Difference between revisions of "Samba"

From ArchWiki
Jump to: navigation, search
(Removed references to the samba service, as they fail in the current version of samba (see talk page))
(try to synchronize the related articles of the Samba ring)
(32 intermediate revisions by 16 users not shown)
Line 2: Line 2:
 
[[Category:Networking]]
 
[[Category:Networking]]
 
[[cs:Samba]]
 
[[cs:Samba]]
[[de:Samba]]
 
 
[[da:Samba]]
 
[[da:Samba]]
 +
[[de:Samba]]
 
[[es:Samba]]
 
[[es:Samba]]
 
[[fr:Samba]]
 
[[fr:Samba]]
 
[[it:Samba]]
 
[[it:Samba]]
 +
[[ja:Samba]]
 
[[ru:Samba]]
 
[[ru:Samba]]
 
[[sr:Samba]]
 
[[sr:Samba]]
Line 12: Line 13:
 
[[zh-CN:Samba]]
 
[[zh-CN:Samba]]
 
[[zh-TW:Samba]]
 
[[zh-TW:Samba]]
[[ja:Samba]]
+
{{Related articles start}}
{{Article summary start|Summary}}
+
{{Related|Samba/Tips and tricks}}
{{Article summary text|Installing, configuring and troubleshooting Samba}}
+
{{Related|Samba/Troubleshooting}}
{{Article summary heading|Related}}
+
{{Related|Samba/Advanced file sharing with KDE4}}
{{Article summary wiki|NFS}}
+
{{Related|Samba Domain Controller}}
{{Article summary wiki|Samba Domain Controller}}
+
{{Related|Active Directory Integration}}
{{Article summary wiki|Active Directory Integration}}
+
{{Related|Samba 4 Active Directory Domain Controller}}
{{Article summary end}}
+
{{Related|OpenChange Server}}
'''Samba''' is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to [[NFS]].  Some users say that Samba is easily configured and that operation is very straight-forward.  However, many new users run into problems with its complexity and non-intuitive mechanism.  It is strongly suggested that the user stick close to the following directions.
+
{{Related|NFS}}
 +
{{Related articles end}}
  
==Required packages==
+
'''Samba''' is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to NFS. Some users say that Samba is easily configured and that operation is very straight-forward. However, many new users run into problems with its complexity and non-intuitive mechanism. It is strongly suggested that the user stick close to the following directions.
===Server===
+
To share files with Samba, install {{Pkg|samba}}, from the [[Official Repositories]].
+
  
===Client===
+
== Server configuration ==
Only {{Pkg|smbclient}} is required to access files from a Samba/SMB/CIFS server. It is also available from the Official Repositories.
+
  
==Server configuration==
+
To share files with Samba, install {{Pkg|samba}}, from the [[official repositories]].
The {{ic|/etc/samba/smb.conf}} file must be created before starting the service. Once that is set up, users may opt for using an advanced configuration interface like SWAT.
+
  
As root, copy the default Samba configuration file to {{ic|/etc/samba/smb.conf}}:
+
The Samba server is configured in {{ic|/etc/samba/smb.conf}}. Copy the default Samba configuration file to {{ic|/etc/samba/smb.conf}}:
{{bc|# cp /etc/samba/smb.conf.default /etc/samba/smb.conf}}
+
# cp /etc/samba/smb.conf.default /etc/samba/smb.conf
 +
 
 +
=== Creating a share ===
  
===Creating a share===
 
 
Edit {{ic|/etc/samba/smb.conf}}, scroll down to the '''Share Definitions''' section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.
 
Edit {{ic|/etc/samba/smb.conf}}, scroll down to the '''Share Definitions''' section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.
  
 
There are a number of commented sample configurations included. More information about available options for shared resources can be found in {{ic|man smb.conf}}. [http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html Here] is the on-line version.
 
There are a number of commented sample configurations included. More information about available options for shared resources can be found in {{ic|man smb.conf}}. [http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html Here] is the on-line version.
  
On Windows side, be sure to change smb.conf to the Windows Workgroup. (Windows default: WORKGROUP)
+
On Windows side, be sure to change {{ic|smb.conf}} to the Windows Workgroup. (Windows default: WORKGROUP)
  
 
Be sure that your machine is not named Localhost, since it will resolve on Windows to 127.0.0.1.
 
Be sure that your machine is not named Localhost, since it will resolve on Windows to 127.0.0.1.
  
