Sunday, March 13, 2011

Configuring Samba

After reading the book for a while I've had realized, that I will not be able to 'simply' configure and set up everything in one go even. Most likely I will have to edit, re-edit and probably at some point in time will have to re-write the /etc/samba/smb.conf which I will create now.

Moreover, it came to my attention, that Samba version 4 is in rapid development and, despite the almost complete rewrite of the source code and still being in the Alpha phase since 2005, probably will have been implemented as a standard file&print sharing protocol by the 2012 or so. As much as I would love to participate in the testing and helping the developers by providing maybe useful feedback, I can't locate a more or less comprehensive to me documentation -- I'm not that much of an experienced Linux user. Sad but true.

Onward with configuration. As I have already installed Samba, SSH from Debian repositories, and my yet-to-be-server can be addressed as 'server' from the terminal, I can begin:
$ ssh server@serverpc
Syntax is simple: connect as_user=server at pc=serverpc, which has an 192.168.1.100 IP. Enter user password and voila.

Samba package comes with the default configuration settings file (despite being heavily commented is rather hard to grasp at a quick glance) which I am going to store as a backup and write a new one:
$ cp /etc/samba/smb.conf ~/smb.conf.original
$ sudo echo "" > /etc/samba/smb.conf
Configuration file consists of [sections] which contain all required settings, in case not mentioned there, Samba defaults are assumed, which in turn are usually secure enough. However, they require additional setup anyway.

So all in all:
[global] 
  workgroup = home
  encrypt passwords = yes
  security = user
 Workgroup should be the name of all PCs you have on the network, which already are in a same workgroup.
Encrypt passwords is a default setting, which has a rather long development background and reasons to be here.
Security may be either share, user, domain, ads which are Samba's security modes with different presets.
[share] 
  path = /store/
  read only = Yes
  writable = No
This, and any other section I will add later, has A LOT of possible settings, however, these are the main ones and are self-explanatory. The rest are assumed to be defaults by Samba and are hidden.

For this share to actually exist:
$ mkdir /store
$ chmod 1777 /store 
To check any misspelled words and general consistency:
$ sudo testparm 
Samba's built-in mechanism to self-check. If any errors did occur, output will show so.

Due to the chosen security mode, samba requires a user list who can access the shares.
$ sudo smbpasswd -a $USER
New SMB password:
Retype new SMB password: 

Adds yourself to the smbpasswd program, which controls the user access to the samba-server. All other users from your network should be added as well, by replacing variable $USER with a corresponding username.

To check that everything works:
$ smbclient //serverpc/share 
Enter password: 
Domain=[HOME] OS=[Unix] Server=[Samba 3.5.7] 
smb: \> 
 Type help for list of available commands. ls for example.

2 comments: