Difference between revisions of "User:Axanon/trashcan"

From ArchWiki
Jump to: navigation, search
Line 23: Line 23:
 
'''Samba''' is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to [[NFS]].  Some users say that Samba is easily configured and that operation is very straight-forward.  However, many new users run into problems with its complexity and non-intuitive mechanism.  It is strongly suggested that the user stick close to the following directions.
 
'''Samba''' is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to [[NFS]].  Some users say that Samba is easily configured and that operation is very straight-forward.  However, many new users run into problems with its complexity and non-intuitive mechanism.  It is strongly suggested that the user stick close to the following directions.
  
==Required Packages==
+
==Required packages==
 
===Server===
 
===Server===
 
To share files with Samba, install {{Pkg|samba}}, from the [[Official Repositories]].
 
To share files with Samba, install {{Pkg|samba}}, from the [[Official Repositories]].
Line 30: Line 30:
 
Only {{Pkg|smbclient}} is required to access files from a Samba/SMB/CIFS server. It is also available from the Official Repositories.
 
Only {{Pkg|smbclient}} is required to access files from a Samba/SMB/CIFS server. It is also available from the Official Repositories.
  
==Server Configuration==
+
==Server configuration==
 
The {{ic|/etc/samba/smb.conf}} file must be created before starting the daemons. Once that is set up, users may opt for using an advanced configuration interface like SWAT.
 
The {{ic|/etc/samba/smb.conf}} file must be created before starting the daemons. Once that is set up, users may opt for using an advanced configuration interface like SWAT.
  
Line 36: Line 36:
 
{{bc|# cp /etc/samba/smb.conf.default /etc/samba/smb.conf}}
 
{{bc|# cp /etc/samba/smb.conf.default /etc/samba/smb.conf}}
  
===Creating a Share===
+
===Creating a share===
 
Edit {{ic|/etc/samba/smb.conf}}, scroll down to the '''Share Definitions''' section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.
 
Edit {{ic|/etc/samba/smb.conf}}, scroll down to the '''Share Definitions''' section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.
  
 
There are a number of commented sample configurations included. More information about available options for shared resources can be found in {{ic|man smb.conf}}. [http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html Here] is the on-line version.
 
There are a number of commented sample configurations included. More information about available options for shared resources can be found in {{ic|man smb.conf}}. [http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html Here] is the on-line version.
  
===Adding a User===
+
===Adding a user===
 
To log into a Samba share, a samba user is needed. The user '''must''' already have a [[Users and Groups|Linux user account]] with the same name on the server, otherwise running the next command will fail:
 
To log into a Samba share, a samba user is needed. The user '''must''' already have a [[Users and Groups|Linux user account]] with the same name on the server, otherwise running the next command will fail:
 
  # pdbedit -a -u <user>
 
  # pdbedit -a -u <user>
Line 47: Line 47:
 
{{Note|As of version 3.4.0, smbpasswd is no longer used by default. Existing smbpasswd databases can be [[Samba#Changes in Samba version 3.4.0|converted to the new format]]}}
 
{{Note|As of version 3.4.0, smbpasswd is no longer used by default. Existing smbpasswd databases can be [[Samba#Changes in Samba version 3.4.0|converted to the new format]]}}
  
=== Web-based Configuration===
+
=== Web-based configuration===
 
'''SWAT''' (Samba Web Administration Tool) is a facility that is part of the Samba suite. Whether or not to use this tool remains a matter of personal preference. It does allow for quick configuration and has context-sensitive help for each {{ic|smb.conf}} parameter. SWAT also provides an interface for monitoring of current state of connection(s), and  allows network-wide MS Windows network password management.
 
'''SWAT''' (Samba Web Administration Tool) is a facility that is part of the Samba suite. Whether or not to use this tool remains a matter of personal preference. It does allow for quick configuration and has context-sensitive help for each {{ic|smb.conf}} parameter. SWAT also provides an interface for monitoring of current state of connection(s), and  allows network-wide MS Windows network password management.
  