 
=== Starting services ===
 
=== Starting services ===
 +
 
Start [http://www.samba.org/samba/docs/man/manpages-3/smbd.8.html smbd] and [http://www.samba.org/samba/docs/man/manpages-3/nmbd.8.html nmbd] to provide basic file sharing through SMB:
 
Start [http://www.samba.org/samba/docs/man/manpages-3/smbd.8.html smbd] and [http://www.samba.org/samba/docs/man/manpages-3/nmbd.8.html nmbd] to provide basic file sharing through SMB:
 
  # systemctl start smbd
 
  # systemctl start smbd
 
  # systemctl start nmbd
 
  # systemctl start nmbd
  
To enable the services on bootup:
+
If you want to start Samba at boot, enable {{ic|smbd}} and {{ic|nmbd}}.
# systemctl enable smbd
+
# systemctl enable nmbd
+
  
 
{{Note|Or you can enable Samba socket so the daemon is started on the first incoming connection:
 
{{Note|Or you can enable Samba socket so the daemon is started on the first incoming connection:
 
{{bc|
 
{{bc|
 
systemctl disable smbd.service
 
systemctl disable smbd.service
systemctl enable smbd.socket}}}}
+
systemctl enable smbd.socket
 +
}}}}
  
 
=== Creating user share path ===
 
=== Creating user share path ===
 +
 
This marks the named objects for automatic export to the environment of subsequently executed commands:
 
This marks the named objects for automatic export to the environment of subsequently executed commands:
  {{bc|<nowiki># export USERSHARES_DIR="/var/lib/samba/usershares"
+
 
# export USERSHARES_GROUP="sambashare"</nowiki>}}
+
# export USERSHARES_DIR="/var/lib/samba/usershare"
 +
# export USERSHARES_GROUP="sambashare"
 +
 
 
This creates the usershares directory in var/lib/samba:
 
This creates the usershares directory in var/lib/samba:
  {{bc|<nowiki># mkdir -p ${USERSHARES_DIR}</nowiki>}}
+
 
 +
# mkdir -p ${USERSHARES_DIR}
 +
 
 
This makes the group sambashare:
 
This makes the group sambashare:
  {{bc|<nowiki># groupadd ${USERSHARES_GROUP}</nowiki>}}
+
 
 +
# groupadd ${USERSHARES_GROUP}
 +
 
 
This changes the owner of the directory and group you just created to root:
 
This changes the owner of the directory and group you just created to root:
  {{bc|<nowiki># chown root:${USERSHARES_GROUP} ${USERSHARES_DIR}</nowiki>}}
+
 
 +
# chown root:${USERSHARES_GROUP} ${USERSHARES_DIR}
 +
 
 
This changes the permissions of the usershares directory so that users in the group sambashare can read, write and execute files:
 
This changes the permissions of the usershares directory so that users in the group sambashare can read, write and execute files:
  {{bc|<nowiki># chmod 1770 ${USERSHARES_DIR}</nowiki>}}
+
 
 +
# chmod 1770 ${USERSHARES_DIR}
 +
 
 
Set the following variables in {{ic|smb.conf}} configuration file:  
 
Set the following variables in {{ic|smb.conf}} configuration file:  
{{hc|/etc/samba/smb.conf|2=...
+
 
[global]
+
{{hc|/etc/samba/smb.conf|2=
  usershare path = /var/lib/samba/usershares
+
...
  usershare max shares = 100
+
[global]
  usershare allow guests = yes
+
  usershare path = /var/lib/samba/usershare
  usershare owner only = False
+
  usershare max shares = 100
...
+
  usershare allow guests = yes
 +
  usershare owner only = False
 +
  ...
 
}}
 
}}
Save the file and then add your user to the group sambashares replacing "your_username" with the name of your  user:
 
  {{bc|# usermod -a -G ${USERSHARES_GROUP} your_username}}
 
  
Restart Samba
+
Save the file and then add your user to the group sambashares replacing ''your_username'' with the name of your  user:
 +
 
 +
# usermod -a -G ${USERSHARES_GROUP} ''your_username''
 +
 
 +
Restart {{ic|smbd}} and {{ic|nmbd}}.
  
 
Log out and log back in. You should now be able to configure your samba share using GUI. For example, in [[Thunar]] you can right click on any directory and share it on the network.
 
Log out and log back in. You should now be able to configure your samba share using GUI. For example, in [[Thunar]] you can right click on any directory and share it on the network.
 
When the error {{ic|You are not the owner of the folder}} appears, simply try to reboot the system.
 
When the error {{ic|You are not the owner of the folder}} appears, simply try to reboot the system.
  
