Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Samba Quick Howto
View unanswered posts
View posts from last 24 hours

Goto page 1, 2  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Wed May 18, 2005 5:15 am    Post subject: Samba Quick Howto Reply with quote

The point of this Howto is to show how you can quickly get Samba up and running for network file sharing between Linux and Windows. If you need to do print sharing, there are other docs on this site and in the main Gentoo site for that... that is not something i've played with yet, so that's another project for another day.

1. Compile kernel with CIFS option.

While this is entirely optional for the setup in this Howto, it is recommended. (It might fix some annoying little issues.) If you plan on mounting shares from a Windows box into your /mnt, this step is required. Alternatively, you could use SMB filesystem support; but CIFS, i hear, is much better to use. Don't use both.

Here we assume you know how to configure and compile your kernel. If you don't already you are probably using the wrong Linux Distribution ;)

There is only one key setting we need to configure:
Code:
File Systems -->
  Network File Systems -->
    <*> CIFS support


2. Emerge samba.

The default use flags in the gentoo system are sufficient for the basic functionality we will need. But of course, you can emerge -pv to see what all use flags are availble for Samba, and then you can look up what they do. The emerge is pretty straight forward:

Code:
# emerge samba


3. Setup config file.

Are we security minded? We should be. It is recommended that you configure our network shares with the most restrictive permissions you can while still being able to do what you need (want?) to do. This means no public file, guest access, and one must authenticate in order to access shares. My own configuration is for one Gentoo box and one WinXP box, where the Gentoo box hosts the network share folder. Only a user on my network may authenticate and use the share. This is the config file for such a setup; of course, please change it for your needs.

#nano /etc/samba/smb.conf
Code:
[global]
restrict anonymous = 2       
# if you use Win9x, set "restrict anonymous" to 1 instead
log file = /var/log/samba.log
workgroup = home       
# workgroup name needs to be the same as workgroup name on
# Windows computers.
security = user   
encrypt passwords = yes
# "security" should be set to share or user, unless you have a domain network
# (if you don't know what a domain network is, you don't have one). and we want
# password encryption
interfaces = lo eth0
hosts allow = 127.0.0.1 192.168.0.0/24   
# second number in "hosts allow" should be set to your network IP address.
# we also have loopback in there in case we need it for testing purposes
hosts deny = 0.0.0.0/0
# "no one can access me unless they are in 'hosts allow.'"

[smb]
# "smb" will be the share name. change this if you want it to be set
# differently
case sensitive = no
path = /home/smb/
browseable = yes
writeable = yes
# I need to be able to write to this share from my Windows computer, hence
# write permissions for owner
create mode = 0750


not a bad start, eh? of course if you have problems later on, you can always set it up to be less restrictive.

Let's sanity check that config file:
Code:
# testparm


And BTW, if testparm gives any errors about missing files (it did for me), make sure you create them. For instance, i needed to do this:

Code:
# mkdir /var/run/samba


4. Create folder to share.

Code:
# mkdir /home/smb


now, note that you just created that folder as root. Problem? well, the actual permissions to the folder will be the most restrictive of the combination of folder permissions and network share permissions. and since root just created that folder, only root would have access to it. We'll need to change the permissions for it.

Code:
# chmod 0750 /home/smb
# chown justin:users /home/smb


"justin" is my user name. If more than one person needs to connect to Samba from a Windows computer, my recommendation is to create a group with an easy to remember name (e.g. smbusers), create the user names on the Linux computer, and put those users in the group you made. that way, you can set and adjust permissions at a group level... which can make things easier later on. then, associate that group with any folders you want to share and set the appropriate level permission for the group. so for instance, if i wanted to let anyone in smbusers to be able to write to the share:

Code:
# chmod 0770 /home/smb
# chown justin:smbusers /home/smb


I wouldn't recommend giving them all write access on the whole share, but you could if you want. Instead, i'd give smbusers read permission to the share and then give each individual their own folder. (you can use the Linux file permissions to forbid read access to nonowners if you don't want people to snoop in each other's files).

For more info on the file permission scheme in Linux, see here:
http://www.zzee.com/solutions/linux-permissions.shtml
this applies both to the chmod command and the "create mode" in smb.conf

5. Set up users.

Samba uses a different password database than the Gentoo system. Now, there might be a way to import passwords from one db to the other. but i haven't seen it and anyways, i like the idea of the samba password being a bit stronger than one's Linux password.

