Linux in a Windows Workstation Environment, Part II: Local Network Support
The computer club's Web site is used to publish scheduling information for classes, meetings and presentations. The navigation bar of this site also contains links to some popular sites, including the Web mail sites for AOL, Juno, Hotmail and Yahoo, as well as the search sites for Google and Hotbot. Because this site is used as the home page for all computers in the lab, it is accessed many, many times per day. To reduce bandwidth on the external line, a Web server has been configured to serve a local copy of this site. The effort has been minimal, as we do not use any CGI scripting nor do we need any logging.
By storing the Web content locally, our Web master can edit changing content without connecting to the external site. Each evening cron, the Linux version of the task scheduler, starts a script that produces a list of the Web site files that have been altered within the past 24 hours. It then transfers them to the external site using using the wput command, an indirect way to use FTP. To insure controlled write access to the Web material, it is stored in a password-protected Samba share, to be discussed later.
I use the Apache Web server as the server for our intranet. Although the latest version, 2.0, implements a number of new security features, my initial attempts to use the newest software failed. We use only simple Web pages and have no security issues, as the server is accessed only from the internal network. Therefore, I am using the older V1.3 release. The control file, httpd.conf, can include a large number of parameters; however, only a small number needed to be tailored for my system. The first of these is the server type. Under Linux, the daemon can be triggered by the Internet super daemon, inetd, or it can be started as a standalone program. I chose the latter option.
The next parameter to be configured is the root directory for the configuration, error and log files.
We also specify the IP address and port. If this parameter was not specified, the program would listen on all interfaces. However, I explicitly wish to exclude the external interface but use the standard port.
We also need to specify the directory in which our Web pages are stored, as well as a Directory stanza to allow everyone to access that material.
DocumentRoot "/home/web" <Directory "/home/web"> Order allow,deny Allow from all </Directory>
The combination of local home page serving and the cache-only name server greatly decrease the workstation response time and cut the traffic on the external network. The benefits of each greatly outweigh the minimal effort required to set them up.
To supply file and print services for the Windows workstations, we use Samba. To quote samba.org, "Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients." Using this package, our Linux computer offers printer shares for both printers and three distinct file shares.
The Samba configuration file, which normally is /etc/samba/smb.conf, contains definitions for global parameters in a section named [global]. In this section, I have annotated the parameters defined on our system:
[global] max smbd processes = 40 # one server process for each workstation workgroup = MRLAB # name reported to network browser netbios name = server # NetBIOS name reported by server security = share # needed for guest services to work hosts allow = 10.10.10.0/24 # limit to our network guest account = nobody # the guest has the privileges of this user log file = /usr/local/samba/var/log smb passwd file = /usr/local/samba/lib/smbpasswd max log size = 500 # size in kB preferred master = yes # this machine is master for net domain master = yes # we have no other domain servers deadtime = 5 # no. of minutes till connection expires server string = Samba # name in printer comment box on Windows interfaces = 10.10.10.1/24 # serve only our internal network wins support = No # no Wins name resolution show add printer wizard = yes # Wizard is shown on NT/XP/2K clients max print jobs = 20 # number of simultaneous print jobs printer admin = root # only the superuser can manipulate printers null passwords = yes # we want to have no password for some users load printers = no # do not create shares automatically printing = bsd # BSD-type printing
|Geek Hide-away in Guatemala - Stay for Free!||Nov 26, 2015|
|Microsoft and Linux: True Romance or Toxic Love?||Nov 25, 2015|
|Non-Linux FOSS: Install Windows? Yeah, Open Source Can Do That.||Nov 24, 2015|
|Cipher Security: How to harden TLS and SSH||Nov 23, 2015|
|Web Stores Held Hostage||Nov 19, 2015|
|diff -u: What's New in Kernel Development||Nov 17, 2015|
- Microsoft and Linux: True Romance or Toxic Love?
- Cipher Security: How to harden TLS and SSH
- Non-Linux FOSS: Install Windows? Yeah, Open Source Can Do That.
- Geek Hide-away in Guatemala - Stay for Free!
- Web Stores Held Hostage
- Firefox's New Feature for Tighter Security
- PuppetLabs Introduces Application Orchestration
- It's a Bird. It's Another Bird!
- diff -u: What's New in Kernel Development
- IBM LinuxONE Provides New Options for Linux Deployment