My Linux Book > Networking > Samba
Samba
Prev  Chapter 8. Networking  Next

Samba

Since Samba uses Common Internet File System (CIFS) it does not just bring Windows PC's into a Linux network but also other devices as Android.

The how-to is a complete book https://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf. There is also https://www.samba.org/samba/docs/Samba3-ByExample.pdf

A kernel with SMB3 the successor of the Common Internet File System (CIFS) Network File System support is required.

For Gentoo https://wiki.gentoo.org/wiki/Samba and https://wiki.gentoo.org/wiki/Samba/Guide

Once emerged the samba daemons: nmbd dealing with names and smbd that does the connections need to be started for OpenRC: rc-update add samba default

The configuration is in /etc/samba/smb.conf and can/should be verified with testparm

testparm -v -s returns all the global parameters without prompt for the dump

Logfiles are in /var/log/samba

smbclient -L localhost to test the samba sever with the samba client on the servers machine. Ignore the login to login as Anonymous or do smbclient -L localhost -U% meaning no username and password and therefore working at guest.

smbpasswd -a samba is used to give the user samba password. Without samba passwords access user home directories fail.

smbd -b shows among many other things where the different files are

Finally there is also smbstatus

Samba users

As regular user a samba password is required smbpasswd -a <username>. With the samba passwords smbclient -L localhost will have a sharename for the users home directory.

There is a high chance that there is a issues with user names and passwords between Linux machines and especially Windows. It is therefore recommended to test the samba Linux server using a Linux client on the same machine as the server runs.

The following entry in /etc/samba/smb.conf declares unknown users as guests: 

[global]
map to guest = bad user

Important to know is who is the guest: testparm -v -s | grep "guest account" a username is returned that should exist on the machine. To have samba as guest user create first its account

useradd -m -G users -s /bin/bash samba then add to /etc/samba/smb.conf 

[global] 
guest account = samba

Samba Linux clients

Samba Linux Clients can be used to test samba in the Linux world before start working on Windows.

It also can be used to among Linux machines as a NFS alternative and finally there is support in android.

If the two usernames (=sharenames) are the same, the users home directory on the samba server can be accessed by the client as: smbclient //192.168.1.8/<username>

If the sharename is public Linux clients can access it as smbclient //192.168.1.8/public

A prompt appears were help list the commands, cd, ls lets browsing in the share names directory (a default might be /home/samba/public)

mount.cifs //192.168.1.8/public /mnt/samba/ -o guest mounts it

umount /mnt/samba un-mounts it

mount.cifs //localhost/<username> /mnt/samba -o username=<username>, password=<password>, will mount the users home directory.

Important

Passwords usually contain special characters a $, those characters need to be escaped as \$

Samba Windows clients

Web Service Discovery

Web Service Discovery makes the samba PC appear as icon in windows under network. Additionally all shares and printers appear in the gui. Since this is state of the art, it is recommended to install it under Linux.

wsdd is a Web Service Discovery https://github.com/christgau/wsdd.

It does not come with Gentoo, however there is a ebuildhttps://github.com/christgau/wsdd-gentoo that has a samba useflag.

rc-update add wsdd default for OpenRC

Windows Network Drives

Adding a share is straight forward, just adding ip address and sharename \\192.168.1.8\public as network drive or network address.

The Linux username and samba Passwords must be provided. Windows 10 allows to use different usernames and passwords to connect the share so not username and password conversion is required on the Linux side.

Also shell commands can mount C:\> net use m: \\192.168.1.8\public will create a M: drive

C:\> net use shows the drives

C:\> net use \\192.168.1.8\public /delete unmounts it

Postscript Printers

One way for printing from Windows is that windows uses a Postscript Printer driver since this is (was before PDF replaced Postscript) the standard way for cups, cups then converts it (to the printer manufacturer specific commands).

PostScript or PS got enhanced to EPS and then PDF. PPD (PostScript Printer Description file) is a file containing information about a particular PostScript print device’s capabilities and restrictions.

This allows also to test first the CUPS printers on Linux machines first without using samba.

Then samba can be configured.

Printing goes into a samba queue that is typically: 

path = /var/spool/samba

samba then takes this and passes it to the cups queue (default /var/spool/cups)

mkdir /var/spool/samba to create the queue

chown root.root /var/spool/samba to make it for root

chmod a+twrx /var/spool/samba to get access

smb.conf file

[global] 
   printing = cups
   printcap = cups
[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes
   public = yes

Microsoft uses the PS Class Driver for PostScript printers. A network printer using the Linux server address and CUPS printer name as 

\\192.168.1.8\Deskjet_F2200

has to be added in Windows.

https://wiki.gentoo.org/wiki/Printing

Windows printer

On the Linux server a printer with the manufacturer raw is added. Cups passes then everything received directly to the printer hardware. On the windows side the correct windows driver must be installed.

Winbind

Samba comes with a third linux server daemon winbindd. This Name Service Switch daemon is for resolving names from NT servers as domain users and groups. Under Gentoo there is winbind useflag

WebDAV

Distributed Authoring and Versioning (WebDAV) is an extension to the HTTP-protocol to be used to access data from the web using a file manager. The file managers use Protocol specifiers as webdav:// dav:// davs://

cadaver

cadaver is a command line toot to access it. cadaver <url> opens in a prompt.

dav:/> help shows the commands

gets <filename> downloads it and put <filename> uploads it from the local folder

davfs

davfs2 is a tool that can mount dav and therefore the data is accessed as any other data in the filesystem

As root

mount -t davfs https://webdav.<more of the url><mount point/dav/>

For regular users add them to the davfs2 group: gpasswd -a <username> davfs2

WebDAV as regular user

Add a line to /etc/fstab

echo 'https://webdav<more of the url><mounting point/dav> davfs rw,user,noauto 0 0' >> /etc/fstab

Then as user:

mkdir -p ~/dav

mount ~/dav

This requires username and password. To have this automated add to ~/.davfs2/secrets

<mounting point/dav> <dav-username> <dav-password>

Check that just the owner has read access chmod 600 ~/.davfs2/secrets

WebDAV and auto mounter

Edit the global secrets /etc/davfs2/secrets 

https://<uri to dav> <dav-username> <dav-password>

Then add to /etc/autofs/auto.misc

WebDAV      -fstype=davfs,rw        :https\://<uri to dav>

Important

The https: character needs to be escaped https\:

To have write access to users being in the davfs2 group:

WebDAV       -fstype=davfs,rw,file_mode=664,dir_mode=775,gid=davfs2,uid=davfs2             :https\://<uri to dav>
Prev  Up  Next
Xinetd  Home  USB

Linurs startpage