Thursday, December 4, 2014

Configure samba on slackware 12.2

1 - Change directory to /etc/samba.
rootatslackwarepc:/etc/samba# cd /etc/samba

2 - Copy /etc/samba/smb.conf-sample to /etc/samba/smb.conf.

 rootatslackwarepc:/etc/samba# cp smb.conf-sample smb.conf

3 - Edit smb.conf configuration file.
rootatslackwarepc:/etc/samba# vim smb.conf

Here is how I set samba server for file sharing in my network for your reference:
#======================= Global Settings =====================================

 # workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
 workgroup = MYGROUP

 # server string is the equivalent of the NT Description field
server string = Samba Server

 # Security mode. Defines in which mode Samba will operate. Possible
 # values are share, user, server, domain and ads. Most people will want
 # user level security. See the Samba-HOWTO-Collection for details.
security = user

 # This option is important for security. It allows you to restrict
 # connections to machines which are on your local network. The
 # following example restricts access to two C class networks and
 # the "loopback" interface. For more examples of the syntax see
 # the smb.conf man page
 ; hosts allow = 192.168.1. 192.168.2. 127.
hosts allow = 192.168.1. 127.

 # this tells Samba to use a separate log file for each machine
 # that connects
log file = /var/log/samba.%m

 # Put a capping on the size of the log files (in Kb).
max log size = 50

 # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
 # via DNS nslookups. The default is NO.
dns proxy = no

 #============================ Share Definitions ==============================
 comment = Home Directories
 browseable = no
 writable = yes

 # This one is useful for people to share files
 comment = Temporary file space
 path = /tmp
 read only = no
 public = yes

 # A publicly accessible directory, but read only, except for people in
 # the "sales" group
 comment = Public Stuff
 path = /home/samba
 public = yes
 writable = yes
 printable = no
 write list = atsales

That is a basic file sharing configuration. I didn't add anything. Just uncomment configuration I need for my network, and set shared directory path and name. I also didn't allow printer sharing in this configuration.
Now we need to test smb.conf for any error although we didn't do much editing in the file. The command for checking smb.cof configuration file is testparm. Here is the result of the above configuration:
rootatslackwarepc:/etc/samba# testparm
 Load smb config files from /etc/samba/smb.conf
 Processing section "[homes]"
 Processing section "[tmp]"
 Processing section "[sales]"
 Loaded services file OK.
 Press enter to see a dump of your service definitions

 workgroup = MYGROUP
 server string = Samba Server
 log file = /var/log/samba.%m
 max log size = 50
 dns proxy = No
 wins support = Yes
 hosts allow = 192.168.1., 127.

 comment = Home Directories
 read only = No
 browseable = No

 comment = Temporary file space
 path = /tmp
 read only = No
 guest ok = Yes

 path = /usr/local/samba/public
 read only = No
 guest only = Yes
 guest ok = Yes

Create samba users, groups, shared directory and set permissions.
Samba users are independent from Linux system users and groups. That means they are not sharing the /etc/passwd users. So you need to create samba users again and give them password. Here is how to do it:
rootatslackwarepc:~# smbpasswd -a labu
 New SMB password:
 Retype new SMB password:
 Failed to modify password entry for user labu

Why do I failed to create user for samba? That's because samba user must first be a Linux system user. So create an account for a samba user in Linux system first then create a samba account:
rootatslackware:~# smbpasswd -a labu
 New SMB password:
 Retype new SMB password:
 Added user labu.

When you successfully created a samba user account, the database about user account and password is kept in /etc/samba/private/smbpasswd file. This is only applicable for Slackware Linux. Other distribution could be different.
If you want to give permission only for a certain people, you can create a group for them to use a certain directory. Create that certain directory. Then, you can set permissions and ownership for that group to use the directory. Here is a step by step on how to do it:
Add group, create a directory and change group owner and permission for that group:
rootatslackwarepc:~# groupadd sales
 rootatslackwarepc:~# mkdir /home/sales
 rootatslackwarepc:~# ls -l /home | grep sales
 drwxr-xr-x 2 root root 4096 2008-11-29 23:23 sales/
 rootatslackwarepc:~# chown sales.sales /home/sales
 rootatslackwarepc:~# ls -l /home | grep sales
 drwxr-xr-x 2 root sales 4096 2008-11-29 23:23 sales/
 rootatslackwarepc:~# chmod 775 /home/sales/
 rootatslackwarepc:~# ls -l /home | grep sales
 drwxrwxr-x 2 root sales 4096 2008-11-29 23:23 sales/

Now we need to add users to the sales group. Here is how to do it:
rootatslackwarepc:~# usermod -g users -G sales labu

We can check whether user labu has been added to the sales group in /etc/group:
rootatslackwarepc:~# cat /etc/group

Make sure user you added is in the group, like this:

Start Linux samba service
If everything is ready, then it's time to start Linux samba service. The samba server is a standalone server, so you have to make it executable before start the service. Here is all the steps that you should do to restart Linux samba service:
Set 755 permissions for samba service:
rootatslackwarepc:~# chmod 755 /etc/rc.d/rc.samba
 rootatslackwarepc:~# ls -l /etc/rc.d/rc.samba
 -rwxr-xr-x 1 root root 791 2008-03-16 04:52 /etc/rc.d/rc.samba*

Now we can restart the service:
rootatslackwarepc:~# /etc/rc.d/rc.samba restart
 Starting Samba: /usr/sbin/smbd -D
 /usr/sbin/nmbd -D

Testing and troubleshooting Linux samba server and client
We can query using nmblookup host:
rootatslackwarepc:~# nmblookup slackwarepc
 querying slackwarepc on slackwarepc

Test using smbclient:
luzaratslackwarepc:~$ smbclient -L
 Domain=[slackwarepc] OS=[Unix] Server=[Samba 3.0.33]

 Sharename Type Comment
 --------- ---- -------
 netlogon Disk Network Logon Service
 tmp Disk Temporary file space
 public Disk
 IPC$ IPC IPC Service (Samba Server)
 luzar Disk Home Directories
 Domain=[slackwarepc] OS=[Unix] Server=[Samba 3.0.33]

 Server Comment
 --------- -------

 Workgroup Master
 --------- -------
 MYGROUP slackwarepc


No comments:

Post a Comment