===Adding a user===
+
=== Adding a user ===
To log into a Samba share, a samba user is needed. The user '''must''' already have a [[Users and Groups|Linux user account]] with the same name on the server, otherwise running the next command will fail:
+
 
  # pdbedit -a -u <user>
+
To log into a Samba share, a samba user is needed. The user '''must''' already have a [[Users and groups|Linux user account]] with the same name on the server, otherwise running the next command will fail:
 +
  # pdbedit -a -u ''user''
  
 
{{Note|As of version 3.4.0, smbpasswd is no longer used by default. Existing smbpasswd databases can be [[Samba/Troubleshooting#Changes_in_Samba_version_3.4.0|converted to the new format]]}}
 
{{Note|As of version 3.4.0, smbpasswd is no longer used by default. Existing smbpasswd databases can be [[Samba/Troubleshooting#Changes_in_Samba_version_3.4.0|converted to the new format]]}}
  
===Changing a password===
+
=== Changing a password ===
  
To change a user's password, use <code>smbpasswd</code>:
+
To change a user's password, use {{ic|smbpasswd}}:
  
    sudo smbpasswd <username>
+
# smbpasswd ''username''
  
=== Web-based configuration (SWAT)===
+
== Client configuration ==
'''SWAT''' (Samba Web Administration Tool) is a facility that is part of the Samba suite. Whether or not to use this tool remains a matter of personal preference. It does allow for quick configuration and has context-sensitive help for each {{ic|smb.conf}} parameter. SWAT also provides an interface for monitoring of current state of connection(s), and  allows network-wide MS Windows network password management.
+
  
{{Warning|Before using SWAT, be warned that SWAT will completely replace {{ic|/etc/samba/smb.conf}} with a fully optimized file that has been stripped of all comments, and only non-default settings will be written to the file.}}
+
Only {{Pkg|smbclient}} is required to access files from a Samba/SMB/CIFS server. It is also available from the official repositories.
  
To use SWAT, two [[systemd]] unit files come with the samba package that allow for socket activation. The SWAT service will be called automatically should a user call on the configured socket. In this case, a TCP connection on a specific port.
+
Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.
  
First, review the socket configuration:
+
There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.
{{hc|/usr/lib/systemd/system/swat.socket|<nowiki>
+
[Unit]
+
Description=SWAT Samba Web Admin Tool
+
  
[Socket]
+
=== Manual mounting ===
ListenStream=127.0.0.1:901
+
Accept=true
+
  
[Install]
+
Install {{Pkg|smbclient}} from the official repositories. If you want a lighter approach and do not need the ability to list public shares, you need only install {{Pkg|cifs-utils}} to provide {{ic|/usr/bin/mount.cifs}}.
WantedBy=sockets.target
+
</nowiki>}}
+
  
{{Note|By default SWAT will only be available from the localhost, the system the SWAT service is installed on. If SWAT should be available for external connections, copy the unit to {{ic|<nowiki>/etc/systemd/system/swat.socket</nowiki>}}, and replace 127.0.0.1 with your system's LAN ip. i.e. {{ic|<nowiki>192.168.1.80:901</nowiki>}}.}}
+
To list  public shares on a server:
  
When satisfied with the configuration, start the socket:
+
  $ smbclient -L ''hostname'' -U%
  # systemctl start swat.socket
+
  
Or, should you want to enable SWAT during boot, enable:
+
Create a mount point for the share:
# systemctl enable swat.socket
+
  
The web interface can now be accessed on port 901 by default:
+
# mkdir /mnt/''mountpoint''
{{ic|http://localhost:901/}}
+
  
{{Note|An all-encompasing [[Webmin]] tool is also available, and the SWAT module can be loaded there.}}
+
Mount the share using the {{ic|mount.cifs}} type. Not all the options listed below are needed or desirable (ie. {{ic|password}}).
  
==Client configuration==
+
{{bc|1=
Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.
+
# mount -t cifs //''SERVER''/''sharename'' /mnt/''mountpoint'' -o user=''username'',password=''password'',workgroup=''workgroup'',ip=''serverip''
 +
}}
  
There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.
+
''SERVER''
 +
: The Windows system name.
  
===Manual mounting===
+
''sharename''
Install {{pkg|smbclient}} from the [[Official Repositories]].
+
: The shared directory.
  
To list  public shares on a server:
+
''mountpoint''
{{bc|$ smbclient -L <hostname> -U%}}
+
: The local directory where the share will be mounted.
  
Create a mount point for the share:
+
{{ic|<nowiki>-o [options]</nowiki>}}
{{bc|# mkdir /mnt/MOUNTPOINT}}
+
: See {{ic|man mount.cifs}} for more information.
 +
 
 +
{{Note|
 +
* Abstain from using a trailing {{ic|/}}. {{ic|//''SERVER''/''sharename'''''/'''}} will not work.
 +
* If your mount does not work stable, stutters or freezes, try to enable different SMB protocol version with {{ic|1=vers=}} option. For example, {{ic|1=vers=2.0}} for Windows Vista mount.
 +
}}
 +
 
 +
==== Add Share to /etc/fstab ====
  
Mount the share using the {{ic|mount.cifs}} type. Not all the options listed below are needed or desirable (ie. {{ic|password}}).
 
{{bc|# <nowiki>mount -t cifs //SERVER/SHARENAME /mnt/MOUNTPOINT -o user=USERNAME,password=PASSWORD,workgroup=WORKGROUP,ip=SERVERIP</nowiki>}}
 
{{ic|'''SERVER'''}}
 
:The Windows system name.
 
