• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Simple Samba LAN Filesharing Tutorial

daBee

Active Member

Thanks: 5
Messages: 119

#1
Hi folks.

I need to set up samba. I reviewed this page here https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server but it didn't get me far as I couldn't create a samba user. I'm assuming the samba documentation is right, but there is no such thing as useradd.

Is there a samba setup tutorial for Freebsd? I'm running samba46 on FreeBSD 11.1 and I only see linux sharing to windows. I'm on a Mac OS workstation.

I would like to share the following locations for quick access to me (user rich) on this workstation, or another lan box.


## To share:
/usr/local/www
/home/rich
/etc/


Any insight appreciated. Cheers
 

obsigna

Aspiring Daemon

Thanks: 338
Messages: 651

#2
You need to edit the file /usr/local/etc/smb4.conf. A basic configuration for the mentioned shares might be:
Code:
[global]
workgroup = WORKGROUP
server string = Server
security = user
encrypt passwords = yes
max log size = 500
preferred master = yes
hosts allow = 192.168.1.
interfaces = em0
bind interfaces only = yes
socket options = TCP_NODELAY

[homes]
comment = User Home
browseable = no
writeable = yes
directory mask = 0700
create mask = 0700

[etc]
comment = Server Configuration
path = /etc
public = no
writeable = yes
write list = @admin
directory mask = 0770
create mask = 0770

[www]
comment = Web Root
path = /usr/local/www
public = no
writeable = yes
write list = @webadm
directory mask = 0775
create mask = 0775
Note, you need to change the IP of the local network (hosts allow) and the device identifier of the interface which connects the local network (interfaces). Don't let Samba operate on the WAN.

Then you would configure the users using the Samba tool pdbedit(8). The following assumes that you already created the system user rich on your machine, and you would need to create groups for this user in order to have different access privileges for /etc and /usr/local/www. The latter might become tricky, because depending on the web service which is running you might need to maintain write access for the web server for some sub-directories, for example for uploads. The members of the suggested group webadm would be www and rich.

# pdbedit rich
Code:
new password: ********
retype new password: ********
Unix username:        rich
NT username: 
Account Flags:        [U          ]
User SID:             S-1-5-21-1801956262-1824223230-718757168-1001
Primary Group SID:    S-1-5-21-1801956262-1824223230-718757168-1001
Full Name:            Richard
Home Directory:       \\server\rich
HomeDir Drive:
Logon Script:
Profile Path:         \\server\rich\profile
Domain:               SERVER
Account desc:
Workstations:
Munged dial: 
Logon time:           0
Logoff time:          So, 04 Dez 219250468 13:30:07 BRST
Kickoff time:         So, 04 Dez 219250468 13:30:07 BRST
Password last set:    Fr, 29 Aug 2014 09:14:10 BRT
Password can change:  Fr, 29 Aug 2014 09:14:10 BRT
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
In my network I have running Mac and Windows clients. For the Macs I installed net/netatalk3, which is more lightweight and usually faster + imposing less load on the CPU's than Samba.

Principally for Mac clients accessing Samba shares the setting TCP_NODELAY is very important.
 

daBee

Active Member

Thanks: 5
Messages: 119

#3
Wow. Perfect. Thank you. I had to go sudo for the pdbedit -a -u rich. I've left all this quite simple as I don't want to mess with other services and permissions, as I've had plenty of those with nginx and passenger. Still some odd things happening there on 11.1.

All this is for real-time editing conf files and odd small stuff, so not much of a challenge on the server. I then chase it up with filewatcher gem to auto-load files ( ruby, bash) in the terminal. Given AFP's timely demise, I thought I should stay away from it.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,508
Messages: 25,692

#4
Is there a samba setup tutorial for Freebsd?
You don't need to specifically look for tutorials on FreeBSD. Samba is configured exactly the same way on any OS (as are many others, like Apache, MySQL, etc). So you can use any Samba tutorial you might find.

