r8952 - in trunk/BOOK: . general/genlib general/genutils introduction/welcome networking/netprogs postlfs/security postlfs/shells server/major

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Wed Nov 9 16:14:42 PST 2011


Author: bdubbs
Date: 2011-11-09 17:14:36 -0700 (Wed, 09 Nov 2011)
New Revision: 8952

Added:
   trunk/BOOK/networking/netprogs/samba3.xml
   trunk/BOOK/postlfs/security/libcap2.xml
Removed:
   trunk/BOOK/server/major/samba3.xml
Modified:
   trunk/BOOK/general.ent
   trunk/BOOK/general/genlib/libgcrypt.xml
   trunk/BOOK/general/genlib/libgpg-error.xml
   trunk/BOOK/general/genlib/libtasn1.xml
   trunk/BOOK/general/genutils/pinentry.xml
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/networking/netprogs/netprogs.xml
   trunk/BOOK/networking/netprogs/wget.xml
   trunk/BOOK/postlfs/security/gnutls.xml
   trunk/BOOK/postlfs/security/heimdal.xml
   trunk/BOOK/postlfs/security/security.xml
   trunk/BOOK/postlfs/shells/zsh.xml
   trunk/BOOK/server/major/major.xml
   trunk/BOOK/server/major/vsftpd.xml
Log:
Update to libtasn1-2.10.
Update to libgcrypt-1.5.0.
Add libcap2-2.22.
Move samba to network programs.



Modified: trunk/BOOK/general/genlib/libgcrypt.xml
===================================================================
--- trunk/BOOK/general/genlib/libgcrypt.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/general/genlib/libgcrypt.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -7,13 +7,13 @@
 <!-- <!ENTITY libgcrypt-download-http "&sources-anduin-http;/l/libgcrypt-&libgcrypt-version;.tar.bz2"> -->
   <!ENTITY libgcrypt-download-http " ">
   <!ENTITY libgcrypt-download-ftp  "ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-&libgcrypt-version;.tar.bz2">
-  <!ENTITY libgcrypt-md5sum        "dbf99425a4fe9217c84ce3a35d938634">
-  <!ENTITY libgcrypt-size          "1.1 MB">
-  <!ENTITY libgcrypt-buildsize     "29 MB">
-  <!ENTITY libgcrypt-time          "0.5 SBU (additional 0.5 SBU to run the test suite)">
+  <!ENTITY libgcrypt-md5sum        "693f9c64d50c908bc4d6e01da3ff76d8">
+  <!ENTITY libgcrypt-size          "1.4 MB">
+  <!ENTITY libgcrypt-buildsize     "24 MB">
+  <!ENTITY libgcrypt-time          "0.6 SBU (including 0.5 SBU to run the test suite)">
 ]>
 
-<sect1 id="libgcrypt" xreflabel="Libgcrypt-&libgcrypt-version;">
+<sect1 id="libgcrypt" xreflabel="libgcrypt-&libgcrypt-version;">
   <?dbhtml filename="libgcrypt.html"?>
 
   <sect1info>
@@ -21,22 +21,22 @@
     <date>$Date$</date>
   </sect1info>
 
-  <title>Libgcrypt-&libgcrypt-version;</title>
+  <title>libgcrypt-&libgcrypt-version;</title>
 
   <indexterm zone="libgcrypt">
-    <primary sortas="a-Libgcrypt">Libgcrypt</primary>
+    <primary sortas="a-libgcrypt">libgcrypt</primary>
   </indexterm>
 
   <sect2 role="package">
-    <title>Introduction to Libgcrypt</title>
+    <title>Introduction to libgcrypt</title>
 
-    <para>The <application>Libgcrypt</application> package contains a general
+    <para>The <application>libgcrypt</application> package contains a general
     purpose crypto library based on the code used in
     <application>GnuPG</application>. The library provides a high level
     interface to cryptographic building blocks using an extendable and flexible
     API.</para>
 
-    <para>&lfssvn_checked;20101029&lfssvn_checked2;</para>
+    &lfs70_checked;
 
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">
@@ -60,14 +60,14 @@
       </listitem>
     </itemizedlist>
 
-    <bridgehead renderas="sect3">Libgcrypt Dependencies</bridgehead>
+    <bridgehead renderas="sect3">libgcrypt Dependencies</bridgehead>
 
     <bridgehead renderas="sect4">Required</bridgehead>
     <para role="required"><xref linkend="libgpg-error"/></para>
 
     <bridgehead renderas="sect4">Optional</bridgehead>
     <para role="optional"><xref linkend="pth"/> and
-    <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink></para>
+    <xref linkend="libcap2"/></para>
 
     <para condition="html" role="usernotes">User Notes:
     <ulink url="&blfs-wiki;/libgcrypt"/></para>
@@ -75,9 +75,9 @@
   </sect2>
 
   <sect2 role="installation">
-    <title>Installation of Libgcrypt</title>
+    <title>Installation of libgcrypt</title>
 
-    <para>Install <application>Libgcrypt</application> by running the
+    <para>Install <application>libgcrypt</application> by running the
     following commands:</para>
 
 <screen><userinput>./configure --prefix=/usr &&

Modified: trunk/BOOK/general/genlib/libgpg-error.xml
===================================================================
--- trunk/BOOK/general/genlib/libgpg-error.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/general/genlib/libgpg-error.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -12,7 +12,7 @@
   <!ENTITY libgpg-error-time          "less than 0.1 SBU">
 ]>
 
-<sect1 id="libgpg-error" xreflabel="Libgpg-error-&libgpg-error-version;">
+<sect1 id="libgpg-error" xreflabel="libgpg-error-&libgpg-error-version;">
   <?dbhtml filename="libgpg-error.html"?>
 
   <sect1info>
@@ -20,28 +20,28 @@
     <date>$Date$</date>
   </sect1info>
 
-  <title>Libgpg-error-&libgpg-error-version;</title>
+  <title>libgpg-error-&libgpg-error-version;</title>
 
   <indexterm zone="libgpg-error">
-    <primary sortas="a-Libgpg-error">Libgpg-error</primary>
+    <primary sortas="a-libgpg-error">libgpg-error</primary>
   </indexterm>
 
   <sect2 role="package">
-    <title>Introduction to Libgpg-error</title>
+    <title>Introduction to libgpg-error</title>
 
-    <para>The <application>Libgpg-error</application> package contains a
+    <para>The <application>libgpg-error</application> package contains a
     library that defines common error values for all
     <application>GnuPG</application> components. Among these are GPG, GPGSM,
     GPGME, GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard Daemon
     and more.</para>
 
-    <para>&lfssvn_checked;20101029&lfssvn_checked2;</para>
+    &lfs70_checked;
 
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">
-      <listitem>
+      <!--<listitem>
         <para>Download (HTTP): <ulink url="&libgpg-error-download-http;"/></para>
-      </listitem>
+      </listitem>-->
       <listitem>
         <para>Download (FTP): <ulink url="&libgpg-error-download-ftp;"/></para>
       </listitem>
@@ -65,9 +65,9 @@
   </sect2>
 
   <sect2 role="installation">
-    <title>Installation of Libgpg-error</title>
+    <title>Installation of libgpg-error</title>
 
-    <para>Install <application>Libgpg-error</application> by running the
+    <para>Install <application>libgpg-error</application> by running the
     following commands:</para>
 
 <screen><userinput>./configure --prefix=/usr &&
@@ -79,8 +79,7 @@
     user:</para>
 
 <screen role="root"><userinput>make install &&
-install -v -m644 -D README \
-                    /usr/share/doc/libgpg-error-&libgpg-error-version;/README</userinput></screen>
+install -v -m644 -D README /usr/share/doc/libgpg-error-&libgpg-error-version;/README</userinput></screen>
 
   </sect2>
 
@@ -108,7 +107,7 @@
       <varlistentry id="gpg-error">
         <term><command>gpg-error</command></term>
         <listitem>
-          <para>is used to determine <application>Libgpg-error</application>
+          <para>is used to determine <application>libgpg-error</application>
           error codes.</para>
           <indexterm zone="libgpg-error gpg-error">
             <primary sortas="b-gpg-error">gpg-error</primary>
@@ -120,10 +119,10 @@
         <term><command>gpg-error-config</command></term>
         <listitem>
           <para>is a utility used to configure and build applications based on
-          the <application>Libgpg-error</application> library. It can be used
+          the <application>libgpg-error</application> library. It can be used
           to query the C compiler and linker flags which are required to correctly
           compile and link the application against the
-          <application>Libgpg-error</application> library.</para>
+          <application>libgpg-error</application> library.</para>
           <indexterm zone="libgpg-error gpg-error-config">
             <primary sortas="b-gpg-error-config">gpg-error-config</primary>
           </indexterm>
@@ -133,7 +132,7 @@
       <varlistentry id="liblibgpg-error">
         <term><filename class='libraryfile'>liblibgpg-error.{so,a}</filename></term>
         <listitem>
-          <para>contains the <application>Libgpg-error</application> API
+          <para>contains the <application>libgpg-error</application> API
           functions.</para>
           <indexterm zone="libgpg-error liblibgpg-error">
             <primary sortas="c-liblibgpg-error">liblibgpg-error.{so,a}</primary>

Modified: trunk/BOOK/general/genlib/libtasn1.xml
===================================================================
--- trunk/BOOK/general/genlib/libtasn1.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/general/genlib/libtasn1.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -6,10 +6,10 @@
 
   <!ENTITY libtasn1-download-http "http://mirrors.kernel.org/gnu/libtasn1/libtasn1-&libtasn1-version;.tar.gz">
   <!ENTITY libtasn1-download-ftp  "ftp://ftp.gnu.org/pub/gnu/libtasn1/libtasn1-&libtasn1-version;.tar.gz">
-  <!ENTITY libtasn1-md5sum        "53fd164f8670e55a9964666990fb358f">
+  <!ENTITY libtasn1-md5sum        "ef80c227d0dcdc2940fbc58faf8e0cf1">
   <!ENTITY libtasn1-size          "1.8 MB">
   <!ENTITY libtasn1-buildsize     "12 MB">
-  <!ENTITY libtasn1-time          "0.2 SBU">
+  <!ENTITY libtasn1-time          "0.1 SBU">
 ]>
 
 <sect1 id="libtasn1" xreflabel="libtasn1-&libtasn1-version;">
@@ -32,6 +32,8 @@
     <para><application>libtasn1</application> is a highly portable C library that
      encodes and decodes DER/BER data following an ASN.1 schema.</para>
 
+     &lfs70_checked;
+
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>

Modified: trunk/BOOK/general/genutils/pinentry.xml
===================================================================
--- trunk/BOOK/general/genutils/pinentry.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/general/genutils/pinentry.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -80,7 +80,7 @@
     <para role="optional"><!-- <xref linkend="GTK"/>, -->
     <xref linkend="gtk2"/>,
     <xref linkend="qt"/>, and
-    <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink></para>
+    <xref linkend="libcap2"/></para>
 
     <para condition="html" role="usernotes">User Notes:
     <ulink url="&blfs-wiki;/pinentry"/></para>

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/general.ent	2011-11-10 00:14:36 UTC (rev 8952)
@@ -112,6 +112,7 @@
 <!ENTITY gnupg-version                "1.4.11">
 <!ENTITY gnupg2-version               "2.0.15">
 <!ENTITY gpgme-version                "1.3.0">
+<!ENTITY libcap2-version              "2.22">
 <!ENTITY tripwire-version             "2.4.1.2">
 <!ENTITY heimdal-version              "1.4">
 <!ENTITY mitkrb-version               "1.6">
@@ -186,11 +187,11 @@
 <!ENTITY pth-version                  "2.0.7">
 <!ENTITY libassuan-version            "2.0.0">
 <!ENTITY libgpg-error-version         "1.10">
-<!ENTITY libgcrypt-version            "1.4.6">
+<!ENTITY libgcrypt-version            "1.5.0">
 <!ENTITY libksba-version              "1.0.7">
 <!ENTITY libmowgli-version            "0.7.0">
 <!ENTITY libmcs-version               "0.7.1">
-<!ENTITY libtasn1-version             "2.8">
+<!ENTITY libtasn1-version             "2.10">
 <!ENTITY libunique-version            "1.1.2">
 <!ENTITY liboil-version               "0.3.17">
 <!ENTITY nspr-version                 "4.8.6">

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -44,9 +44,24 @@
     <listitem>
       <para>November 9th, 2011</para>
       <itemizedlist>
+        <!-- <listitem>
+          <para>[bdubbs] - Update to samba-3.6.1.</para>
+        </listitem> 
         <listitem>
+          <para>[bdubbs] - Update to gnutls-3.0.7.</para>
+        </listitem> -->
+        <listitem>
+          <para>[bdubbs] - Update to libtasn1-2.10.</para>
+        </listitem>
+        <listitem>
+          <para>[bdubbs] - Update to libgcrypt-1.5.0.</para>
+        </listitem>
+        <listitem>
+          <para>[bdubbs] - Add libcap2-2.22.</para>
+        </listitem>
+        <listitem>
           <para>[bdubbs] - Add a sed to libmpeg2 to avoid a segfault 
-          that occurs when using recent compilers.  Thansks to Andy
+          that occurs when using recent compilers.  Thanks to Andy
           Benton for the report.</para>
         </listitem>
         <listitem>

