20130204

install samba on debian based systems

A quick how-to for a samba file server on a debian based system ( ubuntu , Xuntu , etc )

Samba is a great collection of software that enables most unix systems to run file and printing sharing services for windows and *nix clients.

Install Samba

# apt-get install samba


The configuration is in /etc/samba/smb.conf

This is what I usually change on simple installations

workgroup = WORKGROUP 
##default NT domain name ,g0
server string = %h ashare  
##share name ,g0
interfaces = 192.0.2.22/32 
## IP the samba server binds on  , g0
log file = /green/log/samba/log.%m 
## log , g0
security = user 
##g0


An example share , usually put on the bottom of /etc/samba/smb.conf
[share]          
    comment = Share   
    path = /green/samba/share  
    browsable = yes   
    guest ok = no   
    read only = no   
    create mask = 0755   


Create the share.
#mkdir -p /green/samba/share
#chown -R nobody.nogroup /green/samba/share


Add a system and samba user.
# wget http://kod.ipduh.com/lib/adduser.sh
# chmod 700 adduser.sh
# mv adduser.sh /bin
# adduser.sh 
Add User:
Enter GROUPID     : 3000
Enter GROUPNAME   : samba-user
Enter USERID      : 3000
Enter USERNAME    : samba-user
Enter USER HOME DIRECTORY ( Or hit enter for /home/samba-user ):              
Enter USERSHELL   : /usr/bin/nologin
Enter USERCOMMENT : 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

...

# echo "/usr/bin/nologin" >> /etc/shells 


Create a samba-password for the samba-user
#smbpasswd -L -a samba-user
New SMB password:
Retype new SMB password:
Added user samba-user.


Adjust ownership
# chown -R samba-user.nogroup /green/samba/share/


Restart daemons.
# /etc/init.d/smbd restart
# /etc/init.d/nmbd restart


Firewall holes:
allow incoming udp on ports 137 and 138
allow tcp on ports 139 and 445
eg:
# iptables -A INPUT -p udp --dport 137 -i lan0 -s 192.0.2.0/24 -j ACCEPT
# iptables -A INPUT -p udp --dport 138 -i lan0 -s 192.0.2.0/24 -j ACCEPT
# iptables -A INPUT -p tcp --dport 139 -i lan0 -s 192.0.2.0/24 -j ACCEPT
# iptables -A INPUT -m state --state NEW -p tcp --dport 139 -i lan0 -s 192.0.2.0/24 -j ACCEPT
# iptables -A INPUT -p tcp --dport 445 -i lan0 -s 192.0.2.0/24 -j ACCEPT
# iptables -A INPUT -m state --state NEW -p tcp --dport 445 -i lan0 -s 192.0.2.0/24 -j ACCEPT


Configure some clients:

on a Debian or Ubuntu Desktop try Places->Network->Samba_Host->share ... put your credentials

on a Windows Desktop try Network Places -> View Workgroup Computers -> Samba_Host ... click on the share & put your credentials

Test & Debug -- *nix -

List the share on a remote host
$ smbclient -U samba-user -L 192.0.2.22
Since we have it, let 's use it from *nix hosts too.

Mount a Samba Share on a *nix Machine
$ id
uid=9920(diesel) gid=9920(diesel) groups=9920(diesel)
#sudo mkdir /ares_share
#sudo chown -R diesel.diesel /ares_share
#sudo mount -v -t cifs //192.0.2.22/share /ares_share -o username=samba-user,password=opensesami,iocharset=utf8,file_mode=0777,dir_mode=0777,uid=diesel




Install Samba Debian GNU Linux