
961<body> 1008<body>
962 1009
963<p> 1010<p>
964Despite the variation or distribution, the only thing needed is CUPS. 1011Despite the variation or distribution, the only thing needed is CUPS. Do the
965Do the equivalent on any other UNIX/Linux/BSD client. 1012equivalent on any other UNIX/Linux/BSD client.
966</p> 1013</p>
967 1014
968<pre caption="Configuring a Gentoo system."> 1015<pre caption="Configuring a Gentoo system">
969# <i>emerge cups</i> 1016# <i>emerge cups</i>
970# <i>/etc/init.d/cupsd start</i> 1017# <i>nano -w /etc/cups/client.conf</i>
971# <i>rc-update add cupsd default</i> 1018ServerName <i>PrintServer</i> <comment># your printserver name</comment>
972</pre> 1019</pre>
973 1020
974<p>
975That should be it. Nothing else will be needed. Just point your web
976browser to http://localhost:631 (on the CLIENT) and you'll see that
977PrintServer broadcasts all available printers to all CUPS clients.
978</p> 1021<p>
979 1022That should be it. Nothing else will be needed.
980<p> 1023</p>
981To print, use for example 1024
982</p> 1025<p>
1026If you use only one printer, it will be your default printer. If your print
1027server manages several printers, your administrator will have defined a default
1028printer on the server. If you want to define a different default printer for
1029yourself, use the <c>lpoptions</c> command.
1030</p>
1031
1032<pre caption="Setting your default printer">
1033<comment>(List available printers)</comment>
1034# <i>lpstat -a</i>
1035<comment>(Sample output, yours will differ)</comment>
1036HPDeskJet930C accepting requests since Jan 01 00:00
1037laser accepting requests since Jan 01 00:00
1038<comment>(Define HPDeskJet930C as your default printer)</comment>
1039# <i>lpoptions -d HPDeskJet930C</i>
1040</pre>
983 1041
984<pre caption="Printing in *nix"> 1042<pre caption="Printing in *nix">
1043<comment>(Specify the printer to be used)</comment>
985# <i>lpr -pHPDeskJet930C anything.txt</i> 1044# <i>lp -d HPDeskJet930C anything.txt</i>
986# <i>lpr -PHPDeskJet930C foobar.whatever.ps</i> 1045<comment>(Use your default printer)</comment>
987</pre>
988
989<p>
990In order to setup a default printer, you have to edit
991<path>/etc/cups/client.conf</path> and set the directive ServerName to
992your printserver. In the case of this guide that would be the
993following example.
994</p>
995
996<pre caption="/etc/cups/client.conf">
997ServerName PrintServer
998</pre>
999
1000<p>
1001The following will print foorbar.whatever.ps directly to the print
1002server.
1003</p>
1004
1005<pre caption="Printing to the default printer">
1006$ <i>lpr foobar.whatever.ps</i> 1046# <i>lp foobar.whatever.ps</i>
1007</pre> 1047</pre>
1008 1048
1009<p>
1010Some common observations when setting a default printer in this manner
1011include the following:
1012</p> 1049<p>
1013 1050Just point your web browser to <c>http://printserver:631</c> on the client if
1014<ul> 1051you want to manage your printers and their jobs with a nice web interface.
1015 <li> 1052Replace <c>printserver</c> with the name of the <e>machine</e> that acts as
1016 Setting the ServerName in client.conf seems to work well for only one 1053your print server, not the name you gave to the cups print server if you used
1017 printer, there may be yet another way to set a client's default remote 1054different names.
1018 printer. 1055</p>
1019 </li>
1020 <li>
1021 Also, when accessing http://localhost:631 on the client now, no printers
1022 seem to be "found" by the client-CUPS. This is to be expected when setting
1023 ServerName in <path>client.conf</path>.
1024 </li>
1025</ul>
1026 1056
1027</body> 1057</body>
1028</section> 1058</section>
1029<section> 1059<section>
1030<title>Mounting a Windows or Samba share in GNU/Linux</title> 1060<title>Mounting a Windows or Samba share in GNU/Linux</title>
1031<body> 1061<body>
1032 1062
1033<p> 1063<p>
1034Now is time to configure our kernel to support it the smbfs. Since I'm 1064Now is time to configure our kernel to support smbfs. Since I'm assumming we've
1035assumming we've all compiled at least one kernel, we'll need to make 1065all compiled at least one kernel, we'll need to make sure we have all the right
1036sure we have all the right options selected in our kernel. 1066options selected in our kernel. For simplicity sake, make it a module for ease
1037For simplicity sake, make it as a module for ease of use. It is the
1038authors opinion that kernel modules are a good thing and should be used 1067of use. It is the author's opinion that kernel modules are a good thing and
1039whenever possible. 1068should be used whenever possible.
1040</p> 1069</p>
1041 1070
1042<pre caption="Relevant kernel options" > 1071<pre caption="Relevant kernel options" >
1043CONFIG_SMB_FS=m 1072CONFIG_SMB_FS=m
1044CONFIG_SMB_UNIX=y 1073CONFIG_SMB_UNIX=y
1078<section> 1107<section>
1079<title>Printer Configuration for Windows NT/2000/XP clients</title> 1108<title>Printer Configuration for Windows NT/2000/XP clients</title>
1080<body> 1109<body>
1081 1110
1082<p> 1111<p>
1083That's just a bit of point-and-click. Browse to \\PrintServer and right 1112That's just a bit of point-and-click. Browse to
1084click on the printer (HPDeskJet930C) and click connect. This will 1113<path>\\PrintServer</path> and right click on the printer
1085download the drivers to the Windows client and now every application 1114(HPDeskJet930C) and click connect. This will download the drivers to
1086(such as Word or Acrobat) will offer HPDeskJet930C as an available 1115the Windows client and now every application (such as Word or Acrobat)
1087printer to print to. :-) 1116will offer HPDeskJet930C as an available printer to print to. :-)
1088</p> 1117</p>
1089 1118
1090</body> 1119</body>
1091</section> 1120</section>
1092</chapter> 1121</chapter>
1122
1093<chapter> 1123<chapter>
1094<title>Final Notes</title> 1124<title>Final Notes</title>
1095<section> 1125<section>
1096<title>A Fond Farewell</title> 1126<title>A Fond Farewell</title>
1097<body> 1127<body>
1103</p> 1133</p>
1104 1134
1105</body> 1135</body>
1106</section> 1136</section>
1107</chapter> 1137</chapter>
1138
1108<chapter> 1139<chapter>
1109<title>Links and Resources</title> 1140<title>Links and Resources</title>
1110<section> 1141<section>
1111<title>Links</title> 1142<title>Links</title>
1112<body> 1143<body>

Legend:
Removed from v.1.2  
changed lines
  Added in v.1.26

  ViewVC Help
Powered by ViewVC 1.1.20