Set up the users on Gentoo, and then use SMB's password utility to have each person enter their password. E.g.:

Code:
smbpasswd -a justin


Note, if you set up user names and passwords the same for Samba as on Windows, people SHOULD be able to authenticate in under the hood (meaning, you never get a logon prompt). I've had problems with this myself, but who knows: maybe Windows works right for you ;)

6. Start Samba.

Code:
# /etc/init.d/samba start
#rc-update add samba default


What can i say? pretty self explanatory :)

7. Misc.

You should now be able to connect in. To do so, open Windows Explorer in Windows, and type in \\(computer name)\(share). Remember those are backslashes not forward slashes. so for my set up, it would be \\thebeast\smb

if it asks for a user name and password, supply it. Test it out by opening a file, and if you wanted write permissions try making a txt document.

In some cases (many? all?), if Windows does prompt you for a password, it will only allow you to login as "Guest." this is a known stupidity, and i honestly don't know why it does this. the workaround to this is to mount the share as a network drive. That is, on the Windows box, we set the share up with it's own drive letter... as if it was a local drive. Do this by right-clicking "My Network Places," and select "Map Network Drive." It'll ask for you to specify a drive letter, and and there is an option where you can have it "log on as different user." click on that and supply the needed credentials.

Check in My Computer to verify that you can access the network drive.

Update: Added password encryption for added security.

Also, it seems that this time around, Samba is authenticating "under the hood." Meaning, when samba and Windows XP are set with the same username and password, you access the share without having to supply your logon info. I'm not sure what is different this time around, but for reference here is my emerge info for samba:
Code:
# emerge -pv samba
[...]

[ebuild   R   ] net-fs/samba-3.0.14a-r2  -acl -cups -doc -examples -kerberos -ldap -libclamav -mysql -oav +pam -postgres +python -quotas +readline (-selinux) -winbind -xml -xml2 0 kB

_________________
Sheepdog
Why Risk It? | Samba Howto


Last edited by Sheepdogj15 on Fri Sep 01, 2006 12:25 am; edited 11 times in total
Back to top
View user's profile Send private message
robbyjo
Guru
Guru


Joined: 06 Apr 2003
Posts: 462

PostPosted: Wed May 18, 2005 4:52 pm    Post subject: Reply with quote

Good guide.

It would be very nice if there's a way to "copy" user's passwords over to Samba without requiring the user to reinput the passwords.
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Wed May 18, 2005 9:32 pm    Post subject: Reply with quote

thank you :)

another guide i looked at talked about a utility for that purpose, but i couldn't find it anywhere on my system. I'll search around and see if i can find another way to sync smb logins with the Linux logins.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
einstein1981
Guru
Guru


Joined: 10 Mar 2004
Posts: 395
Location: Venezuela , Caracas

PostPosted: Sat May 21, 2005 4:14 am    Post subject: Reply with quote

Great guide, I can finaly see my gentoo box from my windows box!

Now, how can I do the oposite?
meaning, how can I see my windows box from gentoo?

Thank you

charles
_________________
thesis.
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Sun May 22, 2005 9:36 pm    Post subject: Reply with quote

greetings,

einstein1981 wrote:
Great guide, I can finaly see my gentoo box from my windows box!

Now, how can I do the oposite?
meaning, how can I see my windows box from gentoo?

Thank you

charles


do you mean "see" in the sense that the Gentoo box shows up in Network Neighborhood on Windows? do you mean in the sense that you want to access Windows shares (say, in Konqueror or in a file manager) on the Gentoo box?

i must admit my knowledge of Samba is not exhaustive. but pending an answer to those questions, i'll help in whatever way i can.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
einstein1981
Guru
Guru


Joined: 10 Mar 2004
Posts: 395
Location: Venezuela , Caracas

PostPosted: Sun May 22, 2005 10:34 pm    Post subject: Reply with quote

Ok, I can now see my gentoo box on the network neighbourhood in win xp...
But now what I wan't is to see any boxes conected to the network, on the network tab in gnome.

