Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm in the process of building a ZFS NAS with 4 x 2TB disks, and am having difficulty setting up an OS.
- (Reasonably) easy to set up
- Support for Microsoft Active Directory integration
- GUI prefrable but not necessary (I will have non-command-line people who might need to administer the system)
Which OS is best? I was thinking Solaris 10 but that doesn't meet my last requirement. NAS OSes such as FreeNAS/Openfiler cannot be used because FreeNAS has no support for AD Integration, and Openfiler has AD integration but has no ZFS support.
The reason I need AD integration is to make my life easier. Also, I have about 40 Windows XP / 7 systems that are headless and run 'automatically', which will need to access this ZFS RAID volume once I set it up with samba.
Is there something out there that meets all my requirements?
At the VERY least, I need to share the ZFS RAID volume with 'full access' to all users that can access it (i.e. read/write/execute to all users without having to type a password in).
Click here to see the post LQ members have rated as the most helpful post in this thread.
For ZFS, your best choice is Solaris. The Linux ZFS ports aren't ready for real use yet, and last I heard, the FreeBSD ZFS port was missing many features.
Solaris does, too, meet your last requirement if you use the included Solaris Web Console and ZFS Administration applet. You use it via your browser. Screenshot: http://i.imgur.com/YckTz.png
There should be a way to accomplish what you're trying to do with a few Operating Systems;
Active Directory Integration:
This depends on the level of integration you need. For example, if you just need to make sure that Windows users can use the shares you setup, then every *NIX version supports Samba. Samba can be configured to pass authentication off to an Active Directory domain controller.
Bear in mind that this also depends on just how your Active Directory domain is setup. If it's running off of a set of Windows 2008 R2 (or 2003) servers, then certain compatibility options will need to be enabled on your Domain Controllers in some cases.
If you need full-blown "Active Directory"-based Identity Management, then you can either take a look at the many documents available that describe how to do this for Solaris 10 and certain Linux distributions (note: this route is much harder, even with certain commercial implementations of Active Directory integration, such as Centrify).
ZFS Filesystem Support:
I'm sure you're aware that certain Operating Systems have "Experimental" or just buggy implementations. The de facto Operating System you would want to go with in any Production or Business-critical environment would be Solaris 10's current release (fully patched, of course). I would also strongly recommend shelling out for a support contract, but that depends on how much $$$/hour you would lose if the server was down for a day.
GUI NAS Administration:
This depends. You mentioned this is not a hard-requirement. However what are your planned needs? Is the GUI for a System Administator, or does it need to be something more "user-level" (e.g: Does it have to prevent outright silly things from happening, like sharing root ( / ) or /var?)
"Alternative" Suggestion:
If you don't have a nead for a "one filesystem per share" type of setup (for example, if simple quotas would help you out. Might I suggest a two-server tactic? a) A Solaris 10 server doing the ZFS, but exporting one or two big filesystems via iSCSI or NFS. b) A "Hosting" server, that mounts up the filesystems, shares them out, and does the Active Directory authentication for users accessing the shares.
(Note that you would want to have both of these systems relativly close together, just to minimize any chance of outages disrupting service.)
With all that said, here's something that might appeal to you;
Solaris10 ZFS Support: Built-in. AD Support: Depends on the level of "Active Directory Integration" you need, and how your AD domain is setup (see above). GUI: There's always "webmin" for the SysAdmins.
Thanks for the replies. Decided that the GUI / AD integration isn't important.
What IS important is to create and share a ZFS array over the network for everyone to access, (Windows 7 / Windows XP Desktops) without entering a password. This is possible, right?
Just got Solaris 11 Express installed. I'm pretty good with linux, but a newb to Solaris. Some commands are similar but most arent - I don't suppose anyone knows of a guide that will guide me through installing and setting up samba? I know how to create the ZFS array already.
What IS important is to create and share a ZFS array over the network for everyone to access, (Windows 7 / Windows XP Desktops) without entering a password. This is possible, right?
Yep! Just need Samba (correctly) setup on your server, and you'll be good to go!
Quote:
Originally Posted by brokenpromises
Just got Solaris 11 Express installed. I'm pretty good with linux, but a newb to Solaris. Some commands are similar but most arent - I don't suppose anyone knows of a guide that will guide me through installing and setting up samba? I know how to create the ZFS array already.