{{ic|'''SHARENAME'''}}
 
:The shared directory.
 
{{ic|'''MOUNTPOINT'''}}
 
:The local directory where the share will be mounted.
 
{{ic|'''-o <nowiki>[options]</nowiki>'''}}
 
:See {{ic|man mount.cifs}} for more information:
 
{{Note|Abstain from using a trailing '''/'''. {{ic|//SERVER/SHARENAME'''/'''}} will not work.}}
 
====Add Share to /etc/fstab====
 
 
The simplest way to add an fstab entry is something like this:
 
The simplest way to add an fstab entry is something like this:
{{hc|/etc/fstab|<nowiki>
+
 
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs username=USER,password=PASSWORD,workgroup=WORKGROUP,ip=SERVERIP 0 0</nowiki>}}
+
{{hc|/etc/fstab|2=
However, storing passwords in a world readable file is not recommended! A safer method would be to use a credentials file. As an example, create a file and {{ic|chmod 600 <filename>}} so only the owning user can read and write to it. It should contain the following information:
+
//''SERVER''/''sharename'' /mnt/''mountpoint'' cifs username=''username'',password=''password'' 0 0
{{hc|/path/to/credentials/sambacreds|<nowiki>
+
}}
username=USERNAME
+
 
password=PASSWORD</nowiki>}}
+
However, storing passwords in a world readable file is not recommended! A safer method would be to use a credentials file. As an example, create a file and {{ic|chmod 600 ''filename''}} so only the owning user can read and write to it. It should contain the following information:
 +
 
 +
{{hc|/path/to/credentials/sambacreds|2=
 +
username=''username''
 +
password=''password''
 +
}}
 +
 
 
and the line in your fstab should look something like this:
 
and the line in your fstab should look something like this:
{{hc|/etc/fstab|<nowiki>
 
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs credentials=/path/to/credentials/sambacreds,workgroup=WORKGROUP,ip=SERVERIP 0 0</nowiki>}}
 
If using '''systemd''' (modern installations), one can utilize the '''comment=systemd.automount''' option, which speeds up service boot by a few seconds. Also, one can map current user and group to make life a bit easier, utilizing '''uid''' and '''gid''' options ('''warning:''' using the uid and gid options may cause input ouput errors in programs that try to fetch data from network drives):
 
{{hc|/etc/fstab|<nowiki>//SERVER/SHARENAME /mnt/MOUNTPOINT cifs credentials=/path/to/smbcredentials,comment=systemd.automount,uid=USERNAME,gid=USERGROUP 0 0</nowiki>}}
 
{{note|space in sharename should be replaced by \040 (ASCII code for space in octal). For example, //SERVER/SHARE\ NAME on the command line should be //SERVER/SHARE\040NAME in fstab.}}
 
  
====User mounting====
+
{{hc|/etc/fstab|2=
{{hc|/etc/fstab|<nowiki>//SERVER/SHARENAME /mnt/MOUNTPOINT cifs users,credentials=/path/to/smbcredentials,workgroup=WORKGROUP,ip=SERVERIP 0 0</nowiki>}}
+
//SERVER/SHARENAME /mnt/''mountpoint'' cifs credentials=''/path/to/credentials/sambacreds'' 0 0
{{note|Note: The option is user'''s''' (plural). For other filesystem types handled by mount, this option is usually ''user''; sans the "'''s'''".}}
+
}}
 +
 
 +
If using ''systemd'' (modern installations), one can utilize the {{ic|1=comment=systemd.automount}} option, which speeds up service boot by a few seconds. Also, one can map current user and group to make life a bit easier, utilizing {{ic|uid}} and {{ic|gid}} options.
 +
 
 +
{{Warning|Using the {{ic|uid}} and {{ic|gid}} options may cause input ouput errors in programs that try to fetch data from network drives.}}
 +
 
 +
{{hc|/etc/fstab|2=
 +
//''SERVER''/''SHARENAME'' /mnt/''mountpoint'' cifs credentials=''/path/to/smbcredentials'',comment=systemd.automount,uid=''username'',gid=''usergroup'' 0 0
 +
}}
 +
 
 +
{{Note|Space in sharename should be replaced by {{ic|\040}} (ASCII code for space in octal). For example, {{ic|//''SERVER''/share name}} on the command line should be {{ic|//''SERVER''/share\040name}} in {{ic|/etc/fstab}}.}}
 +
 
 +
==== User mounting ====
 +
 
 +
{{hc|/etc/fstab|2=
 +
//''SERVER''/''SHARENAME'' /mnt/''mountpoint'' cifs users,credentials=''/path/to/smbcredentials'',workgroup=''workgroup'',ip=''serverip'' 0 0
 +
}}
 +
 
 +
{{Note|The option is user'''s''' (plural). For other filesystem types handled by mount, this option is usually ''user''; sans the "'''s'''".}}
 +
 
 +
This will allow users to mount it as long as the mount point resides in a directory controllable by the user; i.e. the user's home. For users to be allowed to mount and unmount the Samba shares with mount points that they do not own, use [[#smbnetfs|smbnetfs]], or grant privileges using [[sudo]].
 +
 
 +
=== WINS host names ===
 +
 
 +
The {{pkg|smbclient}} package provides a driver to resolve host names using WINS. To enable it, add “wins” to the “hosts” line in /etc/nsswitch.conf.
  
