[SOLVED] Apparently I need lots of help creating a Samba server (Slackware64 13.37)
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Whether or not I get his working, I'll be trying yours next because your (AlienBOB's) method allows for the creation of user-specific shares down the road, and I'd like to keep that option open.
For that you should stick with the 'security = user' option.
To setup a share accessible by <user1> and <user2> but only writable by <user1> you can have settings like this
Code:
[Myshare]
comment = My shared folder
path = /path/to/share
valid users = <user1> <user2>
read only = yes
write list = <user1>
Also remember that the Linux directory permissions take precedence over the Samba share permissions, so <user1> and <user2> would need to have access to the directory on which the share is mounted.
after, and if it already contains files/folder add a -R to the chown.
if your storage device is fat/vfat/ntfs formatted and you can't change the ownership (but you should also on those filesystem using mount options), you have to mount it with 777 permissions (ntfs-3g already does it).
I plan on having the drive be ext4 (and encrypted, but that shouldn't affect the file system at all)... does it have to be an MS readable/writable format in order for my Windows machines to use it? EDIT: Quick Google search says no, please correct me if this is wrong.
Quote:
Originally Posted by allend
For that you should stick with the 'security = user' option.
That is what is suggested by AlienBOB's method, however I was under the impression that every time I access a share from a Windows computer a user/pass box would come up (and apparently Windows makes storing credentials difficult).
Last edited by spudgunner; 07-10-2012 at 09:50 AM.
Does it have to be an MS readable/writable format in order for my Windows machines to use it?
No - I have Windows machines that write quite happily to shares on ext4 and reiserfs formatted partitions.
Quote:
however I was under the impression that every time I access a share from a Windows computer a user/pass box would come up (and apparently Windows makes storing credentials difficult).
You will need to provide credentials on initial connection. My experience is that Windows caches credentials and that it can be incredibly difficult to get Windows to forget cached credentials!
[QUOTE=spudgunner;4723891]Thanks for all the awesome replies, it looks like I know what I'll be doing when I get home from work tonight!
@slackass: Please don't be offended, but I'll be giving your method a try after I try what ponce posted, only for the fact that his is much less complex. Whether or not I get his working, I'll be trying yours next because your (AlienBOB's) method allows for the creation of user-specific shares down the road, and I'd like to keep that option open. I am going to be leaving out all of the printer-related stuff though. None of my machines have the same host name and there no domain/domain controller to speak of (though I could make one, but I'd rather use dd-wrt that's on my router than the server box). I'm assuming that you use your Samba setup with Windows 7 computers on the network and it's all good (although since security=user still, I imagine you would have dialog boxes popping up on the Windows machines)? One more question, don't the lines
I plan on having the drive be ext4 (and encrypted, but that shouldn't affect the file system at all)... does it have to be an MS readable/writable format in order for my Windows machines to use it? EDIT: Quick Google search says no, please correct me if this is wrong.
no, it's right, ext3/4 will be ok, as they support POSIX ACLs (more on this).
EDIT: ah, missed this
Quote:
Originally Posted by spudgunner
I plan on having the drive be ext4 (and encrypted, but that shouldn't affect the file system at all)
sorry, if I'm not too curious, which is the point of encrypt it if anybody in your network can mount it?
Distribution: Fedora 18, Slackware64 13.37, Windows 7/8
Posts: 386
Rep:
Quote:
Originally Posted by allend
You will need to provide credentials on initial connection. My experience is that Windows caches credentials and that it can be incredibly difficult to get Windows to forget cached credentials!
Actually this isn't entirely true, at least not for professional versions of Windows. There is a Group Policy that manages cached passwords and machines on a domain almost always have the domain policy set to never cache credentials.
I always just create the same accounts on all the machines on the network. As long as user1/password1 exists on the windows machines and the Samba server you don't need to provide a password when connecting to the share.
Also, I wouldn't recommend formatting the disks in NTFS on the Samba server because that relies on the NTFS-Fuse drivers instead of the native linux filesystem. I do, however, format an external USB disk to NTFS as I use that for rsync backups and I want my USB backups readable by any PC.
