Samba
From TheBeard Science Project Wiki
packages:
samba
samba-client
samba-common
system-config-samba
samba-swat
cifs-utils
daemons:
smbd - samba daemon (sometimes called smb)
nmbd - netbios daemon (sometimes called nmb)
configs:
/etc/samba - samba config location
/etc/samba/smb.config - samba config file
other:
selinux may block samba
getsebool -a|grep samba - shows all rules which need to be set to "on"
setsebool <rule> on
commands:
smbpasswd -a <sys-username> - add user as samba user
smbclient //<server>/<share> - connect to samba server using ftp-like interface
-L - list shares available on server
-U <user>
-N - no password
-M - send message to windows machine. also accepts from stdin (ie echo "hello"|smbclient -M host_name)
config file:
global arguments:
[global]
usershare allow guests = no - whether user can allow guests on their shares
case sensative = no
workgroup = WORKGROUP
guest account = nobody
server string = This is a greeting or version message.
encrypt passwords = yes
smb passwd file = /path/file (default: ${prefix}/private/smbpasswd
smb ports = port port (default: 445 139)
socket address = 10.0.0.1 - listen address
interfaces = eth* lo
dns proxy = no - forward unregistered netbios names to dns server
disable netbios = no - denies windows machines
panic action = "/path/script" - action to take when smbd or nmbd crashes
security = user
user - require logon
share - not require logon
client signing = mandatory
server signing = mandatory
share arguments:
[sharename]
path = /dir/path
comment = COMMENT
browseable = yes - makes share visible
read only = no
readable = yes
writable = yes
guest ok = no
guest only = no - only allow guests
guest account = nobody
public = no - same as guest ok
-valid = yes - use to turn share on and off
valid users = user user @group
invalid users = user user
group = group group
host allow = host host
host deny = host host
user = user,user - non-smb users
only user = yes - only allow users under "user"
read list = user user - users with read only access
hide dot files = yes - hides files beginning with a dot
hide files = file1 file2 - list of files or folders to apply the dos hidden attribute to
printable = yes
printer name = name
printing = cups - use if printer is not locally attached
cups server = <addr>:<port>
max print jobs = <#> (default: 1000)
create mask = 0700 - default maximum permissions for files created in share
directory mask = 0700 - default maximum permissions for directories created in share
force create mask = 0700 - forces permissions for files created in share
force directory mask = 0700 - forces permissions for directories created in share
force group = group for things created in share
force user = user for things created in share
follow symlinks = yes
hide dot files = yes
hide special files = yes
hide unreadable = yes
hide unwriteable files = no
root = /chroot/dir
smb encrypt = disabled/auto/mandatory - encrypt session
max connections = <#>
max disk size = <#>
max open files = <#>
max print jobs = <#>
preexec = <command>
postexec = <command>
root preexec = <command> - run as root
root postexec = <command> - run as root
example (public):
[global]
security = share
workgroup = WORKGROUP
guest account = nobody
map to guest = bad user
[share]
path = /path/share
browseable = yes
read only = no
guest ok = yes
example (secure):
[global]
security = user
passdb backend = tdbsam
encrypt passwords = true
smb encrypt = yes
smbpasswd file = /etc/samba/smbpasswd
workgroup = WORKGROUP
guest account = nobody
map to guest = bad user
[share]
path = /path/share
browseable = yes
read only = no
guest ok = no
valid users = user1 user2
example (public/secure):
[global]
security = user
passdb backend = tdbsam
encrypt passwords = true
smb encrypt = yes
smbpasswd file = /etc/samba/smbpasswd
workgroup = WORKGROUP
map to guest = bad user
[Public]
comment = Public folder.
path = /home/winter/Public
read only = no
guest ok = yes
available = yes
browsable = yes
public = yes
writable = yes
[Private]
comment = Private folder.
path = /home/winter/Private
available = yes
browsable = yes
public = no
writable = yes
users = winter