This will allow users to mount it as long as the mount point resides in a directory controllable by the user; i.e. the user's home. For users to be allowed to mount and unmount the Samba shares with mount points that they do not own, use [[Samba#smbnetfs|smbnetfs]], or grant privileges using [[sudo]].
+
=== Automatic mounting ===
  
===Automatic Mounting===
 
 
There are several ways to easily browse shared resources:
 
There are several ways to easily browse shared resources:
====smbnetfs====
 
Install {{pkg|smbnetfs}}, from the [[Official Repositories]].
 
  
Add the following line to {{ic|/etc/fuse.conf}}:
+
==== smbnetfs ====
{{bc|user_allow_other}}
+
 
 +
{{Note|1=smbnetfs needs an intact Samba server setup.
 +
See above on how to do that.}}
 +
 
 +
First, check if you can see all the shares you are interested in mounting:
 +
$ smbtree -U ''remote_user''
 +
 
 +
If that does not work, find and modify the following line
 +
in {{ic|/etc/samba/smb.conf}} accordingly:
 +
domain master = auto
 +
 
 +
Now restart {{ic|smbd}} {{ic|nmbd}} as seen above.
 +
 
 +
If everything works as expected, install {{Pkg|smbnetfs}} from the official repositories.
 +
 
 +
Then, add the following line to {{ic|/etc/fuse.conf}}:
 +
 
 +
user_allow_other
 +
 
 
and load the {{ic|fuse}} [[kernel module]]:
 
and load the {{ic|fuse}} [[kernel module]]:
{{bc|# modprobe fuse}}
 
  
If a username and a password are required to access some of the shared folders, edit /etc/smbnetfs/.smb/smbnetfs.conf and uncomment the line starting with "auth":
+
# modprobe fuse
  
{{hc|/etc/smbnetfs/.smb/smbnetfs.conf|
+
Now copy the directory /etc/smbnetfs/.smb to your home directory.
 +
 
 +
$ cp -a /etc/smbnetfs/.smb ~
 +
 
 +
Then create a link to the smb.conf file:
 +
$ ln -s /etc/samba/smb.conf ~/.smb/smb.conf
 +
 
 +
If a username and a password are required to access some of the shared folders, edit {{ic|~/.smb/smbnetfs.auth}}
 +
to include one or more entries like this:
 +
 
 +
{{hc|~/.smb/smbnetfs.auth|
 
auth "hostname" "username" "password"
 
auth "hostname" "username" "password"
 
}}
 
}}
  
Make sure to {{ic|chmod 600 /etc/smbnetfs/.smb/smbnetfs.conf}}, and any include files for smbnetfs to work correctly.
+
It is also possible to add entries for specific hosts to be mounted by smbnetfs, if necessary.
 +
More details can be found in {{ic|~/.smb/smbnetfs.conf}}.
  
To mount the network
+
When you are done with the configuration, you need to run
  smbnetfs <MOUNT_POINT>
+
  $ chmod 600 ~/.smb/smbnetfs.*
 +
Otherwise, smbnetfs complains about 'insecure config file permissions'.
  
To browse the network
+
Finally, to mount your Samba network neighbourhood to a directory of your choice, call
  smbtree
+
  $ smbnetfs ''mount_point''
  
 
===== Daemon =====
 
===== Daemon =====
Start and enable the '''smbnetfs''' [[daemon]].
 
systemctl start smbnetfs.service
 
  
To enable on boot.
+
The Arch Linux package also maintains an additional system-wide operation mode for smbnetfs. To enable it, you need to make the
# Will be mounted on /mnt/smbnet/
+
said modifications in the directoy {{ic|/etc/smbnetfs/.smb}}.
systemctl enable smbnetfs.service
+
 
 +
Then, you can start and/or enable the {{ic|smbnetfs}} [[daemon]] as usual. The system-wide mount point is at {{ic|/mnt/smbnet/}}.
 +
 
 +
==== fusesmb ====
  
====fusesmb====
 
 
{{Note|1=Because {{ic|smbclient 3.2.X}} is malfunctioning with {{ic|fusesmb}}, revert to using older versions if necessary. See the [https://bbs.archlinux.org/viewtopic.php?id=58434 relevant forum topic] for details.}}
 