thanks for the reply
_________________
thesis.
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Mon May 23, 2005 12:05 am    Post subject: Reply with quote

hmm...

i haven't found anything on it. i'm just wondering if it is something you'd have to set up in Samba, or in Gnome. i don't use Gnome, myself


something you could do instead is mount the shares from the Windows boxes to points in your filesystem. i've done it before and it worlds pretty well. you would just have to compile your kernel with the samba filesystem modules, create the folders for them, and add the needed info to your fstab file. (if you don't need it to auto mount, specify it so in your fstab so you just have to enter "mount /mnt/[mountpoint]" anytime you need to access the share)
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
einstein1981
Guru
Guru


Joined: 10 Mar 2004
Posts: 395
Location: Venezuela , Caracas

PostPosted: Mon May 23, 2005 3:32 am    Post subject: Reply with quote

Yes I've been thinking of this, I have the support built into the kernel but I was just wondering if there was a way to do this in double click style...

thanks will keep on reading...

O by the way , in the fstab how would the entry look, since there is no pointer to this..
_________________
thesis.
Back to top
View user's profile Send private message
Lance
Tux's lil' helper
Tux's lil' helper


Joined: 02 Apr 2004
Posts: 125

PostPosted: Mon May 23, 2005 3:57 am    Post subject: Reply with quote

Concise and to the point. Thanks!
_________________
choose Gentoo, choose freedom
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Mon May 23, 2005 9:03 am    Post subject: Reply with quote

no problem, Lance :)

einstein1981 wrote:
Yes I've been thinking of this, I have the support built into the kernel but I was just wondering if there was a way to do this in double click style...


you mean like an icon on your desktop or something? just make a shell script with a simple command, and make it executable.

Quote:
thanks will keep on reading...

O by the way , in the fstab how would the entry look, since there is no pointer to this..


depends...

Code:

# samba file share
//thelab/stuff      /mnt/winshare   smbfs      username=justin,password=notmyrealpasswd,umask=0002      0 0


this is an example right out of my fstab (with the password changed, obviously). "thelab" is the netbios name for my WinXP box, "stuff" is the share, and the mount point is /mnt/winshare. now, for security you might not want your password in the fstab in plain text. this one is an alternative:

Code:

# samba file share
//thelab/stuff      /mnt/winshare   smbfs      noauto      0 0


you would have to mount it whenever you need it (just enter "mount /mnt/winshare" at a prompt). i'm not sure if it will have you authenticate even if you have a parallel username/passwd on the Windows box... to be honest it isn't something i concerned myself too much with, and testing it out has been low priority to me. really, if you a share is writable over the network, you only need one... on the Window's side i dropped all the files i need on both sides onto the Gentoo-side share. but that's just me, there might be good reasons to set up separate shares.

that line is actually commented out in my fstab.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Tue May 24, 2005 9:20 pm    Post subject: Reply with quote

einstein1981 wrote:
Ok, I can now see my gentoo box on the network neighbourhood in win xp...
But now what I wan't is to see any boxes conected to the network, on the network tab in gnome.


Hey are you still monitoring this thread?

Just out of curiosity, i looked up the Gnome Documentation. check this out (please pardon the messed up formatting):

Quote:
To Access Network Places

If your system is configured to access places on a network, you can use the file manager to access the network places.

To access network places, open the file manager and choose Places → Computer . Alternatively, double-click on the Computer object on the Desktop. Double-click on the Network object. A file manager window is displayed. The window displays the network places that you can access. Double-click on the network that you want to access.

To access UNIX shares, double-click on the Unix Network (NFS) object. A list of the UNIX shares available to you is displayed in the file manager window.

To access Windows shares, double-click on the Windows Network (SMB) object. A list of the Windows shares available to you is displayed in the file manager window.
To Add a Network Place

To add a network place, perform the following steps:

1. Open the file manager and choose Places → Computer . Alternatively, double-click on the Computer object on the Desktop. A file object window is displayed.

2. Double-click on the Add Network Place object. The Add Network Place dialog is displayed. Enter the details of the server in the dialog, as follows:

Dialog Element


Description

Location

Use this text box to specify the location that you want to add. Alternatively, select one of the following locations from the drop-down list:
* FTP Server

* Web Folder

* Windows Network (SMB)

* Unix Network (NFS)

Shortcut name
Use this text box to specify a shortcut name for the network place.

