| Previous | Table of Contents | Next |
by Jack Tackett
This chapter gives you the information you need to install, configure, and use the Session Message Block (SMB or Samba) protocol services under Linux. With Samba you can
Samba is the protocol used by Microsoft’s operating systems to share files and printer services. Microsoft and Intel developed the SMB protocol system in 1987, and later Andrew Tridgell ported the system to various UNIX systems and then Linux.
NOTE: Microsoft is currently proposing another file sharing standard, called Common Internet File System (CIFS). The standard has been submitted to the Internet Engineering Task Force but CIFS has yet to be widely adopted, including in the Linux development community.
The Samba suite is made up of several components. The smbd daemon provides the file and print services to SMB clients, such as Windows for Workgroups, Windows NT, or LanManager. The configuration file for this daemon is described in smb.conf. The nmbd daemon provides NetBIOS nameserving and browsing support. It can also be run interactively to query other name service daemons.
The smbclient program implements a simple FTP-like client. This is useful for accessing SMB shares on other compatible servers, such as Windows machines, and it can also be used to allow a UNIX box to print to a printer attached to any SMB server, such as a PC running Windows 98.
The testparm utility allows you to test your smb.conf configuration file. The smbstatus utility allows you to tell who is currently using the smbd server.
Samba can be installed during installation or later using RPM. If you need to install the package, first download the current version from Red Hat’s Web site (http://www.redhat.com). You can then install the package (the current version is samba-1.9.18p5-1.i386.rpm) with the following command:
rpm -ivh samba-1.9.18p5-1.i386.rpm
• See “Installing Packages with RPM,” p. 150
The package should contain all the files needed to run Samba, including the two primary programs smbd and nmbd. However, you might have to recompile the various programs if you are using a different distribution.
The main configuration file is called smb.conf and is located in the /etc directory. Listing 15.1 provides the default listing shipped with Red Hat 5.1
NOTE: A semicolon character (;) at the beginning of a line indicates that the line is a comment and is to be ignored when processed by the Samba server.
Listing 15.1 The Sample smb.conf Samba Configuration File
; The global setting for a RedHat default install
; smbd re-reads this file regularly, but if in doubt stop and restart it:
; /etc/rc.d/init.d/smb stop
; /etc/rc.d/init.d/smb start
;=========================== Global Settings ===========================
[global]
; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
workgroup = WORKGROUP
; comment is the equivalent of the NT Description field
comment = RedHat Samba Server
; volume = used to emulate a CDRom label (can be set on a per share basis)
volume = RedHat4
; printing = BSD or SYSV or AIX, etc.
printing = bsd
printcap name = /etc/printcap
load printers = yes
; Uncomment this if you want a guest account
; guest account = pcguest
log file = /var/log/samba-log.%m
; Put a capping on the size of the log files (in Kb)
max log size = 50
; Options for handling file name case sensitivity and / or preservation
; Case Sensitivity breaks many WfW and Win95 apps
; case sensitive = yes
short preserve case = yes
preserve case = yes
; Security and file integrity related options
lock directory = /var/lock/samba
locking = yes
strict locking = yes
; fake oplocks = yes
share modes = yes
; Security modes: USER uses Unix username/passwd, SHARE uses WfW
type passwords
; SERVER uses a Windows NT Server to provide authentication
services
security = user
; Use password server option only with security = server
; password server = <NT-Server-Name>
; Configuration Options*****Watch location in smb.conf for
side-effects*****
; Where %m is any SMBName (machine name, or computer name) for
which a custom
; configuration is desired
; include = /etc/smb.conf.%m
; Performance Related Options
; Before setting socket options read the smb.conf man page!!
socket options = TCP_NODELAY
; Socket Address is used to specify which socket Samba
; will listen on (good for aliased systems)
; socket address = aaa.bbb.ccc.ddd
; Use keep alive only if really needed!!!!
; keep alive = 60
; Domain Control Options
; OS Level gives Samba the power to rule the roost. Windows NT = 32
; Any value < 32 means NT wins as Master Browser, > 32
Samba gets it
; os level = 33
; specifies Samba to be the Domain Master Browser
; domain master = yes
; Use with care only if you have an NT server on your network that
has been
; configured at install time to be a primary domain controller.
; domain controller = <NT-Domain-Controller-SMBName>
; Domain logon control can be a good thing! See [netlogon] share
section below!
; domain logons = yes
; run a specific logon batch file per workstation (machine)
; logon script = %m.bat
; run a specific logon batch file per username
; logon script = %u.bat
; Windows Internet Name Serving Support Section
; WINS Support - Tells the NMBD component of Samba to enable its
WINS Server
; the default is NO.
; wins support = yes
; WINS Server - Tells the NMBD components of Samba to be a WINS
Client
; Note: Samba can be either a WINS Server, or a WINS Client,
but NOT both
; wins server = w.x.y.z
; WINS Proxy - Tells Samba to answer name resolution queries on
behalf of a non
; WINS Client capable client, for this to work there must be
at least one
; WINS Server on the network. The default is NO.
; wins proxy = yes
;========================= Share Declarations =========================
[homes]
comment = Home Directories
browseable = no
read only = no
preserve case = yes
short preserve case = yes
create mode = 0750
; Un-comment the following and create the netlogon directory for
Domain Logons
; [netlogon]
; comment = Samba Network Logon Service
; path = /home/netlogon
; Case sensitivity breaks logon script processing!!!
; case sensitive = no
; guest ok = yes
; locking = no
; read only = yes
; browseable = yes ; say NO if you want to hide the NETLOGON
share
; admin users = @wheel
; NOTE: There is NO need to specifically define each individual printer
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
printable = yes
; Set public = yes to allow user ‘guest account’ to print
public = no
writable = no
create mode = 0700
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
; A publicly accessible directory, but read only, except for people in
; the staff group
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @users
; Other examples.
;
; A private printer, usable only by fred. Spool data will be placed
in fred’s
; home directory. Note that fred must have write access to the spool
directory,
; wherever it is.
;[fredsprn]
; comment = Fred’s Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
;
; A private directory, usable only by fred. Note that fred requires write
; access to the directory.
;[fredsdir]
; comment = Fred’s Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
;
; a service which has a different directory for each machine that
connects
; this allows you to tailor configurations to incoming machines.
You could
; also use the %u option to tailor it by user name.
; The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writeable = yes
;
;
; A publicly accessible directory, read/write to all users. Note
that all files
; created in the directory by users will be owned by the default
user, so
; any user with access can delete any other user’s files.
Obviously this
; directory must be writable by the default user. Another user
could of course
; be specified, in which case all files would be owned by that user
instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
;
;
; The following two entries demonstrate how to share a directory so that two
; users can place files there that will be owned by the specific users. In this
; setup, the directory should be writable by both users and should
have the
; sticky bit set on it to prevent abuse. Obviously this could be extended to
; as many users as required.
;[myshare]
; comment = Mary’s and Fred’s stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
| Previous | Table of Contents | Next |