|
Project: Linux  Articles
Doing the Samba
By Mayank Sarup <mayank@freeos.com>
Posted: ( 2000-10-17 11:10:06 EST by )
Samba is a terrific software that bridges the gap between Linux and
Windows PC's on the network. File sharing and print services are a lot
more transparent though it's a lot easier from the Windows end. Setup
is not that difficult either.
Windows based machines use the SMB protocol to share files, printers and
communicate. This is a proprietary protocol and Windows doesn't integrate
as well with non-Windows networks using other protocols. It is possible to
share files between PC's running Linux and Windows using FTP or HTTP but
it isn't as transparent a process. Print services are also a problem.
Samba is a terrific software that bridges the gap between Linux and
Windows PC's on the network. File sharing and print services are a lot
more transparent though it's a lot easier from the Windows end. Where to get Samba?
Samba is available at www.samba.org or your local mirror. Most
distributions already come with the Samba binaries on the cd so you should
look there first. At the web-site you will find both the source and the
binaries for download. Samba has also been ported to OS/2, Amiga and VMS
so even if you are on a non-Unix system then you need not worry. The
latest version as of writing this article is 2.0.7 though I have used
version 2.0.6 here in this article. Download and install and then check
out the example smb.conf files in the examples directory. If you
downloaded the source code then it should be under a documentation
directory. I used the RPM off my Red Hat 6.2 CD and it placed the example
smb.conf file in the following directory: /usr/doc/samba-2.0.6/examples/simple/smb.conf This is quite a long smb.conf file and you can generally get away with a
much smaller and simpler configuration file. But it is a good place to
start with because most of the common options and a short description of
each option is given. smb.conf
All the configuration of Samba is contained in the file smb.conf which can
be found in /etc. The Samba configuration is divided into various sections
or shares. Each section begins with a share name enclosed between square
brackets ( [Public] or [Noname] ) and under each section are defined the
options. Each option is followed by '=' after which the option parameters
are given. The parameters may be 'yes','no', or some user-defined parameter.
There are quite a few parameters and options in Samba but not all of them
are required to get you started. I use only a basic smb.conf which is given below. [global]
workgroup = workgroup
server string = Samba is fantastic
security = share
encrypt passwords = Yes [homes]
comment = Home Directories
read only = No
create mask = 0750 [Public]
comment = Public Stuff
path = /home/Public
read only = No
guest ok = Yes You can see that 3 shares have been defined. Global, Homes and
Public. Public is user-defined share but Global and Homes are both special
sections.
Any options defined under global are applied to all shares that are
defined below. However, if the same option is specified in a share also
then the parameters of the share override the parameters of the global
declaration.
Homes is another special section that allows users with accounts on the
Samba server to access their home directories. When a client connects to
the Samba server and tries to access a share then Samba checks for the
name of the share in the configuration file. If no share is found with
that name then it is assumed to be a username which is then checked
against the password file. If a username is found in the password file and
the supplied password is correct then the client is given access to his
home directory. It can be specified here whether the client is given full
read-write access or read-only access. Another special section that can be defined is Printers. If you want to
give Windows clients print access to the printer on the Samba server then
required options are defined under here. More on that later. Let's look at my smb.conf file for now. The first line identifies the section as global. Common options that go
under this section are: Workgroup name: Enter the workgroup that you will be join here. Server string: Enter a more descriptive comment regarding your computer in
here. It will be displayed along with your computer name. Not really
required but it helps to put it in there. Security: This is where you decide what level of security you want to use
for the Samba server. Possible options here are user, share, server or
domain. User: The various shares are first checked against a valid username and
password combination before access is given to the share. This is the
default method of access if no other is specified in version 2.0.6. If you
have a older version of Samba then the share level security is the default Share: This parameter most closely emulates the Windows behavior so this
is the one that you might want to use. User mode also makes the
configuration a little more complex so it's better to stick with share level
security for now. If you plan to have shares that do not require the use
of a password then this is the easiest method to use. Server: Under this method all the authentication is done by a remote
server. Domain: Again all the authentication is done by a remote Windows NT domain
controller. I am using Share level security because it is the easiest to implement. But
make sure that the under-lying Unix security and permissions are
solid. Only give clients access to designated safe zones on the server and
nothing more. Don't take the easy way out and allow guest access to your
home directory. Make a separate directory and put all the public files there. The next keyword is required if you are connecting with Windows 9X/NT
clients. They require the use of encrypted passwords. They refuse
to connect with servers or clients that do not support encrypted
passwords. So your smb.conf must include "encrypted passwords = yes".
The next section is Homes. The purpose of this section is to allow remote
Windows clients to access their home directories on the server. The default
entries from the smb.conf file are used here and they work just fine. Comment: This keyword can be used in all the shares that are defined to
give a longer description of the share. You can put anything you want here.
Create mask: Enter the file permission of the file that is created in this
share. This parameter can be specified globally and in the particular
share too. Here a mask of 750 will give full user access, group - read and
execute access and no access for others Remember to restart samba everytime you change you smb.conf. This would be /etc/rc.d/init.d/smb restart <- Red Hat
/sbin/init.d/smb restart <- SuSE SWAT If editing smb.conf is a pain then you can use the Samba Web
Administration Tool ( SWAT ). It's just a web interface that you access
through the browser and allows you to use configure Samba behaviour as
well as add/remove/modify your shares. SWAT is started via inetd. Open
/etc/inetd.conf in your favourite editor. Go down till you see a line that
looks like the one below. swat stream tcp nowait.400 root /usr/sbin/swat swat If it has a hash mark '#' in front of it then remove that and restart
inetd. If the line is there but there is not '#' in front of it then the
service is not started. If the line is just not there then add the line
above. killall -HUP inetd -> will restart inetd and start swat. To access swat you need to point your browser to your-machine:901. This
would be http://foomachine:901. From this web interface, you can maintain your shares as well as monitor
active connections. You can also restart the Samba service through this
interface.
File sharing
File sharing is probably the first thing that you will want to set-up on
your network. It is also the easiest thing to set-up in Linux. Take the
example smb.conf file and modify that to your liking or just take mine as
a start. Each file share will follow a generic definition format [Sharename]
comment = Any comment
path = /home/Public
read only = no
Public = yes Sharename: Enter any name as the section header. When a client want to connect
to that share then this is the name they will use to connect to it.
e.g //servername/sharename Comment: A description of your share Path: The path to the directory that you want to share. Read only: Enter your preference for access to the directory here. If you
want to allow write access to that directory access then make sure that
the permissions of the directory are 777. Do a chmod 777 to set
the correct file permissions. Not very secure but it's good enough for a
small trusted network or a home network.Public: If you want to allow guest access to your share then say yes
here. You will want to use this if you're going to give access to shares
without password validation. Ok, so Windows machines on your network can now see you in their network
neighbourhood and access any shares that you may have defined. If you want to access the Windows computer then you need to download some
stuff. Samba does include a command-line program to access external shares
but it's not very easy to use. A much better option is to use a GUI client
like LinNeighborhood or xSMBrowser. KDE's kruiser file browser also has a
network neighbourhood browser that works exactly like windows explorer
does. All are very easy and intuitive to use. Print Services
Samba allows Unix clients to print to Windows printers and back. Whichever
way you plan to print, you will need to setup the printer to work locally
before you can allow clients to print to it. Setting up the Printer under
Windows is quite a easy task. For setting up the printer under Linux you
will need to read the Printing HOWTO. Most distributions already include
tools to help you do that. Once the printer is setup and is working locally you can move on to
configuring it to work with Samba. Printing From Linux Under Redhat you can simple use the printtool utility to setup the SMB
printer. Printtool is an X program so you need to be running X and you
also need to be root. 1. Start the printtool program and choose to add a printer. 2. Printer type will be SMB/Windows printer. 3. In the box that opens up. Leave the printer name at the default lp or
name it if you want to. This is not the printer name of the printer
on the server. Leave spool directory at default too. As servername, enter
the name of the computer that has the printer. If you want then you can
enter the IP address of the server too. Printer name will be the name
with which the printer is shared on the server. If access to the printer
service is restricted by a Username and Password combination then enter
those. Enter the workgroup the printer is on. Finally you need to choose
your print filter. Choose the printer that matches your printer or is the
closest match to your printer. The print filter is important because then
Linux can send output to your printer in the correct format otherwise you
get only garbage. 4. That's it. Restart the lpd daemon. Now you can print normally from any
application or from the command-line using lpr. The printer output will be
redirected to the printer on the server. In Suse you can use YAST to setup the SMB printer. Go into System
Administration / Network Configuration / Connect to printer via Samba. The
same set of options will apply there too. Another very good option for printing is apsfilter. Get it from
www.apsfilter.org. Apsfilter is an input filter and it does a great job of
supporting a variety of printers as well and a variety of print jobs and
even postscript printing. It recognises a variety of file formats and uses
the correct filter. Download the latest version, which is 5.4.2 as of writing this
article. After downloading the file you need to un-archive it. Depending
on the file type you downloaded, you will give one of the following
commands. tar zxvf apsfilter-5.4.2.tar.gz tar xIvf apsfilter-5.4.2.tar.bz2 Go into the directory apsfilter that is created. Run the SETUP script. ./SETUP This script will go out and check what filters you have installed in your
system. It is recommended that you have Ghostscript 6 and above. After you
go through the licenses, apsfilter will check for the necessary filters. A
few more key presses and you'll be at the menu. First, press 1 to select
your printer type. Apsfilter will pop up a big list of printer drivers to
pick from. Find a printer that is a close match if you cannot find your
printer. The next option (2) is to choose an interface for your printer,
whether local or over the network. Option 4 under this one relates to
Windows printers. Enter the necessary information in here. Make sure that
samba and specifically smbclient is accessible. Select a paper format. You
can the print a testpage and check things out. If everything else checks out then you press 'C' to continue the
installation. Apsfilter will then go out and setup your printcap
file. Next it will ask for a location to install the man pages in, whether
you want any compression. Apsfilter will then check the file permissions
of the spool directory. Apsfilter will spew out some more information at
you. Printing to Linux
If you have the printer setup and working under Linux then you just need
to make changes to you /etc/smb.conf file. Add the following three lines to the global section. printing = bsd - This is the method to use under Linux. For other options
you need to look at the man pages for smb.conf printcap name = /etc/printcap - The path to your printcap file load printers = yes - If set to yes then all the printers defined in the
printcap file are loaded and made available at startup. Next add another section like the following
[Linprinter]
path = /var/spool/lpd/lp
writeable = yes
public = yes
printable = yes
print command = lpr -r -h -P %p %s The first line defines the name with which the printer is shared in the
workgroup. Path is the path to the spool directory where printing jobs are queued. Writeable = Yes is required to allow clients to send print jobs to this
printer Public = Yes will allow guest access to the printer. Unless you're really
paranoid about who can print, you could let everyone print to the printer Printable = Yes will identify the share as a printer and not as a file
share. Print command = Is just a shell command so you can enter the command that
you want to use to process the print job, usually lpr under Linux. Now setup the network printer as normal under the Windows clients and
you're set to print.
Samba for newbies
Samba Home Page
O'reilly: Using Samba
LinNeighborhood
xSMBrowser
Other articles by Mayank Sarup
Current Rating: [ 6.67 / 10 ]
Number of Times Rated: [ 24 ]
|