Line 80: Line 80:
 
{{Note|An all-encompasing [[Webmin]] tool is also available, and the SWAT module can be loaded there.}}
 
{{Note|An all-encompasing [[Webmin]] tool is also available, and the SWAT module can be loaded there.}}
  
==Client Configuration==
+
==Client configuration==
 
Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.
 
Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.
  
 
There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.
 
There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.
  
===Manual Mounting===
+
===Manual mounting===
 
Install {{pkg|smbclient}} from the [[Official Repositories]].
 
Install {{pkg|smbclient}} from the [[Official Repositories]].
  
Line 104: Line 104:
 
{{ic|'''-o <nowiki>[options]</nowiki>'''}}
 
{{ic|'''-o <nowiki>[options]</nowiki>'''}}
 
:See {{ic|man mount.cifs}} for more information:
 
:See {{ic|man mount.cifs}} for more information:
 +
{{Note|Abstain from using a trailing '''/'''. {{ic|//SERVER/SHARENAME'''/'''}} will not work.}}
 +
====Add Share to /etc/fstab====
 +
The simplest way to add an fstab entry is something like this:
 +
{{hc|/etc/fstab|<nowiki>
 +
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs username=USER,password=PASSWORD,workgroup=WORKGROUP,ip=SERVERIP 0 0</nowiki>}}
 +
However, storing passwords in a world readable file is not recommended! A safer method would be to use a credentials file. As an example, create a file and {{ic|chmod 600 <filename>}} so only the owning user can read and write to it. It should contain the following information:
 +
{{hc|/path/to/credentials/sambacreds|<nowiki>
 +
username=USERNAME
 +
password=PASSWORD</nowiki>}}
 +
and the line in your fstab should look something like this:
 +
{{hc|/etc/fstab|<nowiki>
 +
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs username=USER,credentials=/path/to/credentials/sambacreds,workgroup=WORKGROUP,ip=SERVERIP 0 0</nowiki>}}
 +
If using '''systemd''' (modern installations), one can utilize the '''comment=systemd.automount''' option, which speeds up service boot by a few seconds. Also, one can map current user and group to make life a bit easier, utilizing '''uid''' and '''gid''' options:
 +
{{hc|/etc/fstab|<nowiki>//SERVER/SHARENAME /mnt/MOUNTPOINT cifs credentials=/path/to/smbcredentials,comment=systemd.automount,uid=USERNAME,gid=USERGROUP 0 0</nowiki>}}
 +
 +
====User mounting====
 +
{{hc|/etc/fstab|<nowiki>//SERVER/SHARENAME /mnt/MOUNTPOINT cifs users,noauto,credentials=/path/to/smbcredentials,workgroup=WORKGROUP,ip=SERVERIP 0 0</nowiki>}}
 +
{{note|Note: The option is user'''s''' (plural). For other filesystem types handled by mount, this option is usually ''user''; sans the "'''s'''".}}
 +
 +
This will allow users to mount it as long as the mount point resides in a directory controllable by the user; i.e. the user's home. For users to be allowed to mount and unmount the Samba shares with mount points that they do not own, use [[Samba#smbnetfs|smbnetfs]], or grant privileges using [[sudo]].
  
====Add Share to fstab====
 
====User Mounting====
 
 
===Automatic Mounting===
 
===Automatic Mounting===
 +
There are several ways to easily browse shared resources:
 
====smbnetfs====
 
====smbnetfs====
 +
Install {{pkg|smbnetfs}}, from the [[Official Repositories]].
 +
 +
Add the following line to {{ic|/etc/fuse.conf}}:
 +
{{bc|user_allow_other}}
 +
and load the {{ic|fuse}} [[kernel module]]:
 +
{{bc|# modprobe fuse}}
 +
 +
Start and enable the smbnetfs [[daemon]].
 +
 +
If a username and a password are required to access some of the shared folders, edit /etc/smbnetfs/.smb/smbnetfs.conf and uncomment the line starting with "auth":
 +
 +
{{hc|/etc/smbnetfs/.smb/smbnetfs.conf|
 +
auth "hostname" "username" "password"
 +
}}
 +
 +
Make sure to {{ic|chmod 600 /etc/smbnetfs/.smb/smbnetfs.conf}}, and any include files for smbnetfs to work correctly.
 +
 
