🗂️ Samba¶
Samba is a free software re-implementation of the SMB networking protocol. Samba provides file and print services for various Microsoft Windows clients. The name Samba comes from SMB (Server Message Block), the name of the proprietary protocol used by the Microsoft Windows network file system.
📥 Installation¶
sudo apt-get install samba
Increase the maximum number of open files
The maximum number of open files should be permanently increased to 16384 for samba.
sudo sed -i '45 a * soft nofile 16384' /etc/security/limits.conf
sudo reboot now
⚙️ Configuration¶
👤 Create and configure user¶
# create samba user on the server without password and home
sudo adduser --no-create-home --disabled-password --disabled-login samba
# add samba user in the debian group
sudo adduser samba debian
# set samba user password
sudo smbpasswd -a samba
# test samba configuration
testparm
# restart samba service
sudo service smbd restart
📁 Configure shares¶
The /etc/samba/smb.conf should be configured:
An example of global-settings for samba configuration.
#======================= Global Settings =======================
[global]
# generic informations
workgroup = WORKGROUP
server role = standalone server
server string = "Samba Server"
public = no
browseable = no
socket options = TCP_NODELAY
Settings
| Setting | Description |
|---|---|
| server string | name of the samba server that will be exported |
| workgroup | default to: WORKGROUP |
| public | tell if the shared directory is private or public |
| path | absolute path to the shared directory |
| readonly | readonly or writeable (yes/no) options for this shared directory |
| valid user | set the user that could access this shared directory |
| write cache size | set cache to 256k to improve performance when the disk is a bottleneck |
An example of a read-only shared directory.
#======================= Share Definitions =======================
[ReadOnly]
path = /path/to/read-only/directory
read only = yes
valid users = samba
An example of a read-write shared directory.
#======================= Share Definitions =======================
[Shared]
path = /path/to/read-write/directory
writeable = yes
create mask = 0664
directory mask = 0775
valid users = samba
🛡️ Setting Unix ACL¶
chgrp debian <dir>
chmod g+s <dir>
setfacl -m group:debian:rwx <dir>
setfacl -dm group:debian:rwx <dir>
Setting unix right using ACL
The chgrp debian set the group of the directory to debian.
The command chmod g+s sets the set group ID (setgid) mode bit on the current directory.
This means that all new files and subdirectories created within the current directory inherit the group ID of the directory, rather than the primary group ID of the user who created the file.
The setfacl -m group:debian:rwx set the current group rights to rwx (x allows to enter the directory).
The setfacl -dm group:debian:rwx set the default group rights for newly created files to rwx.
🪟 Windows¶
Samba Configuration for Multiple User/Password
When configuring Samba with multiple user/password combinations, an issue may arise on Windows with the following error message: "The Network folder specified is currently mapped using a different user name and password".
To address this issue, a workaround involves creating multiple DNS aliases in the C:\Windows\System32\drivers\etc\hosts file. The aliases should be defined as follows:
192.168.1.100 UserA
192.168.1.100 UserB
Then map each network drive using these alias to connect to the network share.