{{Note|1=Because {{ic|smbclient 3.2.X}} is malfunctioning with {{ic|fusesmb}}, revert to using older versions if necessary. See the [https://bbs.archlinux.org/viewtopic.php?id=58434 relevant forum topic] for details.}}
  
# Install {{AUR|fusesmb}}, available in the [[Arch User Repository]].
+
# Install {{AUR|fusesmb}}, available in the [[AUR]].
# Create a mount point: {{ic|# mkdir /mnt/fusesmb}}
+
# Create a mount point: {{ic|mkdir /mnt/fusesmb}}
 
# Load {{ic|fuse}} [[kernel module]].
 
# Load {{ic|fuse}} [[kernel module]].
# Mount the shares: {{bc|# fusesmb -o allow_other /mnt/fusesmb}}
+
# Mount the shares: {{bc|fusesmb -o allow_other /mnt/fusesmb}}
 +
 
 +
==== autofs ====
  
====autofs====
 
 
See [[Autofs]] for information on the kernel-based automounter for Linux.
 
See [[Autofs]] for information on the kernel-based automounter for Linux.
  
===File Manager Configuration===
+
=== File manager configuration ===
====Nautilus====
+
In order to access samba shares through Nautilus, install the {{pkg|gvfs-smb}} package, available in the [[Official Repositories]].
+
  
Press {{ic|Ctrl+L}} and enter {{ic|smb://servername/share}} in the location bar to access your share.
+
==== Nautilus and Nemo ====
  
The mounted share is likely to be present at {{ic|/run/user/<your UID>/gvfs}} in the filesystem.
+
In order to access samba shares through Nautilus or Nemo, install the {{Pkg|gvfs-smb}} package, available in the [[official repositories]].
  
====Thunar and pcmanfm====
+
Press {{ic|Ctrl+l}} and enter {{ic|smb://''servername''/''share''}} in the location bar to access your share.
For access using Thunar or pcmanfm, install {{pkg|gvfs-smb}}, available in the Official Repositories.  
+
 
 +
The mounted share is likely to be present at {{ic|/run/user/''your_UID''/gvfs}} in the filesystem.
 +
 
 +
==== Thunar and PCManFM ====
 +
 
 +
{{Merge|#Nautilus and Nemo|Identical, aren't they?}}
 +
For access using Thunar or PCManFM, install {{Pkg|gvfs-smb}}, available in the official repositories.  
  
 
Go to {{ic|smb://servername/share}}, to access your share.
 
Go to {{ic|smb://servername/share}}, to access your share.
  
====KDE====
+
==== KDE ====
KDE, has the ability to browse Samba shares built in. Therefore do not need any additional packages. However, for a GUI in the KDE System Settings, install the {{pkg|kdenetwork-filesharing}} package from the [[Official Repositories]]
+
 
 +
KDE, has the ability to browse Samba shares built in. Therefore do not need any additional packages. However, for a GUI in the KDE System Settings, install the {{Pkg|kdenetwork-filesharing}} package from the official repositories.
 +
 
 +
If when navigating with Dolphin you get a "Time Out" Error, you should uncomment and edit this line in smb.conf:{{bc|1=name resolve order = lmhosts bcast host wins}}
 +
as shown in this [http://ubuntuforums.org/showthread.php?t=1605499 page].
 +
 
 +
==== Other graphical environments ====
  
====Other Graphical Environments====
 
 
There are a number of useful programs, but they may need to have packages created for them. This can be done with the Arch package build system. The good thing about these others is that they do not require a particular environment to be installed to support them, and so they bring along less baggage.
 
There are a number of useful programs, but they may need to have packages created for them. This can be done with the Arch package build system. The good thing about these others is that they do not require a particular environment to be installed to support them, and so they bring along less baggage.
  
* {{pkg|pyneighborhood}} is available in the [[Official Repositories]].
+
* {{Pkg|pyneighborhood}} is available in the official repositories.
* LinNeighborhood, RUmba, xffm-samba plugin for Xffm are not available in the official repositories or the [[AUR]]. As they are not officially (or even unofficially supported), they may be obsolete and may not work at all.
+
* LinNeighborhood, RUmba, xffm-samba plugin for Xffm are not available in the official repositories or the AUR. As they are not officially (or even unofficially supported), they may be obsolete and may not work at all.
 +
 
 +
== See also ==
  
==See also==
 
* [[{{FULLPAGENAME}}/Tips and tricks|Tips and tricks]] - A dedicated page for alternate configurations and suggestions.
 
* [[{{FULLPAGENAME}}/Troubleshooting|Troubleshooting]] - A dedicated page for solving common (or not so common) issues.
 