Modified: trunk/BOOK/networking/netprogs/netprogs.xml
===================================================================
--- trunk/BOOK/networking/netprogs/netprogs.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/networking/netprogs/netprogs.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -32,6 +32,7 @@
 <!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="portmap.xml"/> -->
 <!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="rsync-client.xml"/> -->
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="rsync.xml"/>
+  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="samba3.xml"/> 
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="samba3-client.xml"/>
 <!--  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="subversion.xml"/> -->
 <!--  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="tcpwrappers.xml"/> -->

Copied: trunk/BOOK/networking/netprogs/samba3.xml (from rev 8929, trunk/BOOK/server/major/samba3.xml)
===================================================================
--- trunk/BOOK/networking/netprogs/samba3.xml	                        (rev 0)
+++ trunk/BOOK/networking/netprogs/samba3.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -0,0 +1,1170 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+   "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+
+  <!ENTITY samba3-download-http "http://samba.org/samba/ftp/stable/samba-&samba3-version;.tar.gz">
+  <!ENTITY samba3-download-ftp  "ftp://samba.org/pub/samba/samba-&samba3-version;.tar.gz">
+  <!ENTITY samba3-md5sum        "bf6c09ea497a166df8bd672db1d8da8f">
+  <!ENTITY samba3-size          "30.8 MB">
+  <!ENTITY samba3-buildsize     "451 MB">
+  <!ENTITY samba3-time          "5 SBU (additional 1.4 SBU to run the test suite)">
+]>
+
+<sect1 id="samba3" xreflabel="Samba-&samba3-version;">
+  <?dbhtml filename="samba3.html"?>
+
+  <sect1info>
+    <othername>$LastChangedBy$</othername>
+    <date>$Date$</date>
+  </sect1info>
+
+  <title>Samba-&samba3-version;</title>
+
+  <indexterm zone="samba3">
+    <primary sortas="a-Samba">Samba</primary>
+  </indexterm>
+
+  <sect2 role="package">
+    <title>Introduction to Samba</title>
+
+    <para>The <application>Samba</application> package provides file and print
+    services to SMB/CIFS clients and Windows networking to Linux clients.
+    <application>Samba</application> can also be configured as a Windows NT
+    4.0 Domain Controller replacement (with caveats working with NT PDC's and
+    BDC's), a file/print server acting as a member of a Windows NT 4.0 or
+    Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which
+    amongst other things provides LAN browsing support).</para>
+
+    <bridgehead renderas="sect3">Package Information</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>Download (HTTP): <ulink url="&samba3-download-http;"/></para>
+      </listitem>
+      <listitem>
+        <para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para>
+      </listitem>
+      <listitem>
+        <para>Download MD5 sum: &samba3-md5sum;</para>
+      </listitem>
+      <listitem>
+        <para>Download size: &samba3-size;</para>
+      </listitem>
+      <listitem>
+        <para>Estimated disk space required: &samba3-buildsize;</para>
+      </listitem>
+      <listitem>
+        <para>Estimated build time: &samba3-time;</para>
+      </listitem>
+    </itemizedlist>
+
+    <!--<bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>Required patch: <ulink
+        url="http://us3.samba.org/samba/patches/patches-&samba3-version;/spoolss.diff"/></para>
+      </listitem>
+    </itemizedlist> -->
+
+    <bridgehead renderas="sect3">Samba Dependencies</bridgehead>
+
+    <bridgehead renderas="sect4">Optional</bridgehead>
+    <para role="optional"><xref linkend="popt"/>,
+    <xref linkend="linux-pam"/>,
+    <xref linkend="cups"/>,
+    <xref linkend="openldap"/>,
+    <xref linkend="gamin"/>,
+    <xref linkend="acl"/>,
+    <xref linkend="xfs"/>,
+    <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
+    <xref linkend="python"/> (used only in parts of the test suite),
+    <ulink url="http://tdb.samba.org/">tdb</ulink> (version 1.2.1),
+    <xref linkend="libcap2"/>,
+    <ulink url="http://www.nongnu.org/libunwind/">libunwind</ulink>,
+    <ulink url="http://people.redhat.com/dhowells/keyutils/">keyutils</ulink>
+    (required to build the <command>cifs.upcall</command> program),
+    <xref linkend="avahi"/>,
+    <ulink url="http://www.openafs.org/">OpenAFS</ulink>,
+    and <ulink url="http://valgrind.org/">Valgrind</ulink> (optionally
+    used by the test suite)</para>
+
+    <para>You will need to install one of the kerberos packages if you plan
+    on using your system to join a Windows NT domain.</para>
+
+    <bridgehead renderas="sect4">Optional for Samba4 Support</bridgehead>
+    <para role="optional"><xref linkend="gnutls"/> (recommended),
+    <xref linkend="python"/>, and
+    <xref linkend="sqlite"/></para>
+
+    <para condition="html" role="usernotes">User Notes:
+    <ulink url="&blfs-wiki;/samba3"/></para>
+
+  </sect2>
+
+  <sect2 role="installation">
+    <title>Installation of Samba</title>
+
+    <note>
+      <para>If you wish to run the test suite after the binaries are built,
+      you must add the <option>--enable-socket-wrapper</option> parameter to
+      the <command>configure</command> script below. You may want to run
+      <command>configure</command> with the <option>--help</option> parameter
+      first. There may be other parameters needed to take advantage of
+      optional dependencies.</para>
+    </note>
+
+    <para>Install <application>Samba</application> by running the following
+    commands:</para>
+
+<screen><userinput>cd source3 &&
+
+./configure \
+    --prefix=/usr \
+    --sysconfdir=/etc \
+    --localstatedir=/var \
+    --with-piddir=/var/run \
+    --with-pammodulesdir=/lib/security \
+    --with-fhs \
+    --with-automount \
+    --with-cifsumount \
+    --enable-nss-wrapper \
+    --with-pthreads &&
+make</userinput></screen>
+
+    <para>To test the results, issue: <command>make test</command>. If you have
+    <application>Linux-PAM</application> installed and built the PAM library
+    modules, you can perform a dlopen test by issuing:
+    <command>make test_pam_modules</command>.</para>
+
+    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
+
+<screen role="root"><userinput>make install &&
+
+install -v -m755 ../nsswitch/libnss_win{s,bind}.so /lib   &&
+ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2      &&
+ln -v -sf libnss_wins.so    /lib/libnss_wins.so.2         &&
+
+install -v -m644 ../examples/smb.conf.default /etc/samba  &&
+
+if [ -d /etc/openldap/schema ]; then
+    install -v -m644    ../examples/LDAP/README              \
+                        /etc/openldap/schema/README.LDAP     &&
+    install -v -m644    ../examples/LDAP/samba*              \
+                        /etc/openldap/schema                 &&
+    install -v -m755    ../examples/LDAP/{convert*,get*,ol*} \
+                        /etc/openldap/schema                 && 
+fi &&
+
+install -v -m755 -d /usr/share/doc/samba-&samba3-version; &&
+install -v -m644    ../docs/*.pdf \
+                    /usr/share/doc/samba-&samba3-version; &&
+ln -v -s ../../samba/swat  /usr/share/doc/samba-&samba3-version;</userinput></screen>
+
+  </sect2>
+
+  <sect2 role="commands">
+    <title>Command Explanations</title>
+
+    <para><option>--enable-merged-build</option>: Use this parameter to build
+    the (alpha) Samba4 components (GnuTLS is recommended).</para>
+
+    <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
+    file directory to avoid the default of
+    <filename class="directory">/usr/etc</filename>.</para>
+
+    <para><parameter>--localstatedir=/var</parameter>: Sets the variable
+    data directory to avoid the default of
+    <filename class="directory">/usr/var</filename>.</para>
+
+    <para><parameter>--with-fhs</parameter>: Assigns all other file paths in
+    a manner compliant with the Filesystem Hierarchy Standard (FHS).</para>
+
+    <para><parameter>--with-automount</parameter>: Includes automounting
+    support.</para>
+
+    <para><parameter>--with-cifsumount</parameter>: Builds the
+    <command>umount.cifs</command> program.</para>
+
+    <para><parameter>--enable-nss-wrapper</parameter>: Builds the nss-wrapper
+    library.</para>
+
+    <para><parameter>--with-pthreads</parameter>: Adds threading support.</para>
+
+    <para><command>install -v -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
+    The nss libraries are not installed by default. If you intend to use
+    winbindd for Windows NT domain authentication, and/or WINS name resolution,
+    you need these libraries.</para>
+
+    <para><command>ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
+    and <command>ln -v -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
+    These symlinks are required by <application>Glibc</application> to use the
+    NSS libraries.</para>
+
+    <para><command>if [ -d /etc/openldap/schema ]; then ...; fi</command>:
+    These commands are used to see if you have an OpenLDAP installation, and if
+    so, they copy sample Samba schemas to the OpenLDAP
+    <filename class='directory'>schema</filename> directory.</para>
+
+    <para><command>install -v -m644 ../examples/smb.conf.default
+    /etc/samba</command>: This copies a default <filename>smb.conf</filename>
+    file into <filename>/etc/samba</filename>. This sample configuration will
+    not work until you copy it to <filename>/etc/samba/smb.conf</filename> and
+    make the appropriate changes for your installation. See the configuration
+    section for minimum values which must be set.</para>
+
+  </sect2>
+
+  <sect2 role="configuration">
+    <title>Configuring Samba</title>
+
+    <sect3 id="samba3-config">
+      <title>Config Files</title>
+
+      <para>/etc/samba/smb.conf</para>
+
+      <indexterm zone="samba3 samba3-config">
+        <primary sortas="e-etc-samba-smb.conf">/etc/samba/smb.conf</primary>
+      </indexterm>
+
+    </sect3>
+
+    <sect3>
+      <title>Mounting Shares by Unprivileged Users</title>
+
+      <para>If it is desired for unprivileged users to directly mount (and
+      unmount) CIFS shares, the <command>mount.cifs</command> and
+      <command>umount.cifs</command> commands must be setuid
+      <systemitem class='username'>root</systemitem>. Note that users can
+      only mount CIFS shares on a mount point owned by that user (requires
+      write access also). If desired, change these programs to setuid
+      <systemitem class='username'>root</systemitem> by issuing the following
+      command as the <systemitem class='username'>root</systemitem>
+      user:</para>
+
+<screen role="root"><userinput>chmod -v 4755 /usr/sbin/{,u}mount.cifs</userinput></screen>
+
+    </sect3>
+
+    <sect3>
+      <title>Printing to SMB Clients</title>
+
+      <para>If you use <application>CUPS</application> for print services,
+      and you wish to print to a printer attached to an SMB client, you
+      need to create an SMB backend device. To create the device, issue the
+      following command as the <systemitem class="username">root</systemitem>
+      user:</para>
+
+<screen role="root"><userinput>ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb</userinput></screen>
+
+    </sect3>
+
+    <sect3>
+      <title>Configuration Information</title>
+
+      <para>Due to the complexity and the many various uses for
+      <application>Samba</application>, complete configuration for all the
+      package's capabilities is well beyond the scope of the BLFS book. This
+      section provides instructions to configure the
+      <filename>/etc/samba/smb.conf</filename> file for two common scenarios.
+      The complete contents of <filename>/etc/samba/smb.conf</filename> will
+      depend on the purpose of <application>Samba</application>
+      installation.</para>
+
+      <note>
+        <para>You may find it easier to copy the configuration parameters shown
+        below into an empty <filename>/etc/samba/smb.conf</filename> file
+        instead of copying and editing the default file as mentioned in the
+        <quote>Command Explanations</quote> section. How you create/edit the
+        <filename>/etc/samba/smb.conf</filename> file will be left up to
+        you. Do ensure the file is only writeable by the
+        <systemitem class="username">root</systemitem> user (mode 644).</para>
+      </note>
+
+      <sect4>
+        <title>Scenario 1: Minimal Standalone Client-Only Installation</title>
+
+        <para>Choose this variant if you only want to transfer files using
+        <command>smbclient</command>, mount Windows shares and print to Windows
+        printers, and don't want to share your files and printers to Windows
+        machines.</para>
+
+        <para>A <filename>/etc/samba/smb.conf</filename> file with the following
+        three parameters is sufficient:</para>
+
+<screen role='root'><literal>[global]
+    workgroup = <replaceable>MYGROUP</replaceable>
+    dos charset = <replaceable>cp850</replaceable>
+    unix charset = <replaceable>ISO-8859-1</replaceable></literal></screen>
+
+        <para>The values in this example specify that the computer belongs to a
+        Windows workgroup named
+        <quote><replaceable>MYGROUP</replaceable></quote>, uses the
+        <quote><replaceable>cp850</replaceable></quote> character set on the
+        wire when talking to MS-DOS and MS Windows 9x, and that the filenames
+        are stored in the <quote><replaceable>ISO-8859-1</replaceable></quote>
+        encoding on the disk. Adjust these values appropriately for your
+        installation. The <quote>unix charset</quote> value must be the same as
+        the output of <command>locale charmap</command> when executed with the
+        <envar>LANG</envar> variable set to your preferred locale, otherwise the
+        <command>ls</command> command may not display correct filenames of
+        downloaded files.</para>
+
+        <para>There is no need to run any <application>Samba</application>
+        servers in this scenario, thus you don't need to install the provided
+        bootscripts.</para>
+
+      </sect4>
+
+      <sect4>
+        <title>Scenario 2: Standalone File/Print Server</title>
+
+        <para>Choose this variant if you want to share your files and printers
+        to Windows machines in your workgroup in addition to the capabilities
+        described in Scenario 1.</para>
+
+        <para>In this case, the <filename>/etc/samba/smb.conf.default</filename>
+        file may be a good template to start from. Also add
+        <quote>dos charset</quote> and <quote>unix charset</quote> parameters
+        to the <quote>[global]</quote> section as described in Scenario 1 in
+        order to prevent filename corruption.</para>
+
