smb.conf/manpage/2006/parameters/H

hide dot files
hide dot files (S) This is a boolean parameter that controls whether files starting with a dot appear as hidden files.

Default: _�h_�i_�d_�e _�d_�o_�t _�f_�i_�l_�e_�s = yes

hide files
hide files (S) This is a list of files or directories that are not visible but are accessible. The DOS  'hidden' attribute is applied to any files or directories that match.

Each entry in the list must be separated by a '/', which allows spaces to  be included in the entry. '*' and '?' can be used to             specify multiple files or directories as in DOS wildcards.

Each entry must be a Unix path, not a DOS  path  and  must  not include the Unix directory separator '/'.

Note that  the  case sensitivity option is applicable in hiding files.

Setting this parameter will affect the performance of Samba, as              it will be forced to check all files and directories for a match as they are scanned.

Default: _�h_�i_�d_�e _�f_�i_�l_�e_�s = # no file are hidden

Example:    _�h_�i_�d_�e     _�f_�i_�l_�e_�s     =     /.*/DesktopFolderDB/Trash- For%m/resource.frk/ #  The above example is based on files that the Macintosh SMB client (DAVE) available from Thursby  creates for internal use, and also still hides all files beginning with a dot.

hide special files
hide special files (S) This parameter prevents clients from seeing special files  such as sockets, devices and fifo's in directory listings.

Default: _�h_�i_�d_�e _�s_�p_�e_�c_�i_�a_�l _�f_�i_�l_�e_�s = no

hide unreadable
hide unreadable (S) This parameter  prevents  clients  from seeing the existance of              files that cannot be read. Defaults to off.

Default: _�h_�i_�d_�e _�u_�n_�r_�e_�a_�d_�a_�b_�l_�e = no

hide unwriteable files
hide unwriteable files (S) This parameter prevents clients from seeing  the  existance  of              files  that  cannot  be  written  to. Defaults to off. Note that unwriteable directories are shown as usual.

Default: _�h_�i_�d_�e _�u_�n_�w_�r_�i_�t_�e_�a_�b_�l_�e _�f_�i_�l_�e_�s = no

homedir map
homedir map (G) If_�n_�i_�s _�h_�o_�m_�e_�d_�i_�r is y�ye�es�s, and s�sm�mb�bd�d(8) is also acting as a  Win95/98 _�l_�o_�g_�o_�n _�s_�e_�r_�v_�e_�r  then this parameter specifies the NIS (or YP) map from which the server for the user's home directory  should  be              extracted. At present,  only  the  Sun auto.home map format is              understood. The form of the map is:

u�us�se�er�rn�na�am�me�e s�se�er�rv�ve�er�r:�:/�/s�so�om�me�e/�/f�fi�il�le�e/�/s�sy�ys�st�te�em�m

and the program will extract the  servername  from  before  the first ':'. There should probably be a better parsing system that copes with different map formats and also  Amd  (another  auto-              mounter) maps.

N�No�ot�te�e

A working  NIS client is required on the system for this option to work.

Default: _�h_�o_�m_�e_�d_�i_�r _�m_�a_�p =

Example: _�h_�o_�m_�e_�d_�i_�r _�m_�a_�p = amd.homedir

host msdfs
host msdfs (G) If set to y�ye�es�s, Samba will  act  as  a  Dfs  server,  and  allow Dfs-aware clients to browse Dfs trees hosted on the server.

See also the  _�m_�s_�d_�f_�s _�r_�o_�o_�t share level parameter. For more infor- mation on setting up a Dfs tree on Samba, refer to ???.

Default: _�h_�o_�s_�t _�m_�s_�d_�f_�s = no

hostname lookups
hostname lookups (G) Specifies whether samba should use (expensive) hostname lookups or use the ip addresses instead. An example place where hostname lookups are currently used is when checking the h�ho�os�st�ts�s d�de�en�ny�y  and h�ho�os�st�ts�s a�al�ll�lo�ow�w.

Default: _�h_�o_�s_�t_�n_�a_�m_�e _�l_�o_�o_�k_�u_�p_�s = no

Example: _�h_�o_�s_�t_�n_�a_�m_�e _�l_�o_�o_�k_�u_�p_�s = yes

hosts allow
allow hosts This parameter is a synonym for hosts allow.

hosts allow (S) A synonym for this parameter is _�a_�l_�l_�o_�w _�h_�o_�s_�t_�s.

