LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   What is the best way to be a file server in Linux? *I'm a newb* (all help welcomed) (http://www.linuxquestions.org/questions/linux-networking-3/what-is-the-best-way-to-be-a-file-server-in-linux-%2Aim-a-newb%2A-all-help-welcomed-460101/)

RZKESP 07-01-2006 05:06 PM

What is the best way to be a file server in Linux? *I'm a newb* (all help welcomed)
 
I would prefer direct Gentoo help, but I believe I can transpond information given in other distributions...

Can someone help me design a small-business file server?

What I have:

Athlon 64 3700+ Clawhammer (939)
Gigabyte iDNA nForce 4 Ultra mobo (default kernel driver)
Integrated ICH5 (GeForce 6100) video card (nvidia driver)
(2) 160gb WD SATAII NcQ drives. (one for file / one for backup)
Intel Pro/1000MT (e1000)

What I have done:
I have set my kernel up to match exactly to what I have... No more, no less. I have setup the basic networking functions to give me the internet so that I can start "building" what I need. The server has been developed to be a server, nothing more.

The O/S is Gentoo 2006.0 (2.6.16-r9) Stage 3 x86_64
The kernel is gentoo-sources (basic/cut-down)
The system has Xorg (so I can do logging with more consoles)

What do I have already on the system:
nvidia-kernel
nvidia-glx
Xorg
gpm
e1000 (NIC drivers)
Putty
pure-sftp
samba
apache2 (for "quick access" webpage)
cupsd (for log printing)


My Questions:


I am sharing amongst Windows and Linux clients, is Samba the best (and only) choice I have to share files in a LAN network?

What should I emerge?

What do I need to do that would help performance as a file server?

What should I do to make it better?

Is their any other packages I should get that could make it a better file server?

Should I encrypt it?

What can I do to the kernel to enhance it's abilites to file serve?

How do I program cron (to backup)?

Should I do something else, did I make a wise choice?

Is their things I should do for my network?

_____

In terms of networking, my computers are on IPCop router. It has a green interface which is the "office" connection. Their is also a blue for wireless... Their is red for WAN... And then I have this server indirectly on an ornage DMZ.

The system goes from NIC (orange) > Netscreen 5GT firewall > To #1 ort > to 5 port switch > server

Is their anything I should change on the network to make it better / faster / more secure?

I use ReiserFS, since it is stable and fast, for the file serving partition.

Is their anything in /etc I should remember to configure?

That is about it...

--thanks in advance

J_K9 07-01-2006 06:36 PM

Quote:

Originally Posted by RZKESP
I am sharing amongst Windows and Linux clients, is Samba the best (and only) choice I have to share files in a LAN network?

Samba is undoubtedly the best solution in a multi-OS network.
Quote:

What should I emerge?
You've already got Samba.. So you should not need to emerge anything.
Quote:

What do I need to do that would help performance as a file server?

What should I do to make it better?
Remove all the packages you do not need (apache, firefox, X, window managers, etc). Run the server in CLI - remove X and your window managers. Only run the services you absolutely need, and samba. Also make sure that you have secured the server properly - I advise Googling for some iptables tutorials to get you started. A good idea might be to start the server on a non-default port above 1023 (like port 5566), and then use iptables to route any incoming packets to port 21 to port 5566 on localhost, and to route all outgoing packets from port 5566 to port 21 on localhost. You could also use Mandatory Access Controls (SELinux springs to mind) to separate your service and to make sure that it only has access to what it needs - that way, if it is exploited, the attacker will not be able to take over the whole system.
pquote]Is their any other packages I should get that could make it a better file server?[/quote]
No, not really.
Quote:

Should I encrypt it?
Do you trust the users on your network? And is your network's internet gateway properly secured? If the answers to both of those are yes, then do not encrypt it. If the answer to either or both is no, then do encrypt it.

I also suggest vsftpd as your FTP daemon, as it has reputation for being more secure than other FTP daemons.. But that is up to you.
Quote:

What can I do to the kernel to enhance it's abilites to file serve?
Not much - unless you want to go hacking your FTP daemon into the kernel to lock it down even more, which I suggest you do not attempt unless you know your way around the kernel and are a skilled C programmer..
Quote:

How do I program cron (to backup)?
'man cron'
'man crontab'

Google cron/crontab tutorials.
Quote:

Should I do something else, did I make a wise choice?
Gentoo is a good server distro. Other options might be CentOS, a distro designed for serving.. Or, even better, Openfiler - a distro designed for exactly what you are trying to do ;)
Quote:

Is their things I should do for my network?
No.
Quote:

Is their anything in /etc I should remember to configure?
TCP wrappers - a whitelist in /etc/hosts.allow would be good. Specify the IP address ranges of your network for your FTP daemon, and that will only allow the users on your network to connect to it.

HTH,

-jk


All times are GMT -5. The time now is 09:33 PM.