+        <para>The following configuration file creates a separate share for each
+        user's home directory and also makes all printers available to Windows
+        machines:</para>
+
+<screen role='root'><literal>[global]
+    workgroup = <replaceable>MYGROUP</replaceable>
+    dos charset = <replaceable>cp850</replaceable>
+    unix charset = <replaceable>ISO-8859-1</replaceable>
+
+[homes]
+    comment = Home Directories
+    browseable = no
+    writable = yes
+
+[printers]
+    comment = All Printers
+    path = /var/spool/samba
+    browseable = no
+    guest ok = no
+    printable = yes</literal></screen>
+
+        <para>Other parameters you may wish to customize in the
+        <quote>[global]</quote> section include:</para>
+
+<screen role='root'><literal>    server string =
+    security =
+    hosts allow =
+    load printers =
+    log file =
+    max log size =
+    socket options =
+    local master =</literal></screen>
+
+        <para>Reference the comments in the
+        <filename>/etc/samba/smb.conf.default</filename> file for information
+        regarding these parameters.</para>
+
+        <para>Since the <command>smbd</command> and <command>nmbd</command>
+        daemons are needed in this case, install the <filename>samba</filename>
+        bootscript. Be sure to run <command>smbpasswd</command> (with the
+        <option>-a</option> option to add users) to enable and
+        set passwords for all accounts that need
+        <application>Samba</application> access, or use the SWAT web interface
+        (see below) to do the same. Using the default
+        <application>Samba</application> passdb backend, any user you attempt
+        to add will also be required to exist in the
+        <filename>/etc/passwd</filename> file.</para>
+
+      </sect4>
+
+      <sect4>
+        <title>Advanced Requirements</title>
+
+        <para>More complex scenarios involving domain control or membership are
+        possible if the right flags are passed to the ./configure script when
+        the package is built. Such setups are advanced topics and cannot be
+        adequately covered in BLFS. Many complete books have been written on
+        these topics alone. It should be noted, however, that a
+        <application>Samba</application> BDC cannot be used as a fallback
+        for a Windows PDC, and conversely, a Windows BDC cannot be used as a
+        fallback for a <application>Samba</application> PDC. Also in some
+        domain membership scenarios, the <command>winbindd</command> daemon and
+        the corresponding bootscript are needed.</para>
+
+        <para>There is quite a bit of documentation available which covers many
+        of these advanced configurations. Point your web browser to the links
+        below to view some of the documentation included with the
+        <application>Samba</application> package:</para>
+
+        <itemizedlist spacing='compact'>
+          <listitem>
+            <para>Using Samba, 2nd Edition; a popular book published by O'Reilly
+            <ulink url="file:///usr/share/samba/swat/using_samba/toc.html"/></para>
+          </listitem>
+          <listitem>
+            <para>The Official Samba HOWTO and Reference Guide <ulink
+            url="file:///usr/share/samba/swat/help/Samba-HOWTO-Collection/index.html"/>
+            </para>
+          </listitem>
+          <listitem>
+            <para>Samba-3 by Example
+            <ulink url="file:///usr/share/samba/swat/help/Samba-Guide/index.html"/>
+            </para>
+          </listitem>
+          <listitem>
+            <para>The Samba-3 man Pages
+            <ulink url="file:///usr/share/samba/swat/help/samba.7.html"/></para>
+          </listitem>
+        </itemizedlist>
+
+      </sect4>
+
+    </sect3>
+
+    <sect3 id="samba3-swat-config">
+      <title>Configuring SWAT</title>
+
+      <para>The built in SWAT (<application>Samba</application> Web
+      Administration Tool) utility can be used for basic configuration of
+      the <application>Samba</application> installation, but because it may
+      be inconvenient, undesirable or perhaps even impossible to gain
+      access to the console, BLFS recommends setting up access to SWAT using
+      <application>Stunnel</application>. Without
+      <application>Stunnel</application>, the
+      <systemitem class="username">root</systemitem> password is transmitted
+      in clear text over the wire, and is considered an unacceptable security
+      risk. After considering the security implications of using SWAT without
+      <application>Stunnel</application>, and you still wish to implement SWAT
+      without it, instructions are provided at this end of this section.</para>
+
+      <indexterm zone="samba3 samba3-swat-config">
+        <primary sortas="g-SWAT">SWAT</primary>
+      </indexterm>
+
+      <sect4>
+        <title>Setting up SWAT using Stunnel</title>
+
+        <para>First install, or ensure you have already installed, the
+        <xref linkend="stunnel"/> package.</para>
+
+        <para>Next you must add entries to <filename>/etc/services</filename>
+        and modify the <command>inetd</command>/<command>xinetd</command>
+        configuration.</para>
+
+        <indexterm zone="samba3 samba3-swat-config">
+          <primary sortas="e-etc-services">/etc/services</primary>
+        </indexterm>
+
+        <indexterm zone="samba3 samba3-swat-config">
+          <primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
+        </indexterm>
+
+        <indexterm zone="samba3 samba3-swat-config">
+          <primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
+        </indexterm>
+
+        <para>Add swat and swat_tunnel entries to
+        <filename>/etc/services</filename> with the following commands issued
+        as the <systemitem class="username">root</systemitem> user:</para>
+
+<screen role="root"><userinput>echo "swat            904/tcp" >> /etc/services &&
+echo "swat_tunnel     905/tcp" >> /etc/services</userinput></screen>
+
+        <para>If <command>inetd</command> is used, the following command will
+        add the swat_tunnel entry to <filename>/etc/inetd.conf</filename> (as
+        user <systemitem class="username">root</systemitem>):</para>
+
+<screen role="root"><userinput>echo "swat_tunnel stream tcp nowait.400 root /usr/sbin/swat swat" \
+    >> /etc/inetd.conf</userinput></screen>
+
+        <para>Issue a <command>killall -HUP inetd</command> to reread the
+        changed <filename>inetd.conf</filename> file.</para>
+
+        <para>If you use <command>xinetd</command>, the following command will
+        create the <application>Samba</application> file as
+        <filename>/etc/xinetd.d/swat_tunnel</filename> (you may need to modify
+        or remove the <quote>only_from</quote> line to include the desired
+        host[s]):</para>
+
+<screen role="root"><userinput>cat >> /etc/xinetd.d/swat_tunnel << "EOF"
+<literal># Begin /etc/xinetd.d/swat_tunnel
+
+service swat_tunnel
+{
+    port            = 905
+    socket_type     = stream
+    wait            = no
+    only_from       = 127.0.0.1
+    user            = root
+    server          = /usr/sbin/swat
+    log_on_failure  += USERID
+}
+
+# End /etc/xinetd.d/swat_tunnel</literal>
+EOF</userinput></screen>
+
+        <indexterm zone="samba3 samba3-swat-config">
+          <primary sortas="e-etc-xinetd.d-swat-tunnel">/etc/xinetd.d/swat_tunnel</primary>
+        </indexterm>
+
+        <para>Issue a <command>killall -HUP xinetd</command> to read the new
+        <filename>/etc/xinetd.d/swat_tunnel</filename> file.</para>
+
+        <para>Next, you must add an entry for the swat service to the
+        <filename>/etc/stunnel/stunnel.conf</filename> file (as user
+        <systemitem class="username">root</systemitem>):</para>
+
+        <indexterm zone="samba3 samba3-swat-config">
+          <primary sortas="e-etc-stunnel-stunnel.conf">/etc/stunnel/stunnel.conf</primary>
+        </indexterm>
+
+<screen role="root"><userinput>cat >> /etc/stunnel/stunnel.conf << "EOF"
+<literal>[swat]
+accept  = 904
+connect = 905
+TIMEOUTclose = 1</literal>
+
+EOF</userinput></screen>
+
+        <para>Restart the <command>stunnel</command> daemon using the following
+        command as the <systemitem class="username">root</systemitem> user:</para>
+
+<screen role="root"><userinput>/etc/rc.d/init.d/stunnel restart</userinput></screen>
+
+      <para>SWAT can be launched by pointing your web browser to
+      <uri>https://<replaceable><CA_DN_field></replaceable>:904</uri>.
+      Substitute the hostname listed in the DN field of the CA certificate
+      used with <application>Stunnel</application> for
+      <replaceable><CA_DN_field></replaceable>.</para>
+
+      </sect4>
+
+      <sect4>
+        <title>Setting up SWAT without Stunnel</title>
+
+        <warning>
+          <para>BLFS does not recommend using these procedures because of the
+          security risk involved. However, in a home network environment and
+          disclosure of the <systemitem class='username'>root</systemitem>
+          password is an acceptable risk, the following
+          instructions are provided for your convenience.</para>
+        </warning>
+
+        <para>Add a swat entry to <filename>/etc/services</filename> with the
+        following command issued as the
+        <systemitem class='username'>root</systemitem> user:</para>
+
+<screen role='root'><userinput>echo "swat            904/tcp" >> /etc/services</userinput></screen>
+
+        <para>If <command>inetd</command> is used, the following command
+        issued as the <systemitem class='username'>root</systemitem> user will
+        add a swat entry to the <filename>/etc/inetd.conf</filename> file:</para>
+
+<screen role='root'><userinput>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
+    >> /etc/inetd.conf</userinput></screen>
+
+        <para>Issue a <command>killall -HUP inetd</command> to reread the
+        changed <filename>inetd.conf</filename> file.</para>
+
+        <para>If <command>xinetd</command> is used, the following command
+        issued as the <systemitem class='username'>root</systemitem> user
+        will create an <filename>/etc/xinetd.d/swat</filename> file:</para>
+
+<screen role='root'><userinput>cat >> /etc/xinetd.d/swat << "EOF"
+<literal># Begin /etc/xinetd.d/swat
+
+service swat
+{
+    port            = 904
+    socket_type     = stream
+    wait            = no
+    only_from       = 127.0.0.1
+    user            = root
+    server          = /usr/sbin/swat
+    log_on_failure  += USERID
+}
+
+# End /etc/xinetd.d/swat</literal>
+EOF</userinput></screen>
+
+        <para>Issue a <command>killall -HUP xinetd</command> to read the
+        new <filename>/etc/xinetd.d/swat</filename> file.</para>
+
+        <para>SWAT can be launched by pointing your web browser to
+        http://localhost:904.</para>
+
+      </sect4>
+
+    </sect3>
+
+    <sect3>
+      <title/>
+
+      <note>
+        <para>If you linked <application>Linux-PAM</application> into the
+        <application>Samba</application> build, you'll need to create an
+        <filename>/etc/pam.d/samba</filename> file.</para>
+      </note>
+
+      <indexterm zone="samba3 samba3-swat-config">
+        <primary sortas="e-etc-pam.d-samba">/etc/pam.d/samba</primary>
+      </indexterm>
+
+    </sect3>
+
+    <sect3 id="samba3-init">
+      <title>Boot Script</title>
+
+      <para>For your convenience, boot scripts have been provided for
+      <application>Samba</application>. There are two included in the
+      <xref linkend="bootscripts"/> package. The first,
+      <filename>samba</filename>, will start the <command>smbd</command>
+      and <command>nmbd</command> daemons needed to provide SMB/CIFS
+      services. The second script, <filename>winbind</filename>, starts
+      the <command>winbindd</command> daemon, used for providing Windows
+      domain services to Linux clients.</para>
+
+      <indexterm zone="samba3 samba3-init">
+        <primary sortas="f-samba">samba</primary>
+      </indexterm>
+
+      <indexterm zone="samba3 samba3-init">
+        <primary sortas="f-winbind">winbind</primary>
+      </indexterm>
+
+      <para>The default <application>Samba</application> installation uses the
+      <systemitem class='username'>nobody</systemitem> user for guest access
+      to the server. This can be overridden by setting the
+      <option>guest account =</option> parameter in the
+      <filename>/etc/samba/smb.conf</filename> file. If you utilize the
+      <option>guest account =</option> parameter, ensure this user exists in
+      the <filename>/etc/passwd</filename> file. To use the default user,
+      issue the following commands as the
+      <systemitem class='username'>root</systemitem> user:</para>
+
+<screen><userinput>groupadd -g 99 nogroup &&
+useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \
+    -s /bin/false -u 99 nobody</userinput></screen>
+
+      <para>Install the <filename>samba</filename> script with the following
+      command issued as the <systemitem class="username">root</systemitem>
+      user:</para>
+
+<screen role="root"><userinput>make install-samba</userinput></screen>
+
+      <para>If you also need the <filename>winbind</filename>
+      script:</para>
+
+<screen role="root"><userinput>make install-winbind</userinput></screen>
+
+    </sect3>
+
+  </sect2>
+
+  <sect2 role="content">
+    <title>Contents</title>
+
+    <segmentedlist>
+      <segtitle>Installed Programs</segtitle>
+      <segtitle>Installed Libraries</segtitle>
+      <segtitle>Installed Directories</segtitle>
+
+      <seglistitem>
+        <seg>cifs.upcall, eventlogadm, findsmb, ldbadd, ldbdel, ldbedit,
+        ldbmodify, ldbrename, ldbsearch, mount.cifs, net, nmbd,
+        nmblookup, ntlm_auth, pdbedit, profiles, rpcclient, sharesec, smbcacls,
+        smbclient, smbcontrol, smbcquotas, smbd, smbget, smbpasswd, smbspool,
+        smbstatus, smbtar, smbtree, swat, testparm, umount.cifs, wbinfo,
+        winbindd, and (if not using system TDB) tdbbackup, tdbdump, and
+        tdbtool</seg>
+        <seg>libnss_winbind.so, libnss_wins.so, libnetapi.so, libsmbclient.so,
+        libsmbsharemodes.so, libtalloc.so, libwbclient.so, the pam_winbind.so
+        and pam_smbpass.so PAM libraries, and assorted character set,
+        filesystem and support modules.</seg>
+        <seg>/etc/samba, /usr/lib/samba, /usr/share/doc/samba-&samba3-version;,
+        /usr/share/samba, /var/lib/samba and (if configured) /var/log/samba</seg>
+      </seglistitem>
+    </segmentedlist>
+
+    <variablelist>
+      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+      <?dbfo list-presentation="list"?>
+      <?dbhtml list-presentation="table"?>
+
+      <varlistentry id="cifs.upcall">
+        <term><command>cifs.upcall</command></term>
+        <listitem>
+          <para>is a userspace upcall helper for Common Internet File Systems
