Difference between revisions of "User:Tomato"

From ArchWiki
Jump to: navigation, search
(Share a folder)
(start work on samba PDC/BDC)
Line 1: Line 1:
just my personal scrapbook
+
''just my personal scrapbook''
  
=== Configure simple file sharing from KDE4 using samba ===
+
Configuring Samba Domain/File server.
If you want to easily share files in read only mode go ahead and read this section, if you want to add write functionality too, you must read the section with advanced configuration.
+
  
{{Note|Sadly, simple file sharing functionality is implemented using SUID perl script, and as Archlinux does not support SUID scripts because of security reasons (just like any other recent UNIX like system) nor it has perl-suid package, we will have to get our hands dirty.}}
+
== What we want ==
 
+
* save and share files (duh)
Work plan:
+
* edit files/folders ACLs to the maximum extent possible for Samba
# install packages
+
** mapping of permission inheritance
# configure samba
+
* save file attributes (archive, system, hidden, read only) on samba server without screwing UNIX permissions
# modify {{Codeline|fileshareset}} scripts
+
* have the ability to manage users/computers in domain without the need to use UID 0 (root) account
# create C wrapper for {{Codeline|fileshareset}} to work as a SUID binary
+
# configure KDE side of things
+
# share a folder
+
 
+
Packages we will need:
+
* {{Package Official|kdebase-dolphin}} this is the interface we will use to share folders
+
* {{Package Official|samba}} for the server that will share files
+
* {{Package Official|kdenetwork-filesharing}} for System Settings File Sharing part
+
* {{Package Official|kdebase-runtime}} basic KDE workspace (but if you're reading this, chances are you already have it installed)
+
* {{Package Official|kdelibs3}} for {{Codeline|fileshareset}} (not sure about it, but as of KDE4.4.0 it's still a dependency)
+
* {{Package Official|gcc}} to compile SUID wrapper
+
 
+
==== Installing requisites ====
+
Install all packages and their dependencies:
+
 
+
{{Codeline|pacman -S kdebase-dolphin samba kdenetwork-filesharing kdebase-runtime kdelibs3 gcc}}
+
 
+
Log out and log in again (kdelibs3 are in non standard place and so the <code>PATH</code> must be updated)
+
 
+
==== Configuring samba ====
+
A basic config file works OK, though you'll need to create Samba users (with <code>smbpasswd -a &lt;user name&gt;</code> as root):
+
{{File|name=smb.conf|content=[global]
+
workgroup=HOME
+
server string = Samba Server
+
log file = /var/log/samba/&m.log
+
max log size = 50
+
load printers = No
+
dns proxy = No
+
 
+
[homes]
+
comment = Home Directories
+
read only = No
+
browsable = No
+
browseable = No
+
}}
+
 
+
Alternatively you can configure samba with <code>security = share</code> and add <code>guest account = &lt;your user name&gt;</code> to get an anonymous Samba server
+
 
+
Remember to add samba to <code>DAEMONS</code> in <code>/etc/rc.conf</code> if you want it to start at boot time.
+
 
+
==== Modifying fileshareset scripts ====
+
{{Command|name=|output=for directory in /opt/kde/bin/ /usr/lib/kde4/libexec; do
+
  cd $directory
+
  sed 's/\/init.d\//\/rc.d\//g' fileshareset > fileshareset.pl
+
  rm filesharelist
+
  ln -s fileshareset.pl filesharelist
+
done}}
+
 
+
==== Create C wrapper ====
+
Create such files in your home directory:
+
 
+
{{File|name=kde4.c|content=#include <stdio.h>
+
#include <stdlib.h>
+
#include <string.h>
+
#include <sys/types.h>
+
#include <unistd.h>
+
 
+
#define EXEC "/usr/lib/kde4/libexec/fileshareset.pl"
+
 
+
int
+
main(int argc, char** argv)
+
{
+
  char **args;
+
 
+
  setegid(0);
+
  seteuid(0);
+
  setgid(0);
+
  setuid(0);
+
 
+
  args = calloc(argc+1, sizeof(char**));
+
  if (args == 0)
+
    exit(1);
+
 
+
  for (int i=0; i < argc; i++)
+
  {
+
    args[i] = calloc(1,strlen(argv[i]));
+
    if(args[i] == 0)
+
      exit(1);
+
    strcpy(args[i], argv[i]);
+
  }
+
  return execv(EXEC, args);
+
}
+
}}
+
 
+
{{File|name=kde3.c|content=#include <stdio.h>
+
#include <stdlib.h>
+
#include <string.h>
+
#include <sys/types.h>
+
#include <unistd.h>
+
 
+
#define EXEC "/opt/kde/bin/fileshareset.pl"
+
 
+
int
+
main(int argc, char** argv)
+
{
+
  char **args;
+
 
+
  setegid(0);
+
  seteuid(0);
+
  setgid(0);
+
  setuid(0);
+
 
+
  args = calloc(argc+1, sizeof(char**));
+
  if (args == 0)
+
    exit(1);
+
 
+
  for (int i=0; i < argc; i++)
+
  {
+
    args[i] = calloc(1,strlen(argv[i]));
+
    if(args[i] == 0)
+
      exit(1);
+
    strcpy(args[i], argv[i]);
+
  }
+
  return execv(EXEC, args);
+
}
+
}}
+
 