 
* [http://www.samba.org/samba/docs/SambaIntro.html Samba: An Introduction]
 
* [http://www.samba.org/samba/docs/SambaIntro.html Samba: An Introduction]
 
* [http://www.samba.org/ Official Samba site]
 
* [http://www.samba.org/ Official Samba site]

Revision as of 07:45, 12 March 2014

Samba is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to NFS. Some users say that Samba is easily configured and that operation is very straight-forward. However, many new users run into problems with its complexity and non-intuitive mechanism. It is strongly suggested that the user stick close to the following directions.

Server configuration

To share files with Samba, install samba, from the official repositories.

The Samba server is configured in /etc/samba/smb.conf. Copy the default Samba configuration file to /etc/samba/smb.conf:

# cp /etc/samba/smb.conf.default /etc/samba/smb.conf

Creating a share

Edit /etc/samba/smb.conf, scroll down to the Share Definitions section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.

There are a number of commented sample configurations included. More information about available options for shared resources can be found in man smb.conf. Here is the on-line version.

On Windows side, be sure to change smb.conf to the Windows Workgroup. (Windows default: WORKGROUP)

Be sure that your machine is not named Localhost, since it will resolve on Windows to 127.0.0.1.

Starting services

Start smbd and nmbd to provide basic file sharing through SMB:

# systemctl start smbd
# systemctl start nmbd

If you want to start Samba at boot, enable smbd and nmbd.

Note: Or you can enable Samba socket so the daemon is started on the first incoming connection:
systemctl disable smbd.service
systemctl enable smbd.socket

Creating user share path

This marks the named objects for automatic export to the environment of subsequently executed commands:

# export USERSHARES_DIR="/var/lib/samba/usershare"
# export USERSHARES_GROUP="sambashare"

This creates the usershares directory in var/lib/samba:

# mkdir -p ${USERSHARES_DIR}

This makes the group sambashare:

# groupadd ${USERSHARES_GROUP}

This changes the owner of the directory and group you just created to root:

# chown root:${USERSHARES_GROUP} ${USERSHARES_DIR}

This changes the permissions of the usershares directory so that users in the group sambashare can read, write and execute files:

# chmod 1770 ${USERSHARES_DIR}

Set the following variables in smb.conf configuration file:

/etc/samba/smb.conf
...
[global]
  usershare path = /var/lib/samba/usershare
  usershare max shares = 100
  usershare allow guests = yes
  usershare owner only = False
  ...

Save the file and then add your user to the group sambashares replacing your_username with the name of your user:

# usermod -a -G ${USERSHARES_GROUP} your_username

Restart smbd and nmbd.

Log out and log back in. You should now be able to configure your samba share using GUI. For example, in Thunar you can right click on any directory and share it on the network. When the error You are not the owner of the folder appears, simply try to reboot the system.

Adding a user

To log into a Samba share, a samba user is needed. The user must already have a Linux user account with the same name on the server, otherwise running the next command will fail:

# pdbedit -a -u user
Note: As of version 3.4.0, smbpasswd is no longer used by default. Existing smbpasswd databases can be converted to the new format

Changing a password

To change a user's password, use smbpasswd:

# smbpasswd username

Client configuration

Only smbclient is required to access files from a Samba/SMB/CIFS server. It is also available from the official repositories.

Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.

There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.

Manual mounting

Install smbclient from the official repositories. If you want a lighter approach and do not need the ability to list public shares, you need only install cifs-utils to provide /usr/bin/mount.cifs.

To list public shares on a server:

$ smbclient -L hostname -U%

Create a mount point for the share:

# mkdir /mnt/mountpoint

Mount the share using the mount.cifs type. Not all the options listed below are needed or desirable (ie. password).

# mount -t cifs //SERVER/sharename /mnt/mountpoint -o user=username,password=password,workgroup=workgroup,ip=serverip

SERVER

The Windows system name.

sharename

The shared directory.

mountpoint

The local directory where the share will be mounted.

-o [options]

See man mount.cifs for more information.
Note:
  • Abstain from using a trailing /. //SERVER/sharename/ will not work.
  • If your mount does not work stable, stutters or freezes, try to enable different SMB protocol version with vers= option. For example, vers=2.0 for Windows Vista mount.

Add Share to /etc/fstab

The simplest way to add an fstab entry is something like this:

/etc/fstab
//SERVER/sharename /mnt/mountpoint cifs username=username,password=password 0 0

However, storing passwords in a world readable file is not recommended! A safer method would be to use a credentials file. As an example, create a file and chmod 600 filename so only the owning user can read and write to it. It should contain the following information:

/path/to/credentials/sambacreds
username=username
password=password

and the line in your fstab should look something like this:

/etc/fstab
//SERVER/SHARENAME /mnt/mountpoint cifs credentials=/path/to/credentials/sambacreds 0 0

If using systemd (modern installations), one can utilize the comment=systemd.automount option, which speeds up service boot by a few seconds. Also, one can map current user and group to make life a bit easier, utilizing uid and gid options.