+           (CIFS)</para>
+          <indexterm zone="samba3 cifs.upcall">
+            <primary sortas="b-cifs.upcall">cifs.upcall</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="eventlogadm">
+        <term><command>eventlogadm</command></term>
+        <listitem>
+          <para>is used to write records to eventlogs from STDIN, add the
+          specified source and DLL eventlog registry entries and display the
+          active eventlog names (from <filename>smb.conf</filename>).</para>
+          <indexterm zone="samba3 eventlogadm">
+            <primary sortas="b-eventlogadm">eventlogadm</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="findsmb">
+        <term><command>findsmb</command></term>
+        <listitem>
+          <para>lists information about machines that respond to
+          SMB name queries on a subnet.</para>
+          <indexterm zone="samba3 findsmb">
+            <primary sortas="b-findsmb">findsmb</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ldbadd">
+        <term><command>ldbadd</command></term>
+        <listitem>
+          <para>is a command-line utility for adding records to an LDB
+          database.</para>
+          <indexterm zone="samba3 ldbadd">
+            <primary sortas="b-ldbadd">ldbadd</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ldbdel">
+        <term><command>ldbdel</command></term>
+        <listitem>
+          <para>is a command-line program for deleting LDB database
+          records.</para>
+          <indexterm zone="samba3 ldbdel">
+            <primary sortas="b-ldbdel">ldbdel</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ldbedit">
+        <term><command>ldbedit</command></term>
+        <listitem>
+          <para>allows you to edit LDB databases using your preferred
+          editor.</para>
+          <indexterm zone="samba3 ldbedit">
+            <primary sortas="b-ldbedit">ldbedit</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ldbmodify">
+        <term><command>ldbmodify</command></term>
+        <listitem>
+          <para>allows you to modify records in an LDB database.</para>
+          <indexterm zone="samba3 ldbmodify">
+            <primary sortas="b-ldbmodify">ldbmodify</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ldbrename">
+        <term><command>ldbrename</command></term>
+        <listitem>
+          <para>allows you to edit LDB databases using your preferred
+          editor.</para>
+          <indexterm zone="samba3 ldbrename">
+            <primary sortas="b-ldbrename">ldbrename</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ldbsearch">
+        <term><command>ldbsearch</command></term>
+        <listitem>
+          <para>searches an LDB database for records matching a specified
+          expression.</para>
+          <indexterm zone="samba3 ldbsearch">
+            <primary sortas="b-ldbsearch">ldbsearch</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="mount.cifs">
+        <term><command>mount.cifs</command></term>
+        <listitem>
+          <para>mounts a Linux CIFS filesystem. It is usually invoked
+          indirectly by the <command>mount</command> command when using the
+          <option>-t cifs</option> option.</para>
+          <indexterm zone="samba3 mount.cifs">
+            <primary sortas="b-mount.cifs">mount.cifs</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="net">
+        <term><command>net</command></term>
+        <listitem>
+          <para>is a tool for administration of
+          <application>Samba</application> and remote CIFS servers, similar
+          to the <command>net</command> utility for DOS/Windows.</para>
+          <indexterm zone="samba3 net">
+            <primary sortas="b-net">net</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="nmbd">
+        <term><command>nmbd</command></term>
+        <listitem>
+          <para>is the <application>Samba</application>
+          NetBIOS name server.</para>
+          <indexterm zone="samba3 nmbd">
+            <primary sortas="b-nmbd">nmbd</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="nmblookup">
+        <term><command>nmblookup</command></term>
+        <listitem>
+          <para>is used to query NetBIOS names and map
+          them to IP addresses.</para>
+          <indexterm zone="samba3 nmblookup">
+            <primary sortas="b-nmblookup">nmblookup</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="ntlm_auth">
+        <term><command>ntlm_auth</command></term>
+        <listitem>
+          <para>is a tool to allow external access to Winbind's
+          NTLM authentication function.</para>
+          <indexterm zone="samba3 ntlm_auth">
+            <primary sortas="b-ntlm_auth">ntlm_auth</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="pdbedit">
+        <term><command>pdbedit</command></term>
+        <listitem>
+          <para>is a tool used to manage the SAM database.</para>
+          <indexterm zone="samba3 pdbedit">
+            <primary sortas="b-pdbedit">pdbedit</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="profiles">
+        <term><command>profiles</command></term>
+        <listitem>
+          <para>is a utility that reports and changes SIDs in Windows
+          registry files. It currently only supports Windows NT.</para>
+          <indexterm zone="samba3 profiles">
+            <primary sortas="b-profiles">profiles</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="rpcclient">
+        <term><command>rpcclient</command></term>
+        <listitem>
+          <para>is used to execute MS-RPC client side functions.</para>
+          <indexterm zone="samba3 rpcclient">
+            <primary sortas="b-rpcclient">rpcclient</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="sharesec">
+        <term><command>sharesec</command></term>
+        <listitem>
+          <para>manipulates share ACL permissions on SMB file shares.</para>
+          <indexterm zone="samba3 sharesec">
+            <primary sortas="b-sharesec">sharesec</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbcacls">
+        <term><command>smbcacls</command></term>
+        <listitem>
+          <para>is used to manipulate Windows NT access control lists.</para>
+          <indexterm zone="samba3 smbcacls">
+            <primary sortas="b-smbcacls">smbcacls</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbclient">
+        <term><command>smbclient</command></term>
+        <listitem>
+          <para>is a SMB/CIFS access utility, similar to FTP.</para>
+          <indexterm zone="samba3 smbclient">
+            <primary sortas="b-smbclient">smbclient</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbcontrol">
+        <term><command>smbcontrol</command></term>
+        <listitem>
+          <para>is used to control running <command>smbd</command>,
+          <command>nmbd</command> and <command>winbindd</command>
+          daemons.</para>
+          <indexterm zone="samba3 smbcontrol">
+            <primary sortas="b-smbcontrol">smbcontrol</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbcquotas">
+        <term><command>smbcquotas</command></term>
+        <listitem>
+          <para>is used to manipulate Windows NT quotas on
+          SMB file shares.</para>
+          <indexterm zone="samba3 smbcquotas">
+            <primary sortas="b-smbcquotas">smbcquotas</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbd">
+        <term><command>smbd</command></term>
+        <listitem>
+          <para>is the main <application>Samba</application> daemon which
+          provides SMB/CIFS services to clients.</para>
+          <indexterm zone="samba3 smbd">
+            <primary sortas="b-smbd">smbd</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbget">
+        <term><command>smbget</command></term>
+        <listitem>
+          <para>is a simple utility with <command>wget</command>-like
+          semantics, that can download files from SMB servers. You can specify
+          the files you would like to download on the command-line.</para>
+          <indexterm zone="samba3 smbget">
+            <primary sortas="b-smbget">smbget</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbpasswd">
+        <term><command>smbpasswd</command></term>
+        <listitem>
+          <para>changes a user's <application>Samba</application>
+          password.</para>
+          <indexterm zone="samba3 smbpasswd">
+            <primary sortas="b-smbpasswd">smbpasswd</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbspool">
+        <term><command>smbspool</command></term>
+        <listitem>
+          <para>sends a print job to an SMB printer.</para>
+          <indexterm zone="samba3 smbspool">
+            <primary sortas="b-smbspool">smbspool</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbstatus">
+        <term><command>smbstatus</command></term>
+        <listitem>
+          <para>reports current <application>Samba</application>
+          connections.</para>
+          <indexterm zone="samba3 smbstatus">
+            <primary sortas="b-smbstatus">smbstatus</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbtar">
+        <term><command>smbtar</command></term>
+        <listitem>
+          <para>is a shell script used for backing up SMB/CIFS shares
+          directly to Linux tape drives or a file.</para>
+          <indexterm zone="samba3 smbtar">
+            <primary sortas="b-smbtar">smbtar</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="smbtree">
+        <term><command>smbtree</command></term>
+        <listitem>
+          <para>is a text-based SMB network browser.</para>
+          <indexterm zone="samba3 smbtree">
+            <primary sortas="b-smbtree">smbtree</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="swat">
+        <term><command>swat</command></term>
+        <listitem>
+          <para>is the <application>Samba</application> Web Administration
+          Tool.</para>
+          <indexterm zone="samba3 swat">
+            <primary sortas="b-swat">swat</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="tdbbackup">
+        <term><command>tdbbackup</command></term>
+        <listitem>
+          <para>is a tool for backing up or validating the integrity of
+          <application>Samba</application> <filename>.tdb</filename>
+          files.</para>
+          <indexterm zone="samba3 tdbbackup">
+            <primary sortas="b-tdbbackup">tdbbackup</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="tdbdump">
+        <term><command>tdbdump</command></term>
+        <listitem>
+          <para> is a tool used to print the contents of a
+          <application>Samba</application> <filename>.tdb</filename>
+          file.</para>
+          <indexterm zone="samba3 tdbdump">
+            <primary sortas="b-tdbdump">tdbdump</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="tdbtool">
+        <term><command>tdbtool</command></term>
+        <listitem>
+          <para>is a tool which allows simple database manipulation from the
+          command line.</para>
+          <indexterm zone="samba3 tdbtool">
+            <primary sortas="b-tdbtool">tdbtool</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="testparm">
+        <term><command>testparm</command></term>
+        <listitem>
+          <para>checks an <filename>smb.conf</filename> file for proper
+          syntax.</para>
+          <indexterm zone="samba3 testparm">
+            <primary sortas="b-testparm">testparm</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="umount.cifs">
+        <term><command>umount.cifs</command></term>
+        <listitem>
+          <para>is used by normal, non-<systemitem
+          class="username">root</systemitem> users, to
+          <command>unmount</command> their own Common Internet File System
+          (CIFS) mounts.</para>
+          <indexterm zone="samba3 umount.cifs">
+            <primary sortas="b-umount.cifs">umount.cifs</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="wbinfo">
+        <term><command>wbinfo</command></term>
+        <listitem>
+          <para>queries a running <command>winbindd</command> daemon.</para>
+          <indexterm zone="samba3 wbinfo">
+            <primary sortas="b-wbinfo">wbinfo</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="winbindd">
+        <term><command>winbindd</command></term>
+        <listitem>
+          <para>resolves names from Windows NT servers.</para>
+          <indexterm zone="samba3 winbindd">
+            <primary sortas="b-winbindd">winbindd</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libnss_winbind">
+        <term><filename class='libraryfile'>libnss_winbind.so</filename></term>
+        <listitem>
+          <para>provides Name Service Switch API functions for resolving names
+          from NT servers.</para>
+          <indexterm zone="samba3 libnss_winbind">
+            <primary sortas="c-libnss_winbind">libnss_winbind.so</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libnss_wins">
+        <term><filename class='libraryfile'>libnss_wins.so</filename></term>
+        <listitem>
+          <para>provides API functions for Samba's implementation of the
+          Windows Internet Naming Service.</para>
+          <indexterm zone="samba3 libnss_wins">
+            <primary sortas="c-libnss_wins">libnss_wins.so</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libnetapi">
+        <term><filename class='libraryfile'>libnetapi.so</filename></term>
+        <listitem>
+          <para>provides the API functions for the administration tools used
+          for Samba and remote CIFS servers.</para>
+          <indexterm zone="samba3 libnetapi">
+            <primary sortas="c-libnetapi">libnetapi.so</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libsmbclient">
+        <term><filename class='libraryfile'>libsmbclient.so</filename></term>
+        <listitem>
+          <para>provides the API functions for the Samba SMB client tools.</para>
+          <indexterm zone="samba3 libsmbclient">
+            <primary sortas="c-libsmbclient">libsmbclient.so</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libsmbsharemodes">
+        <term><filename class='libraryfile'>libsmbsharemodes.so</filename></term>
+        <listitem>
+          <para>provides API functions for accessing SMB share modes
+          (locks etc.)</para>
+          <indexterm zone="samba3 libsmbsharemodes">
+            <primary sortas="c-libsmbsharemodes">libsmbsharemodes.so</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libwbclient">
+        <term><filename class='libraryfile'>libwbclient.so</filename></term>
+        <listitem>
+          <para>provides API functions for Windows domain client services.</para>
+          <indexterm zone="samba3 libwbclient">
+            <primary sortas="c-libwbclient">libwbclient.so</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </sect2>
+
+</sect1>