+
compile them using <code>gcc kde4.c -std=c99 -o kde4</code> and <code>gcc kde3.c -std=c99 -o kde3</code>.
+
Copy them to system folders:
+
{{Command|name=copying wrappers|output=cp kde3 /opt/kde/bin/fileshareset
+
chown root:root /opt/kde/bin/fileshareset
+
chmod u+s /opt/kde/bin/fileshareset
+
cp kde4 /usr/lib/kde4/libexec/fileshareset
+
chown root:root /usr/lib/kde4/libexec/fileshareset
+
chmod u+s /usr/lib/kde4/libexec/fileshareset
+
}}
+
 
+
==== Configure KDE ====
+
Right click any folder in your home directory and select Properties. Go to Share tab and click 'Configure File Sharing...', you'll be asked for root password.
+
(alternatively run <code>kcmshell4 fileshare</code> as root)
+
 
+
In the dialog you need to select checkbox near "Enable Local Network File Sharing".
+
Check radiobutton besides 'Advanced sharing', unselect NFS sharing, check 'Simple sharing' again.
+
 
+
Click 'Allowed Users' and select the second option -- 'Only users of a certain group are allowed to share folders'. Click 'Choose group...'. Create new group, call it <code>samba-share</code>, don't check any checkboxes in the dialog, click OK. In the new window add yourself to the group and all the other users you may want. Click OK.
+
 
+
Click OK in the main dialog.
+
 
+
Log out, log back in.
+
 
+
==== Share a folder ====
+
When the file sharing is configured you will see a new radio button on the Share tab -- Shared and Not shared. Change position to Shared, click OK. On the shared folder should appear now a small globe to indicate that it is shared.
+
 
+
=== Configure advanced file sharing in KDE4 using Samba ===
+
 
+
Work plan:
+
# install packages
+
# configure samba
+
# configure <code>sudo</code> and <code>kdesu</code>
+
# configure KDE side of things
+
# share a folder
+
 
+
Packages we will need:
+
* {{Package Official|kdebase-dolphin}} this is the interface we will use to share folders
+
* {{Package Official|samba}} for the server that will share files
+
* {{Package Official|kdenetwork-filesharing}} for System Settings File Sharing part
+
* {{Package Official|kdebase-runtime}} basic KDE workspace (but if you're reading this, chances are you already have it installed)
+
* {{Package Official|sudo}}
+
 
+
==== Installing requisites ====
+
Install all packages and their dependencies:
+
 
+
{{Codeline|pacman -S kdebase-dolphin samba kdenetwork-filesharing kdebase-runtime sudo}}
+
 
+
Log out and log in again (kdelibs3 are in non standard place and so the <code>PATH</code> must be updated)
+
 
+
==== Configuring samba ====
+
A basic config file works OK, though you'll need to create Samba users (with <code>smbpasswd -a &lt;user name&gt;</code> as root):
+
{{File|name=smb.conf|content=[global]
+
workgroup=HOME
+
server string = Samba Server
+
log file = /var/log/samba/&m.log
+
max log size = 50
+
load printers = No
+
dns proxy = No
+
 
+
[homes]
+
comment = Home Directories
+
read only = No
+
browsable = No
+
browseable = No
+
}}
+
 
+
Alternatively you can configure samba with <code>security = share</code> and add <code>guest account = &lt;your user name&gt;</code> to get an anonymous Samba server
+
 
+
Remember to add samba to <code>DAEMONS</code> in <code>/etc/rc.conf</code> if you want it to start at boot time.
+
 
+
==== Configure sudo ====
+
as root run <code>visudo</code> (it uses editor defined in <code>$EDITOR</code> or <code>$VISUAL</code> variables) and add line:
+
{{File|name=/etc/sudoers|content=...
+
&lt;your user name&gt; ALL=(ALL) ALL
+
}}
+
this will allow you to run all programs with <code>sudo</code> using your own password.
+
 
+
Run this command to change default super user command:
+
{{Codeline|kwriteconfig --file kdesurc --group super-user-command --key super-user-command sudo}}
+
 
+
==== Configure KDE ====
+
Right click any folder in your home directory and select Properties. Go to Share tab and click 'Configure File Sharing...', you'll be asked for your sudo password.
+
(alternatively run <code>kcmshell4 fileshare</code> as root)
+
 
+
In the dialog you need to select checkbox near "Enable Local Network File Sharing".
+
Check radiobutton besides 'Advanced sharing', unselect NFS sharing.
+
 
+
Click 'Allowed Users' and select the second option -- 'Only users of a certain group are allowed to share folders'. Click 'Choose group...'. Create new group, call it <code>samba-share</code>, don't check any checkboxes in the dialog, click OK. In the new window add yourself, root to the group and all the other users you may want. Click OK.
+
 
+
Click OK in the main dialog.
+
 
+
Log out, log back in.
+
 
+
==== Share a folder ====
+
When the file sharing is configured you will see a new checkbox in the Share tab: 'Share this folder in the local network'. Select checkbox beside 'Share with Samba', give the share some meaningful name and decide whatever it should be writable or not.
+
 
+
'More Samba Options' button lists all possible Samba options that can be applied to a share, so it's quite comprehensive.
+

Revision as of 00:07, 1 March 2010

just my personal scrapbook

Configuring Samba Domain/File server.

What we want

  • save and share files (duh)
  • edit files/folders ACLs to the maximum extent possible for Samba
    • mapping of permission inheritance
  • save file attributes (archive, system, hidden, read only) on samba server without screwing UNIX permissions
  • have the ability to manage users/computers in domain without the need to use UID 0 (root) account