Warning: Using the uid and gid options may cause input ouput errors in programs that try to fetch data from network drives.
/etc/fstab
//SERVER/SHARENAME /mnt/mountpoint cifs credentials=/path/to/smbcredentials,comment=systemd.automount,uid=username,gid=usergroup 0 0
Note: Space in sharename should be replaced by \040 (ASCII code for space in octal). For example, //SERVER/share name on the command line should be //SERVER/share\040name in /etc/fstab.

User mounting

/etc/fstab
//SERVER/SHARENAME /mnt/mountpoint cifs users,credentials=/path/to/smbcredentials,workgroup=workgroup,ip=serverip 0 0
Note: The option is users (plural). For other filesystem types handled by mount, this option is usually user; sans the "s".

This will allow users to mount it as long as the mount point resides in a directory controllable by the user; i.e. the user's home. For users to be allowed to mount and unmount the Samba shares with mount points that they do not own, use smbnetfs, or grant privileges using sudo.

WINS host names

The smbclient package provides a driver to resolve host names using WINS. To enable it, add “wins” to the “hosts” line in /etc/nsswitch.conf.

Automatic mounting

There are several ways to easily browse shared resources:

smbnetfs

Note: smbnetfs needs an intact Samba server setup. See above on how to do that.

First, check if you can see all the shares you are interested in mounting:

$ smbtree -U remote_user

If that does not work, find and modify the following line in /etc/samba/smb.conf accordingly:

domain master = auto

Now restart smbd nmbd as seen above.

If everything works as expected, install smbnetfs from the official repositories.

Then, add the following line to /etc/fuse.conf:

user_allow_other

and load the fuse kernel module:

# modprobe fuse

Now copy the directory /etc/smbnetfs/.smb to your home directory.

$ cp -a /etc/smbnetfs/.smb ~

Then create a link to the smb.conf file:

$ ln -s /etc/samba/smb.conf ~/.smb/smb.conf

If a username and a password are required to access some of the shared folders, edit ~/.smb/smbnetfs.auth to include one or more entries like this:

~/.smb/smbnetfs.auth
auth			"hostname" "username" "password"

It is also possible to add entries for specific hosts to be mounted by smbnetfs, if necessary. More details can be found in ~/.smb/smbnetfs.conf.

When you are done with the configuration, you need to run

$ chmod 600 ~/.smb/smbnetfs.*

Otherwise, smbnetfs complains about 'insecure config file permissions'.

Finally, to mount your Samba network neighbourhood to a directory of your choice, call

$ smbnetfs mount_point
Daemon

The Arch Linux package also maintains an additional system-wide operation mode for smbnetfs. To enable it, you need to make the said modifications in the directoy /etc/smbnetfs/.smb.

Then, you can start and/or enable the smbnetfs daemon as usual. The system-wide mount point is at /mnt/smbnet/.

fusesmb

Note: Because smbclient 3.2.X is malfunctioning with fusesmb, revert to using older versions if necessary. See the relevant forum topic for details.
  1. Install fusesmbAUR, available in the AUR.
  2. Create a mount point: mkdir /mnt/fusesmb
  3. Load fuse kernel module.
  4. Mount the shares:
    fusesmb -o allow_other /mnt/fusesmb

autofs

See Autofs for information on the kernel-based automounter for Linux.

File manager configuration

Nautilus and Nemo

In order to access samba shares through Nautilus or Nemo, install the gvfs-smb package, available in the official repositories.

Press Ctrl+l and enter smb://servername/share in the location bar to access your share.

The mounted share is likely to be present at /run/user/your_UID/gvfs in the filesystem.

Thunar and PCManFM

Merge-arrows-2.pngThis article or section is a candidate for merging with #Nautilus and Nemo.Merge-arrows-2.png

Notes: Identical, aren't they? (Discuss in Talk:Samba#)

For access using Thunar or PCManFM, install gvfs-smb, available in the official repositories.

Go to smb://servername/share, to access your share.

KDE

KDE, has the ability to browse Samba shares built in. Therefore do not need any additional packages. However, for a GUI in the KDE System Settings, install the kdenetwork-filesharing package from the official repositories.

If when navigating with Dolphin you get a "Time Out" Error, you should uncomment and edit this line in smb.conf:
name resolve order = lmhosts bcast host wins

as shown in this page.

Other graphical environments

There are a number of useful programs, but they may need to have packages created for them. This can be done with the Arch package build system. The good thing about these others is that they do not require a particular environment to be installed to support them, and so they bring along less baggage.

  • pyneighborhood is available in the official repositories.
  • LinNeighborhood, RUmba, xffm-samba plugin for Xffm are not available in the official repositories or the AUR. As they are not officially (or even unofficially supported), they may be obsolete and may not work at all.

See also