Modified: trunk/BOOK/networking/netprogs/wget.xml
===================================================================
--- trunk/BOOK/networking/netprogs/wget.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/networking/netprogs/wget.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -32,7 +32,7 @@
     <para>The <application>Wget</application> package contains a utility useful
     for non-interactive downloading of files from the Web.</para>
 
-    &lfs67_built;
+    &lfs70_checked;
 
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">

Modified: trunk/BOOK/postlfs/security/gnutls.xml
===================================================================
--- trunk/BOOK/postlfs/security/gnutls.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/postlfs/security/gnutls.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -4,8 +4,9 @@
   <!ENTITY % general-entities SYSTEM "../../general.ent">
   %general-entities;
 
-  <!ENTITY gnutls-download-http "http://mirrors.kernel.org/gnu/gnutls/gnutls-&gnutls-version;.tar.bz2">
-  <!ENTITY gnutls-download-ftp  "ftp://ftp.gnutls.org/pub/gnutls/gnutls-&gnutls-version;.tar.bz2">
+  <!-- <!ENTITY gnutls-download-http "http://mirrors.kernel.org/gnu/gnutls/gnutls-&gnutls-version;.tar.bz2"> -->
+  <!ENTITY gnutls-download-http " ">
+  <!ENTITY gnutls-download-ftp  "ftp://ftp.gnutls.org/pub/gnutls/gnutls-&gnutls-version;.tar.xz">
   <!ENTITY gnutls-md5sum        "777823f5746ab80cd6f7f7b5fcb2f91b">
   <!ENTITY gnutls-size          "7.4 MB">
   <!ENTITY gnutls-buildsize     "100 MB">
@@ -47,13 +48,13 @@
     the TLS Pre-Shared-Keys (PSK) extension, the Inner Application (TLS/IA)
     extension and X.509 and OpenPGP certificate handling.</para>
 
-    &lfs65_checked;
+    &lfs70_checked;
 
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">
-      <listitem>
+      <!--<listitem>
         <para>Download (HTTP): <ulink url="&gnutls-download-http;"/></para>
-      </listitem>
+      </listitem> -->
       <listitem>
         <para>Download (FTP): <ulink url="&gnutls-download-ftp;"/></para>
       </listitem>

Modified: trunk/BOOK/postlfs/security/heimdal.xml
===================================================================
--- trunk/BOOK/postlfs/security/heimdal.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/postlfs/security/heimdal.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -91,7 +91,7 @@
     <para role="optional"><xref linkend="openldap"/>,
     <xref linkend="sqlite"/>,
     <xref linkend="x-window-system"/>,
-    <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink>, and
+    <xref linkend="libcap2"/>, and
     <ulink url="http://people.redhat.com/sgrubb/libcap-ng/">libcap-ng</ulink> (with this
     <ulink url="&patch-root;/libcap-ng-0.6.4-2.6.36_kernel_fix-1.patch">patch</ulink>
     if the Linux kernel version is >=2.6.36)</para>

Added: trunk/BOOK/postlfs/security/libcap2.xml
===================================================================
--- trunk/BOOK/postlfs/security/libcap2.xml	                        (rev 0)
+++ trunk/BOOK/postlfs/security/libcap2.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -0,0 +1,161 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+   "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+
+  <!-- Change to kernel.org when it gets back there. -->
+  <!ENTITY libcap2-download-http "http://ftp.de.debian.org/debian/pool/main/libc/libcap2/libcap2_&libcap2-version;.orig.tar.gz">
+  <!ENTITY libcap2-download-ftp  "ftp://ftp.de.debian.org/debian/pool/main/libc/libcap2/libcap2_&libcap2-version;.orig.tar.gz"> 
+  <!ENTITY libcap2-md5sum        "b4896816b626bea445f0b3849bdd4077">
+  <!ENTITY libcap2-size          "72 KB">
+  <!ENTITY libcap2-buildsize     "1.3 MB">
+  <!ENTITY libcap2-time          "less than 0.1 SBU">
+]>
+
+<sect1 id="libcap2" xreflabel="libcap2-&libcap2-version;">
+  <?dbhtml filename="libcap2.html"?>
+
+  <sect1info>
+    <othername>$LastChangedBy: bdubbs $</othername>
+    <date>$Date: 2011-10-24 22:31:31 -0500 (Mon, 24 Oct 2011) $</date>
+  </sect1info>
+
+  <title>libcap2-&libcap2-version;</title>
+
+  <indexterm zone="libcap2">
+    <primary sortas="a-libcap2">libcap2</primary>
+  </indexterm>
+
+  <sect2 role="package">
+    <title>Introduction to libcap2</title>
+
+    <para>The <application>libcap2</application> package implements the
+    user-space interfaces to the POSIX 1003.1e capabilities available in Linux
+    kernels. These capabilities are a partitioning of the all powerful root
+    privilege into a set of distinct privileges.  </para>
+
+    &lfs70_checked;
+
+    <bridgehead renderas="sect3">Package Information</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>Download (HTTP): <ulink url="&libcap2-download-http;"/></para>
+      </listitem>
+      <listitem>
+        <para>Download (FTP): <ulink url="&libcap2-download-ftp;"/></para>
+      </listitem>
+      <listitem>
+        <para>Download MD5 sum: &libcap2-md5sum;</para>
+      </listitem>
+      <listitem>
+        <para>Download size: &libcap2-size;</para>
+      </listitem>
+      <listitem>
+        <para>Estimated disk space required: &libcap2-buildsize;</para>
+      </listitem>
+      <listitem>
+        <para>Estimated build time: &libcap2-time;</para>
+      </listitem>
+    </itemizedlist>
+
+    <bridgehead renderas="sect3">libcap2 Dependencies</bridgehead>
+
+    <bridgehead renderas="sect4">Required</bridgehead>
+    <para role="required"><xref linkend="attr"/></para>
+
+    <para condition="html" role="usernotes">User Notes:
+    <ulink url="&blfs-wiki;/libcap2"/></para>
+
+  </sect2>
+
+  <sect2 role="installation">
+    <title>Installation of libcap2</title>
+
+    <para>Install <application>libcap2</application> by running the following
+    commands:</para>
+
+<screen><userinput>make</userinput></screen>
+
+    <para>This package does not come with a test suite.</para>
+    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
+
+<screen role="root"><userinput>make install</userinput></screen>
+
+  </sect2>
+
+  <sect2 role="content">
+    <title>Contents</title>
+
+    <segmentedlist>
+      <segtitle>Installed Programs</segtitle>
+      <segtitle>Installed Library</segtitle>
+      <segtitle>Installed Directories</segtitle>
+
+      <seglistitem>
+        <seg>capsh, getcap, getpcaps, and setcap</seg>
+        <seg>libcap.{so,a}</seg>
+        <seg>None</seg>
+      </seglistitem>
+    </segmentedlist>
+
+    <variablelist>
+      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+      <?dbfo list-presentation="list"?>
+      <?dbhtml list-presentation="table"?>
+
+      <varlistentry id="capsh">
+        <term><command>capsh</command></term>
+        <listitem>
+          <para>is a shell wrapper to exploredand constraine capability support.</para>
+          <indexterm zone="libcap2 capsh">
+            <primary sortas="b-capsh">capsh</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="getcap">
+        <term><command>getcap</command></term>
+        <listitem>
+          <para>examines file capabilities.</para>
+          <indexterm zone="libcap2 getcap">
+            <primary sortas="b-getcap">getcap</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="getpcaps">
+        <term><command>getpcaps</command></term>
+        <listitem>
+          <para>displays the capabilities on the queried process(es).</para>
+          <indexterm zone="libcap2 getpcaps">
+            <primary sortas="b-getpcaps">getpcaps</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="setcap">
+        <term><command>setcap</command></term>
+        <listitem>
+          <para>sets file file capabilities.</para>
+          <indexterm zone="libcap2 setcap">
+            <primary sortas="b-setcap">setcap</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry id="libcap2-lib">
+        <term><filename class='libraryfile'>libcap2.{so,a}</filename></term>
+        <listitem>
+          <para>contains the <application>libcap2</application> API functions.</para>
+          <indexterm zone="libcap2 libcap2-lib">
+            <primary sortas="c-libcap2">libcap2.{so,a}</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </sect2>
+
+</sect1>

Modified: trunk/BOOK/postlfs/security/security.xml
===================================================================
--- trunk/BOOK/postlfs/security/security.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/postlfs/security/security.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -50,6 +50,7 @@
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="gnupg2.xml"/>
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="gpgme.xml"/>
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="heimdal.xml"/>
+  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="libcap2.xml"/>
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="mitkrb.xml"/>
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="nss.xml"/>
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssh.xml"/>

Modified: trunk/BOOK/postlfs/shells/zsh.xml
===================================================================
--- trunk/BOOK/postlfs/shells/zsh.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/postlfs/shells/zsh.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -83,7 +83,7 @@
 
     <bridgehead renderas="sect4">Optional</bridgehead>
     <para role="optional"><xref linkend="pcre"/> and
-    <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink>
+    <xref linkend="libcap2"/>
     </para>
 
     <para condition="html" role="usernotes">User Notes:

Modified: trunk/BOOK/server/major/major.xml
===================================================================
--- trunk/BOOK/server/major/major.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/server/major/major.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -23,7 +23,7 @@
 <!--  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="nfs-utils.xml"/> -->
 <!--  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssh.xml"/>-->
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="proftpd.xml"/>
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="samba3.xml"/>
+<!--  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="samba3.xml"/> -->
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="vsftpd.xml"/>
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="xinetd.xml"/>
 

