Wednesday, June 24, 2009

Fedora 11 Installing Samba

yum install samba
version 3.3.2-0.33.fc11

cd /etc/samba
mv smb.conf smb.conf.backup
vi smb.conf
[global]
workgroup = wrkgrp
netbios name = smbserver
security = SHARE
load printers = No
default service = global
path = /home
available = No
encrypt passwords = yes
[share]
writeable = yes
admin users = smbuser
path = /home/share
force user = root
valid users = smbuser
public = yes
available = yes

save and exit

add user smbuser to local and smb
useradd smbuser
passwd smbuser
smbpasswd -a smbuser

/etc/init.d/smb restart

new use z: \\ip\share passwd username

I could not connect from Windows.

I changed security to user: it still didn't work.

I am now reading an online Samba book.
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/


testparm is a command that will test the configuration of the samba conf file.
testparm /etc/samba/smb.conf

The file passes the test.

Optimize the file and strip all comments with
testparm -s source dest

SWAT is a web-based config tool. I will look into that after I get the conf file working.

Display all shares that are defined on a host:
smbclient -L hostname

This asks for a password for the current user. Even if I am logged in as the smb user, I am unable to connect.

Do an anonymous login by addeng -N to the command. I am able to see the share that I created.

Connect to home dir:
smbclient //host/user
This also requires password and fails.

/etc/sysconfig/network contains nameservers and hostname.
Where is the alias for eth0 and wlan0 defined? There is no /etc/modprobe.conf

Name resolution of DHCP addresses needs to be hardcoded, which defeats DHCP. I found a link,
http://www.cameratim.com/computing/linux/using-bind-as-a-local-dns-server, that indicates how to get around this. I will investigate later; for now I am hardcoding the DHCP address.

I failed to start nmb. Both the nmb and smb services must be running.
service smb start
service nmb start

Test if all the appropriate services are running (from http://troy.jdmz.net/samba/fw/):
# service smb stop
# netstat -ln > netstat-ln-smb.before
# service smb start
# netstat -ln > netstat-ln-smb.after
# diff netstat-ln-smb.*

Open firewall for udp and tcp in the /etc/sysconfig/iptables file:
-A INPUT -p udp -m udp --dport 137 -j ACCEPT
-A INPUT -p udp -m udp --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT

Then restart the firewall
service iptables restart

The smbserver is now visible from the Window machine. I am still unable to connect to a share.

Tried a simple config from http://us6.samba.org/samba/docs/man/Samba-Guide/simple.html#draft-smbconf
[global]
workgroup = MIDEARTH
security = SHARE

[Plans]
path = /plans
read only = Yes
guest ok = Yes

When I tried smbclient -L server -Uroot%passwd, I got an error about LANMAN authorization. I fixed it by adding the following to the global section of the conf file and restarted smb:
client lanman auth = Yes
lanman auth = Yes

I can now see the server and the share (though I changed the name of the workgroup, but windows still sees the old one); however, when I try to access the share, my Linux security warns me that someone is trying to access my home directory. I placed the share in my home directory, so the error is correct. I will move the share. I just noticed that on Linux, the new workgroup name is not recognized, either.

I seem to being editing the wrong smb.conf file. The changes that I am making are not being implemented. I am editing /etc/samba/smb.conf ... No, I am editing the correct file, but the workgroup command in the global section is changing the domain, but not the workgroup.

I tried following the advice of the AVC warning: setsebool -P samba_enable_home_dirs=1, it did not resolve the problem.

I am still getting the home dir error; eventhough I moved the directory to the root. I will try moving it to /tmp ... Did not work.

I have added the following share
[homes]
browseable = ok
guest ok = yes


I can now access homes, but it opens my root directory.

I am able to mount a windows share with
mount.cifs //ip/path /mnt
It asks for a password.

I found a page on printing from linux to a windows printer: http://www.math.colostate.edu/~reinholz/freebsd/smb_print_client.html

In the original smb.conf, there are comments about SELinux for home directories and domains.
setsebool -P samba-domain-controller on
setsebool -P samba-enable-home-dirs on

There is also a comment about setting samba-share-t for new directories, for allowing SELinux to write to a dir.

Use the command ls -ldZ to see the context for a directory.

I used the original smb.conf file and I can access home directories.

No comments:

Post a Comment

Followers