This parameter is a comma, space, or tab delimited set of hosts which are permitted to access a service.

If specified in the [global] section then it will apply to  all services, regardless  of  whether  the individual service has a              different setting.

You can specify the hosts by name or IP number. For example, you could restrict access to only the hosts on a Class C subnet with something like a�al�ll�lo�ow�w h�ho�os�st�ts�s =�= 1�15�50�0.�.2�20�03�3.�.5�5.�. . The full syntax of the list is  described  in  the man page _�h_�o_�s_�t_�s_�__�a_�c_�c_�e_�s_�s_�(_�5_�). Note that this man page may not be present on your  system,  so  a  brief description will be given here also.

Note that the localhost address 127.0.0.1 will always be allowed access unless specifically denied by a _�h_�o_�s_�t_�s _�d_�e_�n_�y option.

You can also specify hosts by network/netmask pairs and by net- group names  if your system supports netgroups. The E�EX�XC�CE�EP�PT�T key- word can also be used to limit a wildcard list. The following examples may provide some help:

Example 1: allow all IPs in 150.203.*.*; except one

h�ho�os�st�ts�s a�al�ll�lo�ow�w =�= 1�15�50�0.�.2�20�03�3.�. E�EX�XC�CE�EP�PT�T 1�15�50�0.�.2�20�03�3.�.6�6.�.6�66�6

Example 2: allow hosts that match the given network/netmask

h�ho�os�st�ts�s a�al�ll�lo�ow�w =�= 1�15�50�0.�.2�20�03�3.�.1�15�5.�.0�0/�/2�25�55�5.�.2�25�55�5.�.2�25�55�5.�.0�0

Example 3: allow a couple of hosts

h�ho�os�st�ts�s a�al�ll�lo�ow�w =�= l�la�ap�pl�la�an�nd�d,�, a�ar�rv�vi�id�ds�sj�ja�au�ur�r

Example 4:  allow only hosts in NIS netgroup "foonet", but deny access from one particular host

h�ho�os�st�ts�s a�al�ll�lo�ow�w =�= @�@f�fo�oo�on�ne�et�t

h�ho�os�st�ts�s d�de�en�ny�y =�= p�pi�ir�ra�at�te�e

N�No�ot�te�e

Note that access still requires suitable user-level passwords.

See t�te�es�st�tp�pa�ar�rm�m(1) for a way of testing your host access to see if it does what you expect.

Default: _�h_�o_�s_�t_�s _�a_�l_�l_�o_�w = # none (i.e., all hosts permitted access)

Example: _�h_�o_�s_�t_�s _�a_�l_�l_�o_�w = 150.203.5. myhost.mynet.edu.au

hosts deny
deny hosts This parameter is a synonym for hosts deny.

hosts deny (S) The opposite of _�h_�o_�s_�t_�s _�a_�l_�l_�o_�w - hosts listed here are N�NO�OT�T permit- ted access to services unless the specific services have  their own lists  to  override this one. Where the lists conflict, the _�a_�l_�l_�o_�w list takes precedence.

Default: _�h_�o_�s_�t_�s _�d_�e_�n_�y =  #  none  (i.e.,  no  hosts  specifically              excluded)

Example: _�h_�o_�s_�t_�s _�d_�e_�n_�y = 150.203.4. badhost.mynet.edu.au

hosts equiv
hosts equiv (G) If this global parameter is a non-null string, it specifies the name of a file to read for the names of hosts and users who will be allowed access without specifying a password.

This is  not  be confused with _�h_�o_�s_�t_�s _�a_�l_�l_�o_�w which is about hosts access to services and is more useful for guest services. _�h_�o_�s_�t_�s _�e_�q_�u_�i_�v may  be useful for NT clients which will not supply pass- words to Samba.

N�No�ot�te�e

The use of _�h_�o_�s_�t_�s _�e_�q_�u_�i_�v can be a major security  hole. This is              because  you are trusting the PC to supply the correct username. It is very easy to get a PC to supply a false username. I recom- mend that the _�h_�o_�s_�t_�s _�e_�q_�u_�i_�v option be only used if you really know what you are doing, or perhaps on a home network where you trust your spouse and kids. And only if you r�re�ea�al�ll�ly�y trust them :-).

Default: _�h_�o_�s_�t_�s _�e_�q_�u_�i_�v = # no host equivalences

Example: _�h_�o_�s_�t_�s _�e_�q_�u_�i_�v = hosts equiv = /etc/hosts.equiv