Deleted: trunk/BOOK/server/major/samba3.xml
===================================================================
--- trunk/BOOK/server/major/samba3.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/server/major/samba3.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -1,1170 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
-   "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-  <!ENTITY % general-entities SYSTEM "../../general.ent">
-  %general-entities;
-
-  <!ENTITY samba3-download-http "http://samba.org/samba/ftp/stable/samba-&samba3-version;.tar.gz">
-  <!ENTITY samba3-download-ftp  "ftp://samba.org/pub/samba/samba-&samba3-version;.tar.gz">
-  <!ENTITY samba3-md5sum        "bf6c09ea497a166df8bd672db1d8da8f">
-  <!ENTITY samba3-size          "30.8 MB">
-  <!ENTITY samba3-buildsize     "451 MB">
-  <!ENTITY samba3-time          "5 SBU (additional 1.4 SBU to run the test suite)">
-]>
-
-<sect1 id="samba3" xreflabel="Samba-&samba3-version;">
-  <?dbhtml filename="samba3.html"?>
-
-  <sect1info>
-    <othername>$LastChangedBy$</othername>
-    <date>$Date$</date>
-  </sect1info>
-
-  <title>Samba-&samba3-version;</title>
-
-  <indexterm zone="samba3">
-    <primary sortas="a-Samba">Samba</primary>
-  </indexterm>
-
-  <sect2 role="package">
-    <title>Introduction to Samba</title>
-
-    <para>The <application>Samba</application> package provides file and print
-    services to SMB/CIFS clients and Windows networking to Linux clients.
-    <application>Samba</application> can also be configured as a Windows NT
-    4.0 Domain Controller replacement (with caveats working with NT PDC's and
-    BDC's), a file/print server acting as a member of a Windows NT 4.0 or
-    Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which
-    amongst other things provides LAN browsing support).</para>
-
-    <bridgehead renderas="sect3">Package Information</bridgehead>
-    <itemizedlist spacing="compact">
-      <listitem>
-        <para>Download (HTTP): <ulink url="&samba3-download-http;"/></para>
-      </listitem>
-      <listitem>
-        <para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para>
-      </listitem>
-      <listitem>
-        <para>Download MD5 sum: &samba3-md5sum;</para>
-      </listitem>
-      <listitem>
-        <para>Download size: &samba3-size;</para>
-      </listitem>
-      <listitem>
-        <para>Estimated disk space required: &samba3-buildsize;</para>
-      </listitem>
-      <listitem>
-        <para>Estimated build time: &samba3-time;</para>
-      </listitem>
-    </itemizedlist>
-
-    <!--<bridgehead renderas="sect3">Additional Downloads</bridgehead>
-    <itemizedlist spacing="compact">
-      <listitem>
-        <para>Required patch: <ulink
-        url="http://us3.samba.org/samba/patches/patches-&samba3-version;/spoolss.diff"/></para>
-      </listitem>
-    </itemizedlist> -->
-
-    <bridgehead renderas="sect3">Samba Dependencies</bridgehead>
-
-    <bridgehead renderas="sect4">Optional</bridgehead>
-    <para role="optional"><xref linkend="popt"/>,
-    <xref linkend="linux-pam"/>,
-    <xref linkend="cups"/>,
-    <xref linkend="openldap"/>,
-    <xref linkend="gamin"/>,
-    <xref linkend="acl"/>,
-    <xref linkend="xfs"/>,
-    <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
-    <xref linkend="python"/> (used only in parts of the test suite),
-    <ulink url="http://tdb.samba.org/">tdb</ulink> (version 1.2.1),
-    <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink>,
-    <ulink url="http://www.nongnu.org/libunwind/">libunwind</ulink>,
-    <ulink url="http://people.redhat.com/dhowells/keyutils/">keyutils</ulink>
-    (required to build the <command>cifs.upcall</command> program),
-    <xref linkend="avahi"/>,
-    <ulink url="http://www.openafs.org/">OpenAFS</ulink>,
-    and <ulink url="http://valgrind.org/">Valgrind</ulink> (optionally
-    used by the test suite)</para>
-
-    <para>You will need to install one of the kerberos packages if you plan
-    on using your system to join a Windows NT domain.</para>
-
-    <bridgehead renderas="sect4">Optional for Samba4 Support</bridgehead>
-    <para role="optional"><xref linkend="gnutls"/> (recommended),
-    <xref linkend="python"/>, and
-    <xref linkend="sqlite"/></para>
-
-    <para condition="html" role="usernotes">User Notes:
-    <ulink url="&blfs-wiki;/samba3"/></para>
-
-  </sect2>
-
-  <sect2 role="installation">
-    <title>Installation of Samba</title>
-
-    <note>
-      <para>If you wish to run the test suite after the binaries are built,
-      you must add the <option>--enable-socket-wrapper</option> parameter to
-      the <command>configure</command> script below. You may want to run
-      <command>configure</command> with the <option>--help</option> parameter
-      first. There may be other parameters needed to take advantage of
-      optional dependencies.</para>
-    </note>
-
-    <para>Install <application>Samba</application> by running the following
-    commands:</para>
-
-<screen><userinput>cd source3 &&
-
-./configure \
-    --prefix=/usr \
-    --sysconfdir=/etc \
-    --localstatedir=/var \
-    --with-piddir=/var/run \
-    --with-pammodulesdir=/lib/security \
-    --with-fhs \
-    --with-automount \
-    --with-cifsumount \
-    --enable-nss-wrapper \
-    --with-pthreads &&
-make</userinput></screen>
-
-    <para>To test the results, issue: <command>make test</command>. If you have
-    <application>Linux-PAM</application> installed and built the PAM library
-    modules, you can perform a dlopen test by issuing:
-    <command>make test_pam_modules</command>.</para>
-
-    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
-
-<screen role="root"><userinput>make install &&
-
-install -v -m755 ../nsswitch/libnss_win{s,bind}.so /lib   &&
-ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2      &&
-ln -v -sf libnss_wins.so    /lib/libnss_wins.so.2         &&
-
-install -v -m644 ../examples/smb.conf.default /etc/samba  &&
-
-if [ -d /etc/openldap/schema ]; then
-    install -v -m644    ../examples/LDAP/README              \
-                        /etc/openldap/schema/README.LDAP     &&
-    install -v -m644    ../examples/LDAP/samba*              \
-                        /etc/openldap/schema                 &&
-    install -v -m755    ../examples/LDAP/{convert*,get*,ol*} \
-                        /etc/openldap/schema                 && 
-fi &&
-
-install -v -m755 -d /usr/share/doc/samba-&samba3-version; &&
-install -v -m644    ../docs/*.pdf \
-                    /usr/share/doc/samba-&samba3-version; &&
-ln -v -s ../../samba/swat  /usr/share/doc/samba-&samba3-version;</userinput></screen>
-
-  </sect2>
-
-  <sect2 role="commands">
-    <title>Command Explanations</title>
-
-    <para><option>--enable-merged-build</option>: Use this parameter to build
-    the (alpha) Samba4 components (GnuTLS is recommended).</para>
-
-    <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
-    file directory to avoid the default of
-    <filename class="directory">/usr/etc</filename>.</para>
-
-    <para><parameter>--localstatedir=/var</parameter>: Sets the variable
-    data directory to avoid the default of
-    <filename class="directory">/usr/var</filename>.</para>
-
-    <para><parameter>--with-fhs</parameter>: Assigns all other file paths in
-    a manner compliant with the Filesystem Hierarchy Standard (FHS).</para>
-
-    <para><parameter>--with-automount</parameter>: Includes automounting
-    support.</para>
-
-    <para><parameter>--with-cifsumount</parameter>: Builds the
-    <command>umount.cifs</command> program.</para>
-
-    <para><parameter>--enable-nss-wrapper</parameter>: Builds the nss-wrapper
-    library.</para>
-
-    <para><parameter>--with-pthreads</parameter>: Adds threading support.</para>
-
-    <para><command>install -v -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
-    The nss libraries are not installed by default. If you intend to use
-    winbindd for Windows NT domain authentication, and/or WINS name resolution,
-    you need these libraries.</para>
-
-    <para><command>ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
-    and <command>ln -v -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
-    These symlinks are required by <application>Glibc</application> to use the
-    NSS libraries.</para>
-
-    <para><command>if [ -d /etc/openldap/schema ]; then ...; fi</command>:
-    These commands are used to see if you have an OpenLDAP installation, and if
-    so, they copy sample Samba schemas to the OpenLDAP
-    <filename class='directory'>schema</filename> directory.</para>
-
-    <para><command>install -v -m644 ../examples/smb.conf.default
-    /etc/samba</command>: This copies a default <filename>smb.conf</filename>
-    file into <filename>/etc/samba</filename>. This sample configuration will
-    not work until you copy it to <filename>/etc/samba/smb.conf</filename> and
-    make the appropriate changes for your installation. See the configuration
-    section for minimum values which must be set.</para>
-
-  </sect2>
-
-  <sect2 role="configuration">
-    <title>Configuring Samba</title>
-
-    <sect3 id="samba3-config">
-      <title>Config Files</title>
-
-      <para>/etc/samba/smb.conf</para>
-
-      <indexterm zone="samba3 samba3-config">
-        <primary sortas="e-etc-samba-smb.conf">/etc/samba/smb.conf</primary>
-      </indexterm>
-
-    </sect3>
-
-    <sect3>
-      <title>Mounting Shares by Unprivileged Users</title>
-
-      <para>If it is desired for unprivileged users to directly mount (and
-      unmount) CIFS shares, the <command>mount.cifs</command> and
-      <command>umount.cifs</command> commands must be setuid
-      <systemitem class='username'>root</systemitem>. Note that users can
-      only mount CIFS shares on a mount point owned by that user (requires
-      write access also). If desired, change these programs to setuid
-      <systemitem class='username'>root</systemitem> by issuing the following
-      command as the <systemitem class='username'>root</systemitem>
-      user:</para>
-
-<screen role="root"><userinput>chmod -v 4755 /usr/sbin/{,u}mount.cifs</userinput></screen>
-
-    </sect3>
-
-    <sect3>
-      <title>Printing to SMB Clients</title>
-
-      <para>If you use <application>CUPS</application> for print services,
-      and you wish to print to a printer attached to an SMB client, you
-      need to create an SMB backend device. To create the device, issue the
-      following command as the <systemitem class="username">root</systemitem>
-      user:</para>
-
-<screen role="root"><userinput>ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb</userinput></screen>
-
-    </sect3>
-
-    <sect3>
-      <title>Configuration Information</title>
-
-      <para>Due to the complexity and the many various uses for
-      <application>Samba</application>, complete configuration for all the
-      package's capabilities is well beyond the scope of the BLFS book. This
-      section provides instructions to configure the
-      <filename>/etc/samba/smb.conf</filename> file for two common scenarios.
-      The complete contents of <filename>/etc/samba/smb.conf</filename> will
-      depend on the purpose of <application>Samba</application>
-      installation.</para>
-
-      <note>
-        <para>You may find it easier to copy the configuration parameters shown
-        below into an empty <filename>/etc/samba/smb.conf</filename> file
-        instead of copying and editing the default file as mentioned in the
-        <quote>Command Explanations</quote> section. How you create/edit the
-        <filename>/etc/samba/smb.conf</filename> file will be left up to
-        you. Do ensure the file is only writeable by the
-        <systemitem class="username">root</systemitem> user (mode 644).</para>
-      </note>
-
-      <sect4>
-        <title>Scenario 1: Minimal Standalone Client-Only Installation</title>
-
-        <para>Choose this variant if you only want to transfer files using
-        <command>smbclient</command>, mount Windows shares and print to Windows
-        printers, and don't want to share your files and printers to Windows
-        machines.</para>
-
-        <para>A <filename>/etc/samba/smb.conf</filename> file with the following
-        three parameters is sufficient:</para>
-
-<screen role='root'><literal>[global]
-    workgroup = <replaceable>MYGROUP</replaceable>
-    dos charset = <replaceable>cp850</replaceable>
-    unix charset = <replaceable>ISO-8859-1</replaceable></literal></screen>
-
-        <para>The values in this example specify that the computer belongs to a
-        Windows workgroup named
-        <quote><replaceable>MYGROUP</replaceable></quote>, uses the
-        <quote><replaceable>cp850</replaceable></quote> character set on the
-        wire when talking to MS-DOS and MS Windows 9x, and that the filenames
-        are stored in the <quote><replaceable>ISO-8859-1</replaceable></quote>
-        encoding on the disk. Adjust these values appropriately for your
-        installation. The <quote>unix charset</quote> value must be the same as
-        the output of <command>locale charmap</command> when executed with the
-        <envar>LANG</envar> variable set to your preferred locale, otherwise the
-        <command>ls</command> command may not display correct filenames of
-        downloaded files.</para>
-
-        <para>There is no need to run any <application>Samba</application>
-        servers in this scenario, thus you don't need to install the provided
-        bootscripts.</para>
-
-      </sect4>
-
-      <sect4>
-        <title>Scenario 2: Standalone File/Print Server</title>
-
-        <para>Choose this variant if you want to share your files and printers
-        to Windows machines in your workgroup in addition to the capabilities
-        described in Scenario 1.</para>
-
-        <para>In this case, the <filename>/etc/samba/smb.conf.default</filename>
-        file may be a good template to start from. Also add
-        <quote>dos charset</quote> and <quote>unix charset</quote> parameters
-        to the <quote>[global]</quote> section as described in Scenario 1 in
-        order to prevent filename corruption.</para>
-
-        <para>The following configuration file creates a separate share for each
-        user's home directory and also makes all printers available to Windows
-        machines:</para>
-
-<screen role='root'><literal>[global]
-    workgroup = <replaceable>MYGROUP</replaceable>
-    dos charset = <replaceable>cp850</replaceable>
-    unix charset = <replaceable>ISO-8859-1</replaceable>
-
-[homes]
-    comment = Home Directories
-    browseable = no
-    writable = yes
-
-[printers]
-    comment = All Printers
-    path = /var/spool/samba
-    browseable = no
-    guest ok = no
-    printable = yes</literal></screen>
-
-        <para>Other parameters you may wish to customize in the
-        <quote>[global]</quote> section include:</para>
-
-<screen role='root'><literal>    server string =
-    security =
