table of contents
- bookworm 2:4.17.12+dfsg-0+deb12u1
- bookworm-backports 2:4.21.1+dfsg-2~bpo12+1
- testing 2:4.21.1+dfsg-2
- unstable 2:4.21.1+dfsg-2
SMBCQUOTAS(1) | User Commands | SMBCQUOTAS(1) |
NAME¶
smbcquotas - Set or get QUOTAs of NTFS 5 shares
SYNOPSIS¶
smbcquotas {//server/share} [-u|--quota-user=USER] [-L|--list] [-F|--fs] [-S|--set=SETSTRING] [-n|--numeric] [-v|--verbose] [-t|--test-args] [-?|--help] [--usage] [-d|--debuglevel=DEBUGLEVEL] [--debug-stdout] [--configfile=CONFIGFILE] [--option=name=value] [-l|--log-basename=LOGFILEBASE] [--leak-report] [--leak-report-full] [-R|--name-resolve=NAME-RESOLVE-ORDER] [-O|--socket-options=SOCKETOPTIONS] [-m|--max-protocol=MAXPROTOCOL] [-n|--netbiosname=NETBIOSNAME] [--netbios-scope=SCOPE] [-W|--workgroup=WORKGROUP] [--realm=REALM] [-U|--user=[DOMAIN/]USERNAME[%PASSWORD]] [-N|--no-pass] [--password=STRING] [--pw-nt-hash] [-A|--authentication-file=FILE] [-P|--machine-pass] [--simple-bind-dn=DN] [--use-kerberos=desired|required|off] [--use-krb5-ccache=CCACHE] [--use-winbind-ccache] [--client-protection=sign|encrypt|off] [-V|--version]
DESCRIPTION¶
This tool is part of the samba(7) suite.
The smbcquotas program manipulates NT Quotas on SMB file shares.
OPTIONS¶
The following options are available to the smbcquotas program.
-u|--quota-user user
-L|--list
-F|--fs
-S|--set QUOTA_SET_COMMAND
-n|--numeric
-t|--test-args
-v|--verbose
-?|--help
--usage
-d|--debuglevel=DEBUGLEVEL
The higher this value, the more detail will be logged to the log files about the activities of the server. At level 0, only critical errors and serious warnings will be logged. Level 1 is a reasonable level for day-to-day running - it generates a small amount of information about operations carried out.
Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.
Note that specifying this parameter here will override the log level parameter in the /etc/samba/smb.conf file.
--debug-stdout
--configfile=<configuration file>
--option=<name>=<value>
-l|--log-basename=logdirectory
--leak-report
--leak-report-full
-V|--version
-R|--name-resolve=NAME-RESOLVE-ORDER
The options are: "lmhosts", "host", "wins" and "bcast". They cause names to be resolved as follows:
The default order is lmhosts, host, wins, bcast. Without this parameter or any entry in the name resolve order parameter of the /etc/samba/smb.conf file, the name resolution methods will be attempted in this order.
-O|--socket-options=SOCKETOPTIONS
-m|--max-protocol=MAXPROTOCOL
Note that specifying this parameter here will override the client max protocol parameter in the /etc/samba/smb.conf file.
-n|--netbiosname=NETBIOSNAME
--netbios-scope=SCOPE
-W|--workgroup=WORKGROUP
Note that specifying this parameter here will override the workgroup parameter in the /etc/samba/smb.conf file.
-r|--realm=REALM
Note that specifying this parameter here will override the realm parameter in the /etc/samba/smb.conf file.
-U|--user=[DOMAIN\]USERNAME[%PASSWORD]
If %PASSWORD is not specified, the user will be prompted. The client will first check the USER environment variable (which is also permitted to also contain the password separated by a %), then the LOGNAME variable (which is not permitted to contain a password) and if either exists, the value is used. If these environmental variables are not found, the username found in a Kerberos Credentials cache may be used.
A third option is to use a credentials file which contains the plaintext of the username and password. This option is mainly provided for scripts where the admin does not wish to pass the credentials on the command line or via environment variables. If this method is used, make certain that the permissions on the file restrict access from unwanted users. See the -A for more details.
Be cautious about including passwords in scripts or passing user-supplied values onto the command line. For security it is better to let the Samba client tool ask for the password if needed, or obtain the password once with kinit.
While Samba will attempt to scrub the password from the process title (as seen in ps), this is after startup and so is subject to a race.
-N|--no-pass
Unless a password is specified on the command line or this parameter is specified, the client will request a password.
If a password is specified on the command line and this option is also defined the password on the command line will be silently ignored and no password will be used.
--password
Be cautious about including passwords in scripts or passing user-supplied values onto the command line. For security it is better to let the Samba client tool ask for the password if needed, or obtain the password once with kinit.
If --password is not specified, the tool will check the PASSWD environment variable, followed by PASSWD_FD which is expected to contain an open file descriptor (FD) number.
Finally it will check PASSWD_FILE (containing a file path to be opened). The file should only contain the password. Make certain that the permissions on the file restrict access from unwanted users!
While Samba will attempt to scrub the password from the process title (as seen in ps), this is after startup and so is subject to a race.
--pw-nt-hash
-A|--authentication-file=filename
username = <value> password = <value> domain = <value>
Make certain that the permissions on the file restrict access from unwanted users!
-P|--machine-pass
--simple-bind-dn=DN
--use-kerberos=desired|required|off
Note that specifying this parameter here will override the client use kerberos parameter in the /etc/samba/smb.conf file.
--use-krb5-ccache=CCACHE
This will set --use-kerberos=required too.
--use-winbind-ccache
--client-protection=sign|encrypt|off
Note that specifying this parameter here will override the client protection parameter in the /etc/samba/smb.conf file.
In case you need more fine grained control you can use: --option=clientsmbencrypt=OPTION, --option=clientipcsigning=OPTION, --option=clientsigning=OPTION.
QUOTA_SET_COMMAND¶
The format of an the QUOTA_SET_COMMAND is an operation name followed by a set of parameters specific to that operation.
To set user quotas for the user specified by -u or for the current username:
UQLIM:<username>:<softlimit>/<hardlimit>
To set the default quotas for a share:
FSQLIM:<softlimit>/<hardlimit>
To change the share quota settings:
FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT
All limits are specified as a number of bytes.
EXIT STATUS¶
The smbcquotas program sets the exit status depending on the success or otherwise of the operations performed. The exit status may be one of the following values.
If the operation succeeded, smbcquotas returns an exit status of 0. If smbcquotas couldn't connect to the specified server, or when there was an error getting or setting the quota(s), an exit status of 1 is returned. If there was an error parsing any command line arguments, an exit status of 2 is returned.
VERSION¶
This man page is part of version 4.21.1-Debian-4.21.1+dfsg-1 of the Samba suite.
AUTHOR¶
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
smbcquotas was written by Stefan Metzmacher.
10/14/2024 | Samba 4.21.1-Debian-4.21.1+dfs |