====fusesmb====
 
====fusesmb====
 +
{{Note|1=Because {{ic|smbclient 3.2.X}} is malfunctioning with {{ic|fusesmb}}, revert to using older versions if necessary. See the [https://bbs.archlinux.org/viewtopic.php?id=58434 relevant forum topic] for details.}}
 +
 +
# Install {{AUR|fusesmb}}, available in the [[Arch User Repository]].
 +
# Create a mount point: {{ic|# mkdir /mnt/fusesmb}}
 +
# Load {{ic|fuse}} [[kernel module]].
 +
# Mount the shares: {{bc|# fusesmb -o allow_other /mnt/fusesmb}}
 +
 
====autofs====
 
====autofs====
 +
See [[Autofs]] for information on the kernel-based automounter for Linux.
 +
 
===File Manager Configuration===
 
===File Manager Configuration===
 
====Nautilus====
 
====Nautilus====

Revision as of 12:51, 24 January 2013

Summary help replacing me
Installing, configuring and troubleshooting Samba
Related
NFS
Samba Domain Controller


Samba is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to NFS. Some users say that Samba is easily configured and that operation is very straight-forward. However, many new users run into problems with its complexity and non-intuitive mechanism. It is strongly suggested that the user stick close to the following directions.

Required packages

Server

To share files with Samba, install samba, from the Official Repositories.

Client

Only smbclient is required to access files from a Samba/SMB/CIFS server. It is also available from the Official Repositories.

Server configuration

The /etc/samba/smb.conf file must be created before starting the daemons. Once that is set up, users may opt for using an advanced configuration interface like SWAT.

As root, copy the default Samba configuration file to /etc/samba/smb.conf:

# cp /etc/samba/smb.conf.default /etc/samba/smb.conf

Creating a share

Edit /etc/samba/smb.conf, scroll down to the Share Definitions section. The default configuration automatically creates a share for each user's home directory. It also creates a share for printers by default.

There are a number of commented sample configurations included. More information about available options for shared resources can be found in man smb.conf. Here is the on-line version.

Adding a user

To log into a Samba share, a samba user is needed. The user must already have a Linux user account with the same name on the server, otherwise running the next command will fail:

# pdbedit -a -u <user>
Note: As of version 3.4.0, smbpasswd is no longer used by default. Existing smbpasswd databases can be converted to the new format

Web-based configuration

SWAT (Samba Web Administration Tool) is a facility that is part of the Samba suite. Whether or not to use this tool remains a matter of personal preference. It does allow for quick configuration and has context-sensitive help for each smb.conf parameter. SWAT also provides an interface for monitoring of current state of connection(s), and allows network-wide MS Windows network password management.

Warning: Before using SWAT, be warned that SWAT will completely replace /etc/samba/smb.conf with a fully optimized file that has been stripped of all comments, and only non-default settings will be written to the file.

To use SWAT, first install xinetd, available in the Official Repositories.

Edit /etc/xinetd.d/swat. To enable SWAT, change the disable = yes line to disable = no.

/etc/xinetd.d/swat
service swat
{
        type                    = UNLISTED
        protocol                = tcp
        port                    = 901
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/swat
        log_on_success          += HOST DURATION
        log_on_failure          += HOST
        disable                 = no
}

Alternatively, add an entry for swat to /etc/services and omit the first 3 lines of the configuration.

Then start/enable the xinetd daemon.

The web interface can be accessed on port 901 by default: http://localhost:901/

Note: An all-encompasing Webmin tool is also available, and the SWAT module can be loaded there.