-    hosts allow =
-    load printers =
-    log file =
-    max log size =
-    socket options =
-    local master =</literal></screen>
-
-        <para>Reference the comments in the
-        <filename>/etc/samba/smb.conf.default</filename> file for information
-        regarding these parameters.</para>
-
-        <para>Since the <command>smbd</command> and <command>nmbd</command>
-        daemons are needed in this case, install the <filename>samba</filename>
-        bootscript. Be sure to run <command>smbpasswd</command> (with the
-        <option>-a</option> option to add users) to enable and
-        set passwords for all accounts that need
-        <application>Samba</application> access, or use the SWAT web interface
-        (see below) to do the same. Using the default
-        <application>Samba</application> passdb backend, any user you attempt
-        to add will also be required to exist in the
-        <filename>/etc/passwd</filename> file.</para>
-
-      </sect4>
-
-      <sect4>
-        <title>Advanced Requirements</title>
-
-        <para>More complex scenarios involving domain control or membership are
-        possible if the right flags are passed to the ./configure script when
-        the package is built. Such setups are advanced topics and cannot be
-        adequately covered in BLFS. Many complete books have been written on
-        these topics alone. It should be noted, however, that a
-        <application>Samba</application> BDC cannot be used as a fallback
-        for a Windows PDC, and conversely, a Windows BDC cannot be used as a
-        fallback for a <application>Samba</application> PDC. Also in some
-        domain membership scenarios, the <command>winbindd</command> daemon and
-        the corresponding bootscript are needed.</para>
-
-        <para>There is quite a bit of documentation available which covers many
-        of these advanced configurations. Point your web browser to the links
-        below to view some of the documentation included with the
-        <application>Samba</application> package:</para>
-
-        <itemizedlist spacing='compact'>
-          <listitem>
-            <para>Using Samba, 2nd Edition; a popular book published by O'Reilly
-            <ulink url="file:///usr/share/samba/swat/using_samba/toc.html"/></para>
-          </listitem>
-          <listitem>
-            <para>The Official Samba HOWTO and Reference Guide <ulink
-            url="file:///usr/share/samba/swat/help/Samba-HOWTO-Collection/index.html"/>
-            </para>
-          </listitem>
-          <listitem>
-            <para>Samba-3 by Example
-            <ulink url="file:///usr/share/samba/swat/help/Samba-Guide/index.html"/>
-            </para>
-          </listitem>
-          <listitem>
-            <para>The Samba-3 man Pages
-            <ulink url="file:///usr/share/samba/swat/help/samba.7.html"/></para>
-          </listitem>
-        </itemizedlist>
-
-      </sect4>
-
-    </sect3>
-
-    <sect3 id="samba3-swat-config">
-      <title>Configuring SWAT</title>
-
-      <para>The built in SWAT (<application>Samba</application> Web
-      Administration Tool) utility can be used for basic configuration of
-      the <application>Samba</application> installation, but because it may
-      be inconvenient, undesirable or perhaps even impossible to gain
-      access to the console, BLFS recommends setting up access to SWAT using
-      <application>Stunnel</application>. Without
-      <application>Stunnel</application>, the
-      <systemitem class="username">root</systemitem> password is transmitted
-      in clear text over the wire, and is considered an unacceptable security
-      risk. After considering the security implications of using SWAT without
-      <application>Stunnel</application>, and you still wish to implement SWAT
-      without it, instructions are provided at this end of this section.</para>
-
-      <indexterm zone="samba3 samba3-swat-config">
-        <primary sortas="g-SWAT">SWAT</primary>
-      </indexterm>
-
-      <sect4>
-        <title>Setting up SWAT using Stunnel</title>
-
-        <para>First install, or ensure you have already installed, the
-        <xref linkend="stunnel"/> package.</para>
-
-        <para>Next you must add entries to <filename>/etc/services</filename>
-        and modify the <command>inetd</command>/<command>xinetd</command>
-        configuration.</para>
-
-        <indexterm zone="samba3 samba3-swat-config">
-          <primary sortas="e-etc-services">/etc/services</primary>
-        </indexterm>
-
-        <indexterm zone="samba3 samba3-swat-config">
-          <primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
-        </indexterm>
-
-        <indexterm zone="samba3 samba3-swat-config">
-          <primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
-        </indexterm>
-
-        <para>Add swat and swat_tunnel entries to
-        <filename>/etc/services</filename> with the following commands issued
-        as the <systemitem class="username">root</systemitem> user:</para>
-
-<screen role="root"><userinput>echo "swat            904/tcp" >> /etc/services &&
-echo "swat_tunnel     905/tcp" >> /etc/services</userinput></screen>
-
-        <para>If <command>inetd</command> is used, the following command will
-        add the swat_tunnel entry to <filename>/etc/inetd.conf</filename> (as
-        user <systemitem class="username">root</systemitem>):</para>
-
-<screen role="root"><userinput>echo "swat_tunnel stream tcp nowait.400 root /usr/sbin/swat swat" \
-    >> /etc/inetd.conf</userinput></screen>
-
-        <para>Issue a <command>killall -HUP inetd</command> to reread the
-        changed <filename>inetd.conf</filename> file.</para>
-
-        <para>If you use <command>xinetd</command>, the following command will
-        create the <application>Samba</application> file as
-        <filename>/etc/xinetd.d/swat_tunnel</filename> (you may need to modify
-        or remove the <quote>only_from</quote> line to include the desired
-        host[s]):</para>
-
-<screen role="root"><userinput>cat >> /etc/xinetd.d/swat_tunnel << "EOF"
-<literal># Begin /etc/xinetd.d/swat_tunnel
-
-service swat_tunnel
-{
-    port            = 905
-    socket_type     = stream
-    wait            = no
-    only_from       = 127.0.0.1
-    user            = root
-    server          = /usr/sbin/swat
-    log_on_failure  += USERID
-}
-
-# End /etc/xinetd.d/swat_tunnel</literal>
-EOF</userinput></screen>
-
-        <indexterm zone="samba3 samba3-swat-config">
-          <primary sortas="e-etc-xinetd.d-swat-tunnel">/etc/xinetd.d/swat_tunnel</primary>
-        </indexterm>
-
-        <para>Issue a <command>killall -HUP xinetd</command> to read the new
-        <filename>/etc/xinetd.d/swat_tunnel</filename> file.</para>
-
-        <para>Next, you must add an entry for the swat service to the
-        <filename>/etc/stunnel/stunnel.conf</filename> file (as user
-        <systemitem class="username">root</systemitem>):</para>
-
-        <indexterm zone="samba3 samba3-swat-config">
-          <primary sortas="e-etc-stunnel-stunnel.conf">/etc/stunnel/stunnel.conf</primary>
-        </indexterm>
-
-<screen role="root"><userinput>cat >> /etc/stunnel/stunnel.conf << "EOF"
-<literal>[swat]
-accept  = 904
-connect = 905
-TIMEOUTclose = 1</literal>
-
-EOF</userinput></screen>
-
-        <para>Restart the <command>stunnel</command> daemon using the following
-        command as the <systemitem class="username">root</systemitem> user:</para>
-
-<screen role="root"><userinput>/etc/rc.d/init.d/stunnel restart</userinput></screen>
-
-      <para>SWAT can be launched by pointing your web browser to
-      <uri>https://<replaceable><CA_DN_field></replaceable>:904</uri>.
-      Substitute the hostname listed in the DN field of the CA certificate
-      used with <application>Stunnel</application> for
-      <replaceable><CA_DN_field></replaceable>.</para>
-
-      </sect4>
-
-      <sect4>
-        <title>Setting up SWAT without Stunnel</title>
-
-        <warning>
-          <para>BLFS does not recommend using these procedures because of the
-          security risk involved. However, in a home network environment and
-          disclosure of the <systemitem class='username'>root</systemitem>
-          password is an acceptable risk, the following
-          instructions are provided for your convenience.</para>
-        </warning>
-
-        <para>Add a swat entry to <filename>/etc/services</filename> with the
-        following command issued as the
-        <systemitem class='username'>root</systemitem> user:</para>
-
-<screen role='root'><userinput>echo "swat            904/tcp" >> /etc/services</userinput></screen>
-
-        <para>If <command>inetd</command> is used, the following command
-        issued as the <systemitem class='username'>root</systemitem> user will
-        add a swat entry to the <filename>/etc/inetd.conf</filename> file:</para>
-
-<screen role='root'><userinput>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
-    >> /etc/inetd.conf</userinput></screen>
-
-        <para>Issue a <command>killall -HUP inetd</command> to reread the
-        changed <filename>inetd.conf</filename> file.</para>
-
-        <para>If <command>xinetd</command> is used, the following command
-        issued as the <systemitem class='username'>root</systemitem> user
-        will create an <filename>/etc/xinetd.d/swat</filename> file:</para>
-
-<screen role='root'><userinput>cat >> /etc/xinetd.d/swat << "EOF"
-<literal># Begin /etc/xinetd.d/swat
-
-service swat
-{
-    port            = 904
-    socket_type     = stream
-    wait            = no
-    only_from       = 127.0.0.1
-    user            = root
-    server          = /usr/sbin/swat
-    log_on_failure  += USERID
-}
-
-# End /etc/xinetd.d/swat</literal>
-EOF</userinput></screen>
-
-        <para>Issue a <command>killall -HUP xinetd</command> to read the
-        new <filename>/etc/xinetd.d/swat</filename> file.</para>
-
-        <para>SWAT can be launched by pointing your web browser to
-        http://localhost:904.</para>
-
-      </sect4>
-
-    </sect3>
-
-    <sect3>
-      <title/>
-
-      <note>
-        <para>If you linked <application>Linux-PAM</application> into the
-        <application>Samba</application> build, you'll need to create an
-        <filename>/etc/pam.d/samba</filename> file.</para>
-      </note>
-
-      <indexterm zone="samba3 samba3-swat-config">
-        <primary sortas="e-etc-pam.d-samba">/etc/pam.d/samba</primary>
-      </indexterm>
-
-    </sect3>
-
-    <sect3 id="samba3-init">
-      <title>Boot Script</title>
-
-      <para>For your convenience, boot scripts have been provided for
-      <application>Samba</application>. There are two included in the
-      <xref linkend="bootscripts"/> package. The first,
-      <filename>samba</filename>, will start the <command>smbd</command>
-      and <command>nmbd</command> daemons needed to provide SMB/CIFS
-      services. The second script, <filename>winbind</filename>, starts
-      the <command>winbindd</command> daemon, used for providing Windows
-      domain services to Linux clients.</para>
-
-      <indexterm zone="samba3 samba3-init">
-        <primary sortas="f-samba">samba</primary>
-      </indexterm>
-
-      <indexterm zone="samba3 samba3-init">
-        <primary sortas="f-winbind">winbind</primary>
-      </indexterm>
-
-      <para>The default <application>Samba</application> installation uses the
-      <systemitem class='username'>nobody</systemitem> user for guest access
-      to the server. This can be overridden by setting the
-      <option>guest account =</option> parameter in the
-      <filename>/etc/samba/smb.conf</filename> file. If you utilize the
-      <option>guest account =</option> parameter, ensure this user exists in
-      the <filename>/etc/passwd</filename> file. To use the default user,
-      issue the following commands as the
-      <systemitem class='username'>root</systemitem> user:</para>
-
-<screen><userinput>groupadd -g 99 nogroup &&
-useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \
-    -s /bin/false -u 99 nobody</userinput></screen>
-
-      <para>Install the <filename>samba</filename> script with the following
-      command issued as the <systemitem class="username">root</systemitem>
-      user:</para>
-
-<screen role="root"><userinput>make install-samba</userinput></screen>
-
-      <para>If you also need the <filename>winbind</filename>
-      script:</para>
-
-<screen role="root"><userinput>make install-winbind</userinput></screen>
-
-    </sect3>
-
-  </sect2>
-
-  <sect2 role="content">
-    <title>Contents</title>
-
-    <segmentedlist>
-      <segtitle>Installed Programs</segtitle>
-      <segtitle>Installed Libraries</segtitle>
-      <segtitle>Installed Directories</segtitle>
-
-      <seglistitem>
-        <seg>cifs.upcall, eventlogadm, findsmb, ldbadd, ldbdel, ldbedit,
-        ldbmodify, ldbrename, ldbsearch, mount.cifs, net, nmbd,
-        nmblookup, ntlm_auth, pdbedit, profiles, rpcclient, sharesec, smbcacls,
-        smbclient, smbcontrol, smbcquotas, smbd, smbget, smbpasswd, smbspool,
-        smbstatus, smbtar, smbtree, swat, testparm, umount.cifs, wbinfo,
-        winbindd, and (if not using system TDB) tdbbackup, tdbdump, and
-        tdbtool</seg>
-        <seg>libnss_winbind.so, libnss_wins.so, libnetapi.so, libsmbclient.so,
-        libsmbsharemodes.so, libtalloc.so, libwbclient.so, the pam_winbind.so
-        and pam_smbpass.so PAM libraries, and assorted character set,
-        filesystem and support modules.</seg>
-        <seg>/etc/samba, /usr/lib/samba, /usr/share/doc/samba-&samba3-version;,
-        /usr/share/samba, /var/lib/samba and (if configured) /var/log/samba</seg>
-      </seglistitem>
-    </segmentedlist>
-
-    <variablelist>
-      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
-      <?dbfo list-presentation="list"?>
-      <?dbhtml list-presentation="table"?>
-
-      <varlistentry id="cifs.upcall">
-        <term><command>cifs.upcall</command></term>
-        <listitem>
-          <para>is a userspace upcall helper for Common Internet File Systems
-           (CIFS)</para>
-          <indexterm zone="samba3 cifs.upcall">
-            <primary sortas="b-cifs.upcall">cifs.upcall</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="eventlogadm">
-        <term><command>eventlogadm</command></term>
-        <listitem>
-          <para>is used to write records to eventlogs from STDIN, add the
-          specified source and DLL eventlog registry entries and display the
-          active eventlog names (from <filename>smb.conf</filename>).</para>
-          <indexterm zone="samba3 eventlogadm">
-            <primary sortas="b-eventlogadm">eventlogadm</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="findsmb">
-        <term><command>findsmb</command></term>
-        <listitem>
-          <para>lists information about machines that respond to
-          SMB name queries on a subnet.</para>
