Difference between revisions of "Samba"
m (Edited section to include proper path. /var/lib/samba/usershare is default instead of /var/lib/samba/usershares) |
m (→Creating user share path) |
||
Line 91: | Line 91: | ||
... | ... | ||
[global] | [global] | ||
− | usershare path = /var/lib/samba/ | + | usershare path = /var/lib/samba/usershare |
usershare max shares = 100 | usershare max shares = 100 | ||
usershare allow guests = yes | usershare allow guests = yes |
Revision as of 20:31, 29 January 2014
Samba is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to NFS. Some users say that Samba is easily configured and that operation is very straight-forward. However, many new users run into problems with its complexity and non-intuitive mechanism. It is strongly suggested that the user stick close to the following directions.
Required packages
Server
To share files with Samba, install samba, from the official repositories.
Client
Only smbclient is required to access files from a Samba/SMB/CIFS server. It is also available from the official repositories.
Server configuration
The Samba server is configured in /etc/samba/smb.conf
. Copy the default Samba configuration file to /etc/samba/smb.conf
:
# cp /etc/samba/smb.conf.default /etc/samba/smb.conf
Edit /etc/samba/smb.conf
, scroll down to the Share Definitions section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.
There are a number of commented sample configurations included. More information about available options for shared resources can be found in man smb.conf
. Here is the on-line version.
On Windows side, be sure to change smb.conf to the Windows Workgroup. (Windows default: WORKGROUP)
Be sure that your machine is not named Localhost, since it will resolve on Windows to 127.0.0.1.
Starting services
Start smbd and nmbd to provide basic file sharing through SMB:
# systemctl start smbd # systemctl start nmbd
To enable the services on bootup:
# systemctl enable smbd # systemctl enable nmbd
systemctl disable smbd.service systemctl enable smbd.socket
This marks the named objects for automatic export to the environment of subsequently executed commands:
# export USERSHARES_DIR="/var/lib/samba/usershare" # export USERSHARES_GROUP="sambashare"
This creates the usershares directory in var/lib/samba:
# mkdir -p ${USERSHARES_DIR}
This makes the group sambashare:
# groupadd ${USERSHARES_GROUP}
This changes the owner of the directory and group you just created to root:
# chown root:${USERSHARES_GROUP} ${USERSHARES_DIR}
This changes the permissions of the usershares directory so that users in the group sambashare can read, write and execute files:
# chmod 1770 ${USERSHARES_DIR}
Set the following variables in smb.conf
configuration file:
/etc/samba/smb.conf
... [global] usershare path = /var/lib/samba/usershare usershare max shares = 100 usershare allow guests = yes usershare owner only = False ...
Save the file and then add your user to the group sambashares replacing "your_username" with the name of your user:
# usermod -a -G ${USERSHARES_GROUP} your_username
Restart Samba.
# systemctl restart smbd nmbd
Log out and log back in. You should now be able to configure your samba share using GUI. For example, in Thunar you can right click on any directory and share it on the network.
When the error You are not the owner of the folder
appears, simply try to reboot the system.
Adding a user
To log into a Samba share, a samba user is needed. The user must already have a Linux user account with the same name on the server, otherwise running the next command will fail:
# pdbedit -a -u user
Changing a password
To change a user's password, use smbpasswd
:
# smbpasswd username
Client configuration
Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.
There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.
Manual mounting
Install smbclient from the official repositories. If you want a lighter approach and do not need the ability to list public shares, you need only install cifs-utils to provide /usr/bin/mount.cifs
.
To list public shares on a server:
$ smbclient -L hostname -U%
Create a mount point for the share:
# mkdir /mnt/mountpoint
Mount the share using the mount.cifs
type. Not all the options listed below are needed or desirable (ie. password
).
# mount -t cifs //SERVER/SHARENAME /mnt/MOUNTPOINT -o user=USERNAME,password=PASSWORD,workgroup=WORKGROUP,ip=SERVERIP
SERVER
- The Windows system name.
SHARENAME
- The shared directory.
MOUNTPOINT
- The local directory where the share will be mounted.
-o [options]
- See
man mount.cifs
for more information.
- Abstain from using a trailing
/
.//SERVER/SHARENAME/
will not work. - If your mount does not work stable, stutters or freezes, try to enable different SMB protocol version with
vers=
option. For example,vers=2.0
for Windows Vista mount.