Client configuration

Shared resources from other computers on the LAN may be accessed and mounted locally by GUI or CLI methods. The graphical manner is limited since most lightweight Desktop Environments do not have a native way to facilitate accessing these shared resources.

There are two parts to share access. First is the underlying file system mechanism, and second is the interface which allows the user to select to mount shared resources. Some environments have the first part built into them.

Manual mounting

Install smbclient from the Official Repositories.

To list public shares on a server:

$ smbclient -L <hostname> -U%

Create a mount point for the share:

# mkdir /mnt/MOUNTPOINT

Mount the share using the mount.cifs type. Not all the options listed below are needed or desirable (ie. password).

# mount -t cifs //SERVER/SHARENAME /mnt/MOUNTPOINT -o user=USERNAME,password=PASSWORD,workgroup=WORKGROUP,ip=SERVERIP

SERVER

The Windows system name.

SHARENAME

The shared directory.

MOUNTPOINT

The local directory where the share will be mounted.

-o [options]

See man mount.cifs for more information:
Note: Abstain from using a trailing /. //SERVER/SHARENAME/ will not work.

Add Share to /etc/fstab

The simplest way to add an fstab entry is something like this:

/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs username=USER,password=PASSWORD,workgroup=WORKGROUP,ip=SERVERIP 0 0

However, storing passwords in a world readable file is not recommended! A safer method would be to use a credentials file. As an example, create a file and chmod 600 <filename> so only the owning user can read and write to it. It should contain the following information:

/path/to/credentials/sambacreds
username=USERNAME
password=PASSWORD

and the line in your fstab should look something like this:

/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs username=USER,credentials=/path/to/credentials/sambacreds,workgroup=WORKGROUP,ip=SERVERIP 0 0

If using systemd (modern installations), one can utilize the comment=systemd.automount option, which speeds up service boot by a few seconds. Also, one can map current user and group to make life a bit easier, utilizing uid and gid options:

/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs credentials=/path/to/smbcredentials,comment=systemd.automount,uid=USERNAME,gid=USERGROUP 0 0

User mounting

/etc/fstab
//SERVER/SHARENAME /mnt/MOUNTPOINT cifs users,noauto,credentials=/path/to/smbcredentials,workgroup=WORKGROUP,ip=SERVERIP 0 0
Note: Note: The option is users (plural). For other filesystem types handled by mount, this option is usually user; sans the "s".

This will allow users to mount it as long as the mount point resides in a directory controllable by the user; i.e. the user's home. For users to be allowed to mount and unmount the Samba shares with mount points that they do not own, use smbnetfs, or grant privileges using sudo.

Automatic Mounting

There are several ways to easily browse shared resources:

smbnetfs

Install smbnetfs, from the Official Repositories.

Add the following line to /etc/fuse.conf:

user_allow_other

and load the fuse kernel module:

# modprobe fuse

Start and enable the smbnetfs daemon.

If a username and a password are required to access some of the shared folders, edit /etc/smbnetfs/.smb/smbnetfs.conf and uncomment the line starting with "auth":

/etc/smbnetfs/.smb/smbnetfs.conf
auth			"hostname" "username" "password"

Make sure to chmod 600 /etc/smbnetfs/.smb/smbnetfs.conf, and any include files for smbnetfs to work correctly.

fusesmb

Note: Because smbclient 3.2.X is malfunctioning with fusesmb, revert to using older versions if necessary. See the relevant forum topic for details.
  1. Install fusesmbAUR, available in the Arch User Repository.
  2. Create a mount point: # mkdir /mnt/fusesmb
  3. Load fuse kernel module.
  4. Mount the shares:
    # fusesmb -o allow_other /mnt/fusesmb

autofs

See Autofs for information on the kernel-based automounter for Linux.

File Manager Configuration

Nautilus

Thunar

KDE

Other Graphical Environments

See also