Samba in the Home and Office
Linux users consistently experiment, finding uses for Linux far beyond what was even thought of five years ago, when Linux itself was an experiment. For many users, Linux has been far more than just another Unix clone; people want something extra. The fact that Linux comes with networking built in, including all the tools needed for connecting to the Internet, makes it easy to pick Linux. The decision is not based on the pure cost of Linux (negligible), the decision is based on the vast amount Linux enables you to do with your PC.
With a small investment (or perhaps just rearranging hardware), you can have a complete home network with two computers, even if only one of the computers runs Linux. Linux is also a good network server for an office, and setting up a home network can give you the experience you want to set up an office network.
I didn't know Samba even existed until a friend showed me his Linux drives on his WFWG 3.11 file manager. He showed me that he could copy files back and forth just as if the Linux drives were local. What he built was a small home LAN that consists of 2 computers. He wanted Samba installed on his main Linux server so that his kids could run large programs on the server, without having to take up limited hard drive space on their machine.
The home LAN installation was easy. The sources compiled “out of the box,” and the default settings for the installation were used:
/usr/local/samba/bin for binaries /usr/local/samba/lib for configuration files /usr/local/samba/locks for samba locks /usr/local/samba/man for samba manpages /usr/local/samba/var for samba logs
Some Linux distributions come with Samba included, in which case /usr/bin/, /var/samba/, and /usr/man are more likely places for files, and the configuration file is usually kept in /etc/smb.conf.
A basic configuration file (which defaults to /usr/local/samba/lib/smb.conf) would consist of some basic entries like [global], [printers], and [homes]. These specify global configuration details that describe the environment, printers that are available to clients, and user-specific home directories. You also create your own sections for other directories which you wish to export to other machines; see the [dos] entry.
The general structure of a configuration file is like that of a Windows .INI file, with sections of statements, and comments on lines of their own that start with ; characters.
;---------------------------------------------- ; Service(s): [globals] [homes] [printers] ;---------------------------------------------- [globals] status=yes printing = bsd guest account = dos browseable = yes lock directory = /usr/local/samba/locks domain master = yes os level=33 [homes] comment = Home Directories guest ok = no read only = no browseable = yes [printers] comment = All Printers path = /usr/spool/public printcap name = /etc/printcap printable = yes public = yes writable = no create mode = 0700 browseable = yes load printers = yes [dos] comment = Dos public directory path = /g/dos public = yes writable = yes printable = no guest ok = yes
This configuration file allows Samba to serve a printer, a shared directory, and home directories to network clients. There must be a user named “dos” in the /etc/passwd file with no password or a known password (and preferably /bin/false for a shell, at least if there is no password) in order to have a “world shared” directory, as shown in the [dos] section. Make sure the directory (in this case, /g/dos/) is owned by this user “dos”.
If you want more explanation of this file, use man smb.conf.
At boot time, /usr/local/samba/lib/rc.samba starts the smbd and nmbd daemons and has them wait for client connections. I run them as daemons because I want some extra speed when I issue a request from Samba.
A normal /usr/local/samba/lib/rc.samba file looks like this:
#!/bin/sh PATH=/usr/local/samba/bin:$PATH smbd -D -d1 nmbd -D -d1 -G MY_WORKGROUP \ -n THIS_MACHINE_NAME
For both smbd (the file and printer server daemon) and nmbd (the nameserver daemon), the -D option says to act as a daemon, working in the background. The -d1 says to be a little more verbose than usual with debugging messages; you will probably want to remove that once your network is stable. The -G option specifies the netbios group (or lanmanager domain) that the computer should be part of, and the -n option can be used to specify the name of the server on the network; if it is ommitted, the server's normal hostname is used instead.
Some people disagree with running the Samba daemons as daemons that are always running in the background, and prefer to run them from inetd. This gives slower network response, but if demand is light it reduces load on the server. The basic entry in the /etc/inetd.conf file that comes with most distributions is:
netbios-ssn stream tcp nowait root /usr/sbin/smbd smbd netbios-ns dgram udp wait root /usr/sbin/nmbd nmbd
You obviously have to provide the correct path to the binaries to have them called via inetd.
On the client end, whether it is running WFWG 3.11 or Win95, TCP/IP should be the default protocol. Each machine that has services should show up in browse list. To connect to the dos shared service on the Samba server, you could just use the basic net command.
c:\> net use d: \\MACHINE_NAME\dos password : XXXXXX
This would be sufficient for a small LAN that needs to share a couple of home dir's and a printer. Make sure there is a valid /etc/printcap file with proper entries for your printer; setting up standard Linux printing is beyond the scope of this article. You can do man printcap for additional information on the syntax this file requires, or read the Linux Printing HOWTO which provides much more detailed information on printing setup.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Humble Hacker?
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide