Difference between revisions of "Samba file server"
| Line 15: | Line 15: | ||
net usershare add share_name /home/user/somefolder "Share description" everyone:F guest_ok=y | net usershare add share_name /home/user/somefolder "Share description" everyone:F guest_ok=y | ||
To make these shares permanent | To make these shares permanent create a file for each share under /var/lib/samba/usershares/ using: | ||
net usershare info --long share_name > /var/lib/samba/usershares/share_name | net usershare info --long share_name > /var/lib/samba/usershares/share_name | ||
This has a further advantage | This has a further advantage a desktop like KDE/GNOME/MATE/Unity the directories will show up as shared in the file manager (Dolphin, Nautilus etc.). That's cause the <tt>net username//var/lib/samba/usershares/</tt> thing is the same mechanism that Dolphin and Nautilus use when you share directories in the GUI. | ||
Check setting of newly created share | Check setting of newly created share | ||
net usershare info --long | net usershare info --long | ||
Although creating a share gives an access to subfolders by default, sometimes permissions for CIFS shares need fixing. Check and compare permissions then issue: | |||
sudo chmod -R a+rwX /path/to/someDirectory | |||
or lighter version if others (guests) do not need write access | |||
sudo chmod -R og+rwX /path/to/someDirectory | |||
= Troubleshooting = | = Troubleshooting = | ||
== Testparm == | == Testparm == | ||
Revision as of 09:44, 25 May 2015
- Main services
sudo service smbd restart sudo service nmbd restart
- Configuration
vi /etc/samba/smb.conf
Usage
smb://192.168.1.65 #UNC path, for Nautilus or other file manager smbclient -L //bigserver/tmp -Ujohndoe%secret #list remote resources smbclient -L localhost -U% #list samba server its own shares
Manage CIFS from CLI
Use net command to manage CIFS from CLI
net usershare add share_name /home/user/somefolder "Share description" everyone:F guest_ok=y
To make these shares permanent create a file for each share under /var/lib/samba/usershares/ using:
net usershare info --long share_name > /var/lib/samba/usershares/share_name
This has a further advantage a desktop like KDE/GNOME/MATE/Unity the directories will show up as shared in the file manager (Dolphin, Nautilus etc.). That's cause the net username//var/lib/samba/usershares/ thing is the same mechanism that Dolphin and Nautilus use when you share directories in the GUI.
Check setting of newly created share
net usershare info --long
Although creating a share gives an access to subfolders by default, sometimes permissions for CIFS shares need fixing. Check and compare permissions then issue:
sudo chmod -R a+rwX /path/to/someDirectory
or lighter version if others (guests) do not need write access
sudo chmod -R og+rwX /path/to/someDirectory
Troubleshooting
Testparm
Once you know there's a daemon, you should always run testparm, in hopes of getting something such as the following:
$ sudo testparm Load smb config files from /opt/samba/lib/smb.conf Processing section "[homes]" Processing section "[printers]" ... Processing section "[tmp]" Loaded services file OK. ...
testparm /usr/local/samba/lib/smb.conf client 192.168.1.10
This will run one more test that checks the hostname and address against hosts allow and hosts deny options and might produce the Allow connection from hostname to service and/or Deny connection from hostname to service messages for the client system. These messages indicate that you have hosts allow and/or hosts deny options in your smb.conf, and they prohibit access from the client system.
Add member to Samba server
It is recommended that your user be a member of the sambashare group then enable File Sharing Server With User Login (Very Reliable Method) On machine you file share add current user to Samba:
sudo smbpasswd -a username
nmblookup
nmblookup -B BIGSERVER __SAMBA__ #you should get back the IP address of your Samba server.
If you do not, then nmbd is incorrectly installed. Check your inetd.conf if you run it from there, or that the daemon is running and listening to UDP port 137. One common problem is that many inetd implementations can't take many parameters on the command line. If this is the case, then create a one-line script that contains the right parameters and run that from inetd.
nmblookup -B ACLIENT `*' #you should get the PC's IP address back
If you do not, then the client software on the PC isn't installed correctly, or isn't started, or you got the name of the PC wrong. If ACLIENT does not resolve via DNS, then use the IP address of the client in the above test.
nmblookup -d 2 `*' #the same as the previous test but are trying it via a broadcast to the default broadcast address
A number of NetBIOS/TCP/IP hosts on the network should respond, although Samba may not catch all of the responses in the short time it listens. You should see the got a positive name query response messages from several hosts. If this does not give a result similar to the previous test, then nmblookup isn't correctly getting your broadcast address through its automatic mechanism. In this case you should experiment with the interfaces option in smb.conf to manually configure your IP address, broadcast, and netmask.
If your PC and server aren't on the same subnet, then you will need to use the -B option to set the broadcast address to that of the PC's subnet.
This test will probably fail if your subnet mask and broadcast address are not correct. (Refer to test 3 notes above).
smbclient //BIGSERVER/TMP #you should then be prompted for a password
You should use the password of the account with which you are logged into the UNIX box. If you want to test with another account, then add the -U accountname option to the end of the command line for example, smbclient //bigserver/tmp -Ujohndoe.
Note
It is possible to specify the password along with the username as follows: smbclient //bigserver/tmp -Ujohndoe%secret
Once you enter the password, you should get the smb> prompt. If you do not, then look at the error message. If it says “invalid network name,” then the service tmp is not correctly set up in your smb.conf.