-          <indexterm zone="samba3 findsmb">
-            <primary sortas="b-findsmb">findsmb</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ldbadd">
-        <term><command>ldbadd</command></term>
-        <listitem>
-          <para>is a command-line utility for adding records to an LDB
-          database.</para>
-          <indexterm zone="samba3 ldbadd">
-            <primary sortas="b-ldbadd">ldbadd</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ldbdel">
-        <term><command>ldbdel</command></term>
-        <listitem>
-          <para>is a command-line program for deleting LDB database
-          records.</para>
-          <indexterm zone="samba3 ldbdel">
-            <primary sortas="b-ldbdel">ldbdel</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ldbedit">
-        <term><command>ldbedit</command></term>
-        <listitem>
-          <para>allows you to edit LDB databases using your preferred
-          editor.</para>
-          <indexterm zone="samba3 ldbedit">
-            <primary sortas="b-ldbedit">ldbedit</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ldbmodify">
-        <term><command>ldbmodify</command></term>
-        <listitem>
-          <para>allows you to modify records in an LDB database.</para>
-          <indexterm zone="samba3 ldbmodify">
-            <primary sortas="b-ldbmodify">ldbmodify</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ldbrename">
-        <term><command>ldbrename</command></term>
-        <listitem>
-          <para>allows you to edit LDB databases using your preferred
-          editor.</para>
-          <indexterm zone="samba3 ldbrename">
-            <primary sortas="b-ldbrename">ldbrename</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ldbsearch">
-        <term><command>ldbsearch</command></term>
-        <listitem>
-          <para>searches an LDB database for records matching a specified
-          expression.</para>
-          <indexterm zone="samba3 ldbsearch">
-            <primary sortas="b-ldbsearch">ldbsearch</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="mount.cifs">
-        <term><command>mount.cifs</command></term>
-        <listitem>
-          <para>mounts a Linux CIFS filesystem. It is usually invoked
-          indirectly by the <command>mount</command> command when using the
-          <option>-t cifs</option> option.</para>
-          <indexterm zone="samba3 mount.cifs">
-            <primary sortas="b-mount.cifs">mount.cifs</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="net">
-        <term><command>net</command></term>
-        <listitem>
-          <para>is a tool for administration of
-          <application>Samba</application> and remote CIFS servers, similar
-          to the <command>net</command> utility for DOS/Windows.</para>
-          <indexterm zone="samba3 net">
-            <primary sortas="b-net">net</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="nmbd">
-        <term><command>nmbd</command></term>
-        <listitem>
-          <para>is the <application>Samba</application>
-          NetBIOS name server.</para>
-          <indexterm zone="samba3 nmbd">
-            <primary sortas="b-nmbd">nmbd</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="nmblookup">
-        <term><command>nmblookup</command></term>
-        <listitem>
-          <para>is used to query NetBIOS names and map
-          them to IP addresses.</para>
-          <indexterm zone="samba3 nmblookup">
-            <primary sortas="b-nmblookup">nmblookup</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="ntlm_auth">
-        <term><command>ntlm_auth</command></term>
-        <listitem>
-          <para>is a tool to allow external access to Winbind's
-          NTLM authentication function.</para>
-          <indexterm zone="samba3 ntlm_auth">
-            <primary sortas="b-ntlm_auth">ntlm_auth</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="pdbedit">
-        <term><command>pdbedit</command></term>
-        <listitem>
-          <para>is a tool used to manage the SAM database.</para>
-          <indexterm zone="samba3 pdbedit">
-            <primary sortas="b-pdbedit">pdbedit</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="profiles">
-        <term><command>profiles</command></term>
-        <listitem>
-          <para>is a utility that reports and changes SIDs in Windows
-          registry files. It currently only supports Windows NT.</para>
-          <indexterm zone="samba3 profiles">
-            <primary sortas="b-profiles">profiles</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="rpcclient">
-        <term><command>rpcclient</command></term>
-        <listitem>
-          <para>is used to execute MS-RPC client side functions.</para>
-          <indexterm zone="samba3 rpcclient">
-            <primary sortas="b-rpcclient">rpcclient</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="sharesec">
-        <term><command>sharesec</command></term>
-        <listitem>
-          <para>manipulates share ACL permissions on SMB file shares.</para>
-          <indexterm zone="samba3 sharesec">
-            <primary sortas="b-sharesec">sharesec</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbcacls">
-        <term><command>smbcacls</command></term>
-        <listitem>
-          <para>is used to manipulate Windows NT access control lists.</para>
-          <indexterm zone="samba3 smbcacls">
-            <primary sortas="b-smbcacls">smbcacls</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbclient">
-        <term><command>smbclient</command></term>
-        <listitem>
-          <para>is a SMB/CIFS access utility, similar to FTP.</para>
-          <indexterm zone="samba3 smbclient">
-            <primary sortas="b-smbclient">smbclient</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbcontrol">
-        <term><command>smbcontrol</command></term>
-        <listitem>
-          <para>is used to control running <command>smbd</command>,
-          <command>nmbd</command> and <command>winbindd</command>
-          daemons.</para>
-          <indexterm zone="samba3 smbcontrol">
-            <primary sortas="b-smbcontrol">smbcontrol</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbcquotas">
-        <term><command>smbcquotas</command></term>
-        <listitem>
-          <para>is used to manipulate Windows NT quotas on
-          SMB file shares.</para>
-          <indexterm zone="samba3 smbcquotas">
-            <primary sortas="b-smbcquotas">smbcquotas</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbd">
-        <term><command>smbd</command></term>
-        <listitem>
-          <para>is the main <application>Samba</application> daemon which
-          provides SMB/CIFS services to clients.</para>
-          <indexterm zone="samba3 smbd">
-            <primary sortas="b-smbd">smbd</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbget">
-        <term><command>smbget</command></term>
-        <listitem>
-          <para>is a simple utility with <command>wget</command>-like
-          semantics, that can download files from SMB servers. You can specify
-          the files you would like to download on the command-line.</para>
-          <indexterm zone="samba3 smbget">
-            <primary sortas="b-smbget">smbget</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbpasswd">
-        <term><command>smbpasswd</command></term>
-        <listitem>
-          <para>changes a user's <application>Samba</application>
-          password.</para>
-          <indexterm zone="samba3 smbpasswd">
-            <primary sortas="b-smbpasswd">smbpasswd</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbspool">
-        <term><command>smbspool</command></term>
-        <listitem>
-          <para>sends a print job to an SMB printer.</para>
-          <indexterm zone="samba3 smbspool">
-            <primary sortas="b-smbspool">smbspool</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbstatus">
-        <term><command>smbstatus</command></term>
-        <listitem>
-          <para>reports current <application>Samba</application>
-          connections.</para>
-          <indexterm zone="samba3 smbstatus">
-            <primary sortas="b-smbstatus">smbstatus</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbtar">
-        <term><command>smbtar</command></term>
-        <listitem>
-          <para>is a shell script used for backing up SMB/CIFS shares
-          directly to Linux tape drives or a file.</para>
-          <indexterm zone="samba3 smbtar">
-            <primary sortas="b-smbtar">smbtar</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="smbtree">
-        <term><command>smbtree</command></term>
-        <listitem>
-          <para>is a text-based SMB network browser.</para>
-          <indexterm zone="samba3 smbtree">
-            <primary sortas="b-smbtree">smbtree</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="swat">
-        <term><command>swat</command></term>
-        <listitem>
-          <para>is the <application>Samba</application> Web Administration
-          Tool.</para>
-          <indexterm zone="samba3 swat">
-            <primary sortas="b-swat">swat</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="tdbbackup">
-        <term><command>tdbbackup</command></term>
-        <listitem>
-          <para>is a tool for backing up or validating the integrity of
-          <application>Samba</application> <filename>.tdb</filename>
-          files.</para>
-          <indexterm zone="samba3 tdbbackup">
-            <primary sortas="b-tdbbackup">tdbbackup</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="tdbdump">
-        <term><command>tdbdump</command></term>
-        <listitem>
-          <para> is a tool used to print the contents of a
-          <application>Samba</application> <filename>.tdb</filename>
-          file.</para>
-          <indexterm zone="samba3 tdbdump">
-            <primary sortas="b-tdbdump">tdbdump</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="tdbtool">
-        <term><command>tdbtool</command></term>
-        <listitem>
-          <para>is a tool which allows simple database manipulation from the
-          command line.</para>
-          <indexterm zone="samba3 tdbtool">
-            <primary sortas="b-tdbtool">tdbtool</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="testparm">
-        <term><command>testparm</command></term>
-        <listitem>
-          <para>checks an <filename>smb.conf</filename> file for proper
-          syntax.</para>
-          <indexterm zone="samba3 testparm">
-            <primary sortas="b-testparm">testparm</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="umount.cifs">
-        <term><command>umount.cifs</command></term>
-        <listitem>
-          <para>is used by normal, non-<systemitem
-          class="username">root</systemitem> users, to
-          <command>unmount</command> their own Common Internet File System
-          (CIFS) mounts.</para>
-          <indexterm zone="samba3 umount.cifs">
-            <primary sortas="b-umount.cifs">umount.cifs</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="wbinfo">
-        <term><command>wbinfo</command></term>
-        <listitem>
-          <para>queries a running <command>winbindd</command> daemon.</para>
-          <indexterm zone="samba3 wbinfo">
-            <primary sortas="b-wbinfo">wbinfo</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="winbindd">
-        <term><command>winbindd</command></term>
-        <listitem>
-          <para>resolves names from Windows NT servers.</para>
-          <indexterm zone="samba3 winbindd">
-            <primary sortas="b-winbindd">winbindd</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="libnss_winbind">
-        <term><filename class='libraryfile'>libnss_winbind.so</filename></term>
-        <listitem>
-          <para>provides Name Service Switch API functions for resolving names
-          from NT servers.</para>
-          <indexterm zone="samba3 libnss_winbind">
-            <primary sortas="c-libnss_winbind">libnss_winbind.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="libnss_wins">
-        <term><filename class='libraryfile'>libnss_wins.so</filename></term>
-        <listitem>
-          <para>provides API functions for Samba's implementation of the
-          Windows Internet Naming Service.</para>
-          <indexterm zone="samba3 libnss_wins">
-            <primary sortas="c-libnss_wins">libnss_wins.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="libnetapi">
-        <term><filename class='libraryfile'>libnetapi.so</filename></term>
-        <listitem>
-          <para>provides the API functions for the administration tools used
-          for Samba and remote CIFS servers.</para>
-          <indexterm zone="samba3 libnetapi">
-            <primary sortas="c-libnetapi">libnetapi.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="libsmbclient">
-        <term><filename class='libraryfile'>libsmbclient.so</filename></term>
-        <listitem>
-          <para>provides the API functions for the Samba SMB client tools.</para>
-          <indexterm zone="samba3 libsmbclient">
-            <primary sortas="c-libsmbclient">libsmbclient.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="libsmbsharemodes">
-        <term><filename class='libraryfile'>libsmbsharemodes.so</filename></term>
-        <listitem>
-          <para>provides API functions for accessing SMB share modes
-          (locks etc.)</para>
-          <indexterm zone="samba3 libsmbsharemodes">
-            <primary sortas="c-libsmbsharemodes">libsmbsharemodes.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry id="libwbclient">
-        <term><filename class='libraryfile'>libwbclient.so</filename></term>
-        <listitem>
-          <para>provides API functions for Windows domain client services.</para>
-          <indexterm zone="samba3 libwbclient">
-            <primary sortas="c-libwbclient">libwbclient.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
-    </variablelist>
-
-  </sect2>
-
-</sect1>

Modified: trunk/BOOK/server/major/vsftpd.xml
===================================================================
--- trunk/BOOK/server/major/vsftpd.xml	2011-11-09 17:54:55 UTC (rev 8951)
+++ trunk/BOOK/server/major/vsftpd.xml	2011-11-10 00:14:36 UTC (rev 8952)
@@ -60,9 +60,12 @@
     <bridgehead renderas="sect3">vsftpd Dependencies</bridgehead>
 
     <bridgehead renderas="sect4">Optional</bridgehead>
-    <para role="optional"><xref linkend="linux-pam"/>,
-    <xref linkend="openssl"/>, <xref linkend="tcpwrappers"/>, and
-    <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink></para>
+    <para role="optional">
+      <xref linkend="linux-pam"/>,
+      <xref linkend="openssl"/>, 
+      <xref linkend="tcpwrappers"/>, and
+      <xref linkend="libcap2"/>
+    </para>
 
     <para condition="html" role="usernotes">User Notes:
     <ulink url="&blfs-wiki;/vsftpd"/></para>




More information about the blfs-book mailing list