Samba guides all pretty much apply to any *NIX. There's a few non-samba things you need to know about Solaris, though;
1) Services are started/stopped by the "Service Management Facility" (think "inetd on acid")
Read the manpages for "svcs" & "svcadm" 2) Solaris 10 and up has both "run levels" and "milestones".
Do "svcs -av | grep -i milestone" to get an idea of what you're looking at, then read up on the man pages for the milestones. 3) "killall" does not do the same thing in Solaris that it does in Linux! Don't run it! (read the man page) 4) The root account in Solaris does not have a separate home directory (/root), like it does in Linux.
Make one on your first boot. Go directly to the command-prompt and edit the /etc/passwd file, then create a /root. 5) The shutdown command behaves differently, check the man page. Examples:
To reboot in 60 seconds:
shutdown -i6 -g 60 -y "Message to users about the reboot"
To shutdown in 10 minutes:
shutdown -i0 -g 600 -y "Message to users about this shutdown" Note: When the shutdown command is used, it touches (creates) /etc/nologin. Users get the text in your message, and then are thrown off the machine.
Thanks for that! Enabled ssh via svcadm and it's all up and running now. I created a root user during the install, and also created a 'standard' user - now I can't login as root, but I CAN su to root as the normal user I created then do root level stuff.
Now I'm trying to figure out how to install Samba. Is there a package management system such as apt or yum? (Here's me hoping I can get samba installed with a single command )
now I can't login as root, but I CAN su to root as the normal user I created then do root level stuff.
If you're talking about ssh'ing into the system as root, that's not permitted. You can check your sshd_config and change that if you really want to...
Quote:
Originally Posted by brokenpromises
Now I'm trying to figure out how to install Samba. Is there a package management system such as apt or yum? (Here's me hoping I can get samba installed with a single command )
You can, that would be BlastWave.org you're looking for. There's a howto on the website, and a list of mirrors you can configure.
They use "pkgutil", similar to "yum" or "apt-get".
P.S: You're going to want to make sure /opt has a lot of space available. Everything from BlastWave.org usually installs in /opt/csw. Also, if you don't like the automated coolness, you could hit sunfreeware.com and play dependency-hell.
Last edited by xeleema; 01-29-2011 at 08:21 AM.
Reason: added P.S
Thanks! Got pkgutil installed, it's great. Also got samba installed. I found this guide to setting up the samba shares.
With the file sharing, looks like I have to set ACLs.
My understanding is, I have to first 'add' the user to the Solaris system (useradd), THEN set the ACL - this will mean that they need to log in before they can get access to the shares? I've got ~40 headless/keyboardless boxes, so this definitely isn't an option. I want to set it up so that you can just type \\HOSTNAME\SHARENAME and bam, you're in, and have full permissions.
Thanks! Got pkgutil installed, it's great. Also got samba installed.
Awesome! It's pretty slick, eh?
Quote:
Originally Posted by brokenpromises
I found this guide to setting up the samba shares. With the file sharing, looks like I have to set ACLs.
Only if you're letting people access the Solaris server in the first place. Even then, ACLs are probably overkill.
Quote:
Originally Posted by brokenpromises
My understanding is, I have to first 'add' the user to the Solaris system (useradd), THEN set the ACL - this will mean that they need to log in before they can get access to the shares?
Nope. You can setup access that's either "dead simple" (where anyone could delete/overwrite anyone else's data), "kinda complex" where it'll limit which server can access which shares, or "complex" where you can break things down Windows-user by Windows-user.
None of those options involve people logging into the Solaris system.
Quote:
Originally Posted by brokenpromises
I've got ~40 headless/keyboardless boxes, so this definitely isn't an option. I want to set it up so that you can just type \\HOSTNAME\SHARENAME and bam, you're in, and have full permissions.
Yep, that's possible with Samba.
Quote:
Originally Posted by brokenpromises
How do I do that?
Well lemme give it a spin;
First, this all depends on how your Windows "environment" is setup. Do you have an Active Directory domain, or is everyone in a "WorkGroup"?
SWAT
Samba comes with a web-based configuration tool. As this can be a bit of a security risk, most packages don't enable it by default.
Check here for details on the GUI.
ProTIPs:
So samba's installed. But there's a few utilities you need to know about;
testparm
This lil guy will parse your smb.conf and let you know if something really retarted is in there (basically, if there's syntax errors).