Anonymous login
FTP Server option only. Select this option to log in to the FTP server as an anonymous user.

No login required


Web Folder, Windows Network (SMB), and Unix Network (NFS) options only. Select this option if you do not need to log in to the web folder, Windows share, or UNIX share.

Username


Use this text box to specify a username when you connect to the specified network place.

When you connect to the network place, you must enter your password.

Go there now


Select this option if you want to access the network place immediately.

3. Click OK to add your network place.


from: http://www.gnome.org/learn/users-guide/latest/ch07s08.html#gosnautilus-465
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
einstein1981
Guru
Guru


Joined: 10 Mar 2004
Posts: 395
Location: Venezuela , Caracas

PostPosted: Wed May 25, 2005 3:36 am    Post subject: Reply with quote

great post, thx Sheepdogj15,
will be trying it ASAP.

thanks again
_________________
thesis.
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Wed May 25, 2005 6:16 am    Post subject: Reply with quote

einstein1981 wrote:
great post, thx Sheepdogj15,
will be trying it ASAP.

thanks again


not a problem man. :) let me know if that works or if you need any help.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
einstein1981
Guru
Guru


Joined: 10 Mar 2004
Posts: 395
Location: Venezuela , Caracas

PostPosted: Mon May 30, 2005 3:57 am    Post subject: Reply with quote

was only able to try this today... but
no add network place icon anywhere...

:(

sorry jeje,
I use ssh to move things between pcs, but i'd like to get this working ..

thanks
_________________
thesis.
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Tue May 31, 2005 12:15 am    Post subject: Reply with quote

weird.

that's too bad. i don't have gnome installed, otherwise i'd try to help more.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
mparsons
n00b
n00b


Joined: 16 Dec 2002
Posts: 60
Location: Canada

PostPosted: Tue May 31, 2005 1:40 pm    Post subject: Reply with quote

Im going to assume you need SMB support in the kernel?

I tried what was posted here.. didnt work, but noticed I didnt have SMB compiled into my kernel. Im doing a recompile now, and will post if that fixes things. :)

M.

edit: well, things arent going so good.....

ok, fixed some problems, but only problem I have now is that when I put \\gentoobox\smb into my windows explorer, it defaults to "Guest" login, which I can NOT change. ANy ideas on how to fix that?

ok, nm about that above.. a "net use k: \\gentoobox\smb /user:root" now works.

pita setting this all up though. :)
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Wed Jun 01, 2005 2:28 am    Post subject: Reply with quote

mparsons wrote:
Im going to assume you need SMB support in the kernel?

I tried what was posted here.. didnt work, but noticed I didnt have SMB compiled into my kernel. Im doing a recompile now, and will post if that fixes things. :)


did i forget to mention that you did? crap i did. well i'll edit that in :)

Quote:

ok, fixed some problems, but only problem I have now is that when I put \\gentoobox\smb into my windows explorer, it defaults to "Guest" login, which I can NOT change. ANy ideas on how to fix that?


i got that too. my workaround was to mount it as a network drive, which in Windows allows you to logon as a different user. (i can't figure out why Windows does that. i presume it's a Windows thing, which honestly is why i didn't bring it up in the Howto)

Quote:
ok, nm about that above.. a "net use k: \\gentoobox\smb /user:root" now works.


hey cool. i hope you don't mind me adding that to the howto

the only thing is that i wouldn't log in as root. just due to the security implications, it's not like your computer will explode or anything if you do.

Quote:
pita setting this all up though. :)


heck yeah! that's why after i was done, i wrote up this howto because i figured other people would be frustrated by this crap.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
Generation 2
n00b
n00b


Joined: 31 Dec 2004
Posts: 9

PostPosted: Sun Jun 19, 2005 12:57 pm    Post subject: Reply with quote

Great HOWTO youve made. really helps linux newbies like me. Just one thing that you make have missed out. My network is made through a router which has DHCP enabled. What do i put in the "hosts allow" in my smb.conf file?