Also, if you are using this SAMBA server to feed a media center (like XBMC) then I highly recommend setting the guest ok = yes setting on your Movies/TV share. If you do this then you don't need to create an account on the samba for the media center and everyone on the network has read access to your videos (without a password). Media centers should never have write access anyways (some of them like to delete watched videos)
Distribution: Fedora 18, Slackware64 13.37, Windows 7/8
Posts: 386
Rep:
Quote:
Originally Posted by allend
Just goes to show my lack of experience! Thanks for that as it is something for me to look into.
No problem I just checked my notes and here's what I've got:
Disable password caching:
Group Policy -> Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options: Network access: Do not allow storage of credentials or .NET Passports for network authentication
Set to Enabled
This will disable the "remember my password" option from both Internet Explorer and File Shares.
This is the local policy. I can dig around for the domain policy if you'd like?
Also, I wouldn't recommend formatting the disks in NTFS on the Samba server because that relies on the NTFS-Fuse drivers instead of the native linux filesystem. I do, however, format an external USB disk to NTFS as I use that for rsync backups and I want my USB backups readable by any PC.
I never planned on using NTFS for my file server because I know it can cause problems sometimes and isn't native.
Quote:
Originally Posted by thund3rstruck
Also, if you are using this SAMBA server to feed a media center (like XBMC) then I highly recommend setting the guest ok = yes setting on your Movies/TV share. If you do this then you don't need to create an account on the samba for the media center and everyone on the network has read access to your videos (without a password). Media centers should never have write access anyways (some of them like to delete watched videos)
I don't plan on passing movies/TV shows through a media server (unless you count a PS3 as a media server). I'm actually looking to do this without creating any accounts for the purpose of Samba shares right now (although this will probably change in the future as I become more familiar with Samba). Ideally, I would like my wife's PS3 to be able to access the share for TV/movies, but (at least in my experience) the PS3 is a real pain to deal with and I hate it, so I won't count it as a loss if it can't read the Samba share.
It's really such a shame that the XBMC was born from the original XBOX and Microsoft did such a pitiful job copying it. XBMC is an absolute masterpiece though, especially coupled with SickBeard PVR, CouchPotato, and Headphones.... but I digress..
Back to business, to open the server up read-only just take a vanilla Slackware installation (be sure to enable Samba server when the Slackware installer asks you what services to start or just chmod +x /etc/rc.d/rc.samba).
Then edit /etc/smb.conf and add a definition like this:
Code:
[Video]
comment = Video Server
path = /media/share/disk2/Videos
read only = No
create mask = 0775
guest ok = Yes
Ensure no obvious errors occurred:
Code:
testparm
# if all is ok, restart samba
/etc/rc.d/rc.samba restart
In windows do: Start > Run > \\IpAddress
And you should see the share. You can't write to it yet. Once you get here, we can walk through creating samba users and mapping them to local Linux users. At this stage you'll also want to enable ACLs so all your users can read, write, and delete all the files (instead of constantly having to chmod or apply suid bits)
Man guys, all this awesome help and I haven't had time to actually do anything yet, it makes me feel bad. I'm going to do my best to get this thing working this weekend.
Just got the very basic server working with Ponce's config advice, thanks to all those who helped! I'm marking the thread as solved, but I'll probably be back looking on how to create a server that's a little more advanced (multiple shares based on users, etc). Thanks a ton guys!
I've written a short (four page) documentation about Samba. This is actually the configuration I use when installing a server for clients (not the machines, but the real people clients). It's taken quite some RTFM and experimenting, but right now it works perfectly. It's in French and it's written for Debian, but the smb.conf is distro-agnostic. I've attached it here, since it's in PDF format. Heavily inspired by AlienBOB and book authors Carla Schroder and Michael Kofler.
No problem I just checked my notes and here's what I've got:
Disable password caching:
Group Policy -> Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options: Network access: Do not allow storage of credentials or .NET Passports for network authentication
Set to Enabled
This will disable the "remember my password" option from both Internet Explorer and File Shares.
This is the local policy. I can dig around for the domain policy if you'd like?
You can also manage stored passwords on windows by doing the following.
Open "run" and enter "control userpasswords2"
That'll bring up a window, hit the advanced tab and choose "Manage Passwords"
You'll be able to manage (edit|add|delete) the user/pass combo for each machine.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.