The simplest way to add an fstab entry is something like this:
/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs username=USER,password=PASSWORD 0 0
However, storing passwords in a world readable file is not recommended! A safer method would be to use a credentials file. As an example, create a file and chmod 600 filename
so only the owning user can read and write to it. It should contain the following information:
/path/to/credentials/sambacreds
username=USERNAME password=PASSWORD
and the line in your fstab should look something like this:
/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs credentials=/path/to/credentials/sambacreds 0 0
If using systemd (modern installations), one can utilize the comment=systemd.automount option, which speeds up service boot by a few seconds. Also, one can map current user and group to make life a bit easier, utilizing uid and gid options (warning: using the uid and gid options may cause input ouput errors in programs that try to fetch data from network drives):
/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs credentials=/path/to/smbcredentials,comment=systemd.automount,uid=USERNAME,gid=USERGROUP 0 0
\040
(ASCII code for space in octal). For example, //SERVER/SHARE\ NAME
on the command line should be //SERVER/SHARE\040NAME
in fstab.User mounting
/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs users,credentials=/path/to/smbcredentials,workgroup=WORKGROUP,ip=SERVERIP 0 0
This will allow users to mount it as long as the mount point resides in a directory controllable by the user; i.e. the user's home. For users to be allowed to mount and unmount the Samba shares with mount points that they do not own, use smbnetfs, or grant privileges using sudo.
Automatic mounting
There are several ways to easily browse shared resources:
smbnetfs
First, check if you can see all the shares you are interested in mounting:
$ smbtree -U remote_user
If that does not work, find and modify the following line
in /etc/samba/smb.conf
accordingly:
domain master = auto
Now restart Samba as seen above:
# systemctl restart smbd nmbd
If everything works as expected, install smbnetfs from the official repositories.
Then, add the following line to /etc/fuse.conf
:
user_allow_other
and load the fuse
kernel module:
# modprobe fuse
Now copy the directory /etc/smbnetfs/.smb to your home directory.
$ cp -a /etc/smbnetfs/.smb ~
Then create a link to the smb.conf file:
$ ln -s /etc/samba/smb.conf ~/.smb/smb.conf
If a username and a password are required to access some of the shared folders, edit ~/.smb/smbnetfs.auth
to include one or more entries like this:
~/.smb/smbnetfs.auth
auth "hostname" "username" "password"
It is also possible to add entries for specific hosts to be mounted by smbnetfs, if necessary.
More details can be found in ~/.smb/smbnetfs.conf
.
When you are done with the configuration, you need to run
$ chmod 600 ~/.smb/smbnetfs.*
Otherwise, smbnetfs complains about 'insecure config file permissions'.
Finally, to mount your Samba network neighbourhood to a directory of your choice, call
$ smbnetfs mount_point
Daemon
The Arch Linux package also maintains an additional system-wide
operation mode for smbnetfs. To enable it, you need to make the
said modifications in the directoy /etc/smbnetfs/.smb
.
Then, you can start and/or enable the smbnetfs
daemon as usual.
The system-wide mount point is at /mnt/smbnet/
.
fusesmb
smbclient 3.2.X
is malfunctioning with fusesmb
, revert to using older versions if necessary. See the relevant forum topic for details.- Install fusesmbAUR, available in the AUR.
- Create a mount point:
mkdir /mnt/fusesmb
- Load
fuse
kernel module. - Mount the shares:
fusesmb -o allow_other /mnt/fusesmb
autofs
See Autofs for information on the kernel-based automounter for Linux.
File manager configuration
Nautilus and Nemo
In order to access samba shares through Nautilus or Nemo, install the gvfs-smb package, available in the Official Repositories.
Press Ctrl+l
and enter smb://servername/share
in the location bar to access your share.
The mounted share is likely to be present at /run/user/your_UID/gvfs
in the filesystem.
Thunar and PCManFM
For access using Thunar or PCManFM, install gvfs-smb, available in the official repositories.
Go to smb://servername/share
, to access your share.
KDE
KDE, has the ability to browse Samba shares built in. Therefore do not need any additional packages. However, for a GUI in the KDE System Settings, install the kdenetwork-filesharing package from the official repositories.
If when navigating with Dolphin you get a "Time Out" Error, you should uncomment and edit this line in smb.conf:name resolve order = lmhosts bcast host wins
as shown in this page.
Other graphical environments
There are a number of useful programs, but they may need to have packages created for them. This can be done with the Arch package build system. The good thing about these others is that they do not require a particular environment to be installed to support them, and so they bring along less baggage.
- pyneighborhood is available in the official repositories.
- LinNeighborhood, RUmba, xffm-samba plugin for Xffm are not available in the official repositories or the AUR. As they are not officially (or even unofficially supported), they may be obsolete and may not work at all.