Thanks again for all the help
_________________
The penguin threw an apple and broke the window
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Sun Jun 19, 2005 6:59 pm    Post subject: Reply with quote

Hiya,

Generation 2 wrote:
Great HOWTO youve made. really helps linux newbies like me. Just one thing that you make have missed out. My network is made through a router which has DHCP enabled. What do i put in the "hosts allow" in my smb.conf file?


It depends on what IP range DHCP is configured to use. If it's a Linksys or similar, and you didn't monkey with the configuration, it is probably in the 192.168.1.* range.

easiest way to find it is to issue the "ifconfig" command (or you could use ipconfig in windows). look at the second line for the "eth0" interface. it would look something like this:

Code:
inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0


the "inet addr" is your current IP, and the "Mask" entry is your network mask. without getting too technical, this means that any hardware on your network can have an IP of 192.168.1.1 through 192.168.1.254 (0 and 255 are reserved for network stuff).

if this is the case, then you could enter your hosts allow entry like this:

Code:
hosts allow = 192.168.1.0/255.255.255.0


if your router does use a different IP range, the process would be the same, just use what would be the equivalent.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
Schietschijf
n00b
n00b


Joined: 04 Jan 2005
Posts: 36
Location: Mortsel, Antwerp, Flanders

PostPosted: Mon Jun 20, 2005 9:45 am    Post subject: Reply with quote

Sheepdogj15 wrote:

Code:
hosts allow = 192.168.1.0/255.255.255.0



Or in short:
Code:
hosts allow = 192.168.1.0/24


Something shorter to create a network connection to the shared folder is by clicking the right mouse button on "my network places" and then choose "connect network" (i think, i don't use an english windows)
then you can fill in the drive letter and the path to the share.

Very handy is that you can choose to "automount" at each startup of windows...

And to view the windows shares in kde it is "smb://"
_________________
56k ruleD !
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Mon Jun 20, 2005 8:18 pm    Post subject: Reply with quote

hmm. it could also be a different version of windows (i'm using XP Home). when i right click My Network Places, i don't see a "Connect Network" option. I wonder if that is the nonenglish variation of "Map Network Drive."

That does seem to be the most convenient way to setup a network drive. i'll have to add that to the howto.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
robbyjo
Guru
Guru


Joined: 06 Apr 2003
Posts: 462

PostPosted: Wed Jun 22, 2005 8:51 pm    Post subject: Reply with quote

Now, I'm wondering if we can make Mac Classic connect to a samba server....
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Wed Jun 22, 2005 10:01 pm    Post subject: Reply with quote

robbyjo wrote:
Now, I'm wondering if we can make Mac Classic connect to a samba server....


ooh, that sounds like potential for a 8) project.

i'm sure you can, i know back in the heyday they had network clients of each networking type (NetBIOS, Appletalk) for each computer type. in fact, i could have sworn i've seen an NFS client/service (a Linux based networking system) for Windows.

i don't know jack about Macs, admittedly, but you should definitely look around. i'm sure they have docs on it somewhere.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
robbyjo
Guru
Guru


Joined: 06 Apr 2003
Posts: 462

PostPosted: Wed Jun 22, 2005 10:27 pm    Post subject: Reply with quote

Well, there's one commercial program called "DAVE" that does this (according some thread in this forums). But others suggest that I install Netatalk instead so that the Mac users can communicate directly to Linux rather than SAMBA. Some thinks that Netatalk is buggy and corrupt files. I'm thinking about some open source program for Mac Classics that does Samba interfacing...
Back to top
View user's profile Send private message
Sheepdogj15
Guru
Guru


Joined: 07 Jan 2005
Posts: 430
Location: Backyard

PostPosted: Wed Jun 22, 2005 10:47 pm    Post subject: Reply with quote

yeah. if you can you shouldn't use NetBIOS (i.e. Samba) between a Mac and Linux. use something that at the very least is native to one or the other (NetBIOS is actually IBM, if i recall correctly, but Microsoft kind of made their own implementation.)

what i'd do, if i were you, is see if you can find an open source/free implementation of NFS on Mac. I haven't worked with Appletalk (which looks like is what Netatalk does for you), but from what i've worked with, NFS looks like the most solid Networking protocol. It's a bit more technical to configure, but It Just Works(TM).

[edit to add] otherwise, that Netatalk program looks like it might work well for you.
_________________
Sheepdog
Why Risk It? | Samba Howto
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum