Go to http://examples.oreilly.com/upt3 for more information on:
Samba
Samba is an open source project that implements the Session Message Block (SMB) protocol, which is the core networking language of the Microsoft Windows family. Of course, the dominant networking protocol in Unix is the Transmission Control Protocol/Internet Protocol (TCP/IP). The challenge of the Samba project is to map SMB traffic onto TCP/IP networks. This is no small feat since SMB was designed for small, nonsegmented networks. Because all SMB network machine names exist in one global namespace, the practical size of an SMB network is quite limited. Although there are workgroups and NT domains (dolled-up workgroups with a domain controller), these groups don't partition a network in the same way that IP subnets do. Workgroups are simply an organizational grouping of machine names (although NT domains can also exercise some access control over the resources within their jurisdiction).
Despite these limitations, most offices these days have a very large installed base of Windows servers and workstations. With Samba, your Unix machine can participate in Windows file sharing and print services. In fact, Samba can replace Windows file and print servers in many cases. For the full reference on Samba (plus a good number of useful tips), pick up a copy of Using Samba from O'Reilly & Associates.
Samba consists mainly of two daemons and a host of supporting programs. The smbd daemon is responsible for making your machine's filesystem and printers available to a Windows network. The nmbd daemon handles the mapping of SMB machine names into the IP namespace and browsing other SMB resources. Some Unix systems, like Linux, are also able to mount other SMB drives onto their local filesystems using the smbmnt command.
Samba is available for all popular Unix platforms. The project web site, http://www.samba.org, is mirrored throughout the world, so you should be able to find a server near you. The current stable release of samba will be available as a link called samba-latest.tar.gz. As of this writing, the latest release is 2.2.3a.
After unpacking the archive file, change into the newly created samba subdirectory, become the root user, and type:
# ./configure && make
This bit of shell logic simply means, "Execute the program configure in the current directory. It is important to run the configure as root, since there will be certain tests done that require root access. If it succeeds, run make ." If the compilation proceeds without error, you should install the Samba components with:
# make install
Now you can configure Samba to share your system's directories and printers with your Windows neighbors.
There is only one configuration script for both Samba daemons: smb.conf. The Samba build process does not normally create this file for you. However, there are several example smb.conf files in the examples directory of the unpacked source code. These can be easily modified for your system. Alternatively, you may wish to use the web administration tool SWAT ( Section 47.4) to configure your installation. It is worth understanding a bit about how to configure smb.conf by hand.
Perhaps the best example configuration to start with is the file called
smb.conf.default. Lines that start with
a semicolon or pound sign (#) are comments and are ignored by the Samba
daemons entirely. Blocks of related options begin
with a line that has a label in square brackets. A special block called [global] precedes blocks that define individual
shared resources. Global configuration options include what workgroup your
machine is part of, what guest account to use for public shares, and which IP
addresses are allowed to connect to your SMB service. For instance:
[global] workgroup = MYGROUP ; hosts allow = 192.168.1. 192.168.2. 127. guest account = pcguest log file = /usr/local/samba/var/log.%m max log size = 50 security = user ; encrypt passwords = yes
Here, all the shares that will be described later in the configuration file
will be advertised in the MYGROUP workgroup. Although the
next line is commented out, you can use the host
allow
directive to
permit only certain hosts or subnets access to your SMB shares. In this example,
machines would have to be in either one of the two class C networks (IPs
beginning with 192.168.1 and 192.168.2) or in the class A network (IPs beginning
with 127) to even connect to your Samba daemons. Sometimes you will create
public shares that won't require a authentication. For these shares, some real
Unix account is needed. That account is specified with guest account
and is usually a nonprivileged account,
like pcguest.
A good rule of thumb when customizing your smb.conf
is to leave the defaults in place where you
don't fully understand the directive. The defaults err on the side of caution.
Unless you have a good reason for changing them, leave the log file
and max log size directives as is. The security and encrypt passwords
directives are important and are talked about in more detail in Section 47.6. For now, keep the
defaults.
Sharing one of your local directories with the SMB network is easy. For instance:
[tmp] comment = Temporary file space browseable = yes path = /tmp read only = no public = yes
This block describes sharing the local system's /tmp
directory with your SMB network. The
comment option is a human-readable
description of the share that is available to SMB browsers (like the Network
Neighborhood application in Windows). The path
directive indicates the local path you
wish to share. The browseable
option, which defaults to yes anyway,
makes sure that this share appears in browse lists. The read only statement is set to no, making the share writable by
SMB clients that are able to connect (Section 47.6). When the public
directive is set to yes, passwords are
not required to access this resource.
There are far too many configuration options to detail here. See the Samba documention or Using Samba for the full story.
After you have finished configuring the system, you are ready to run the SMB daemons. You can run these servers (as root) directly from the command line with the following:
# /path/to/samba/bin/smbd -D; # /path/to/samba/bin/nmbd -D;
You can also have inetd run them. Simply add the following lines to /etc/services:
netbios-ssn 139/tcp netbios-ns 137/udp
Add the following lines to /etc/inetd.conf :
netbios-snn stream tcp nowait root/path/to/samba/bin/smbd smbd netbios-ns dgram upd wait root/path/to/samba/bin/nmbd nmbd
Simply restart inetd to begin answering SMB requests.
To verify that your SMB services are running, use the command-line tool smbclient to browse yourself.
$ smbclient -L netbios-nameYour machine's
NETBIOS
name (that is, the name by which SMB peers are known) will be your DNS
hostname or whatever you set the global directive netbios name to be. If prompted for a password, you can simply
hit Enter for now. If your service is running, you should see your shares
displayed in a similiar way to the following:
[jjohn@marian upt]$ smbclient -L marian
added interface ip=192.168.1.50 bcast=192.168.1.255 nmask=255.255.255.0
Password:
Anonymous login successful
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 2.2.2]
Sharename Type Comment
--------- ---- -------
homes Disk Home Directories
IPC$ IPC IPC Service (Samba Server)
ADMIN$ Disk IPC Service (Samba Server)
lp Printer hp
tmp Disk Temporary file space
Server Comment
--------- -------
MARIAN Samba Server
Workgroup Master
--------- -------
WORKGROUP MARIAN— JJ