It will also output all of the settings that are left at their default values (stuff you didn't specify directly in the smb.conf file).
smbstatus
This will tell you who's accessing what. Pretty handy if you want to find out if anyone/anything is using the service before you restart it.
Make sure your Windows boxen aren't "Mapping" drives unecessarily. "Mapping" drives is great for lUsers who can't remember share names, but if you're just doing automated stuff, put the UNC paths (the "\\servername\sharename" address is a UNC path) in your scripts.
Don't rely on drive letter mappings in your Windows world when you have automated things running. Stuff just *breaks* (and "Mappings" hold shares open when you run smbstatus, even though they're not "in use").
I've never seen anyone use "zfs set sharesmb=name=share,guestok=true storage/renders"
Shares should be defined in your smb.conf....bear in mind I don't use "OpenSolaris" or "Solaris Express", so they may have some additional (experimental?) features that you're trying to use.
Undo what you did there and stick with the samba you pulled down from BlastWave.org for now (I'm not sure if the "builtin" samba support does SMBv2, which newer versions of Windows need).
Do a quick search for us, too;
find / -name "*smb.conf*" -exec ls -l {} \; 2>/dev/null
It seems like the "Solaris Express" download of yours already came with samba (/etc/sfw is a dead givaway the "Solaris Companion" has been installed).
Lemme explain the conf files you have
/etc/opt/csw/samba/smb.conf
/etc/opt/csw/samba/smb.conf.CSW (<- Example configuration file, don't edit)
/opt/csw/share/man/man5/smb.conf.5
This is the blastwave stuff (/opt/csw & /etc/opt/csw, and maybe /var/opt/csw should be the only places you see Blastwave.org stuff)
/etc/sfw/smb.conf
This is from the "Solaris Companion", maybe that comes with a full-blown "Solaris Express" install...I'm not sure (I shy away from the "Beta" stuff).
/usr/kernel/drv/nsmb.conf
This is a kernel driver configuration file. Probably has nothing to do with samba. You can ignore this one.
Okay, run the following command and see what you get;
svcs -av | egrep -i "samba|smb|nmbd|winbind|csw"
Most BlastWave services have "CSW" (or "csw") in the name. If you see two samba daemons running, we have to decide on which one you want to use.
I would go with the BlastWave stuff personally. It's a snap to update it, and typically doesn't blow your configuration files away when you do.
You are editing the correct file, however I'm not so sure you're restarting the right service.
The config file you added [Renders] to is for BlastWave, so you'll need to search for (and disable) any non-BlastWave samba service.
By the way, add this to your global;
Code:
hosts allow = 127.0.0.1 x.y.z.
(Keep in mind, "x.y.z." would be your IP range for your boxen, like "192.168.1." or "172.16.0." (it's just three octects for me because I run a few private Class C networks)
Mine looks like this;
The directory I want to share is located at /storage/renders
1. Disable built in samba service
2. Install Blastwave
3. Install samba through blastwave
4. Blow away original smb.conf config file located at /etc/opt/csw/samba/smb.conf
5. Create new smb.conf with contents:
Code:
[global]
netbios name = linuxserver
workgroup = WORKGROUP
server string = Public File Server
security = user
map to guest = bad user
guest account = smbguest
[public]
path = /storage/renders
guest ok = yes
read only = no
@brokenpromises
Way to go! That's so good to hear! I really appreciate the mini-howto, too, as I've not used Solaris 11 Expresss myself.
Quote:
Originally Posted by brokenpromises
Also - how does one cehck the amount of free memory on a Solaris Express 11 box?
Okay, this I know; a) The "top" program might come with Solaris 11 Express. If not, BlastWave has it.
b) You can run "prtconf | grep Mem" for the total amount of RAM.
c) "vmstat" will give you the total + usage of RAM:
Code:
luser@lhost(SunOS)$ vmstat
kthr memory page disk faults cpu
r b w swap free re mf pi po fr de sr dd dd f0 m1 in sy cs us sy id
0 0 0 1974568 50960 4 24 1 0 0 0 0 1 1 -0 1 453 384 409 1 2 97
luser@lhost(SunOS)$
d) "prstat -S size" (capital "S")
Kinda like "top" but sorts programs by "size" (check the man page for what "Size" really means!)
Check the UNIX Rossetta Stone for more "How do I do X in Solaris" type things. (Very handy!!)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.