I'm assuming the samba documentation is right, but there is no such thing as useradd.
It's adduser(8) on FreeBSD and works a little different from Linux's useradd. The principle is the same though.
 

daBee

Active Member

Thanks: 5
Messages: 119

#5
I was hoping that was the case, but I ran into the non-existent useradd and was confused.
 

grzesyou

New Member

Thanks: 1
Messages: 2

#6
Hi
I've recently came across setting Samba as file sharing service on my FreeBSD.
I found some FreeBSD related doc's confusing too. However the Samba official documentation, Linux tutorials with some books help should be ok:)
In my case I've found that my problems with Samba were connected with active directory or domain or network or authentication issues which are often host or site specific.
I had no Active Directory, ldap, nor DNS configured. I've used Samba 4.6 from package on RaspBSD 12 (which goes with 11 branch). My input is not ready solution, but I hope it may help somebody.

First - check yours hostname and set the name hostname="hostname.domain.tld" (rather don't use .localhost or example.com)
I've set it in the /etc/rc.conf
Code:
hostname="rpi.aigo.go"
Confusion - domainname(1) - it is not Samba domain related - it's NIS/YellowPages UNIX service.

Second - set up /etc/hosts
Code:
::1                     rpi.aigo.go     localhost       rpi
127.0.0.1               rpi.aigo.go     localhost       rpi
192.168.1.5             rpi.aigo.go     rpi
A name next to the address is full name (FQDN), followed by aliases

Third - you need /usr/local/etc/smb4.conf. There is no share/example.
Let's take a look at less /usr/local/share/doc/samba46/README.FreeBSD. There is samba-tool domain provision --interactive --use-xattrs=no --use-ntvfs.
For me only --interactive worked, however we may learn that FreeBSD's Samba works on UFS2 ACL. So check tunefs -p /dev/da0p1 whether you are using it. For me NFSv4 ACLs worked, it doesn't have to be POSIX.1e ACLs. Turn it on by tunefs (in single user mode as / must be detached if needed).

After samba-tool domain provision --interactive there will be generated a simple /usr/local/etc/smb4.conf. The tool will use your hostname to determine REALM, netbios name and workgroup (all must be uppercase). I've set dns to samba internal, without dns forwarding and copied cp /var/db/samba4/private/krb5.conf /etc/krb5.conf. But wait a sec - I've already set up a Active Directory backend
Code:
passdb backend = samba_dsdb
It is something I didn't want to, and I have little idea about it.

Confusion: Samba have BIND dns, FreeBSD comes with unbound.
You may also update /etc/resolv.conf if this apply to your configuration - add nameserver 127.0.0.1 or search.

So we may take a look at https://www.freebsd.org/doc/handbook/network-samba.html
The backend used there is passdb backend = tdbsam I've read somewhere that it is depreciated and skiped it in first approach - no it works, smbpasswd backend is Samba 3 stuff and discouraged in Samba 4 as far as I know.
So we need to add an user pdbedit -a username
Confusion. My wife need a password... yeah: pdbedit -a nobody

I've read some examples on forum and web.
I found also useful smb.conf(5) and testparm -v
Finally my smb4.conf:
Code:
[global]
        netbios name = RPI
        realm = AIGO.GO
        workgroup = AIGO
        server string = Some text
        passdb backend = tdbsam
#security = user # its default - to allow guest
#have no printers disable spoolss = yes
        disable spoolss = yes
#want to use mount_smbfs with ntlm_v1 on
        ntlm auth = yes
        map to guest = Bad User
        guest account = nobody
#these two are netbios stuff
#local master = yes #default yes
#domain master = auto #default auto
        domain master = yes
#os level = 255 if your wins must win over windows machines
# win81 = 62 win10 = 100?
        os level = 255
        wins support = yes
#log 1 ,2 3, 5 10
        log level = 3
        max log size = 1000
#      smb ports = 139 445 # its default

#with password
[raspberry]
comment = "home::"
path = /usr/home/raspberry
#not valid users just users
users = raspberry
read only = no
create mask = 755
directory mask = 755

#with password
[cores]
comment = "Public"
path = /mnt/cores
read only = no
public = yes
create mask = 755
directory mask = 755
Of course user nobody have file rights. Ports 139 and 445 are opened.

Then - how to start Samba?
1 - /usr/local/sbin/smbd if you like - for more check help option.
2 - through /etc/inetd.conf - my choice for filesharing uncomment 2 lines referring samba
Code:
netbios-ssn stream tcp nowait          root    /usr/local/sbin/smbd    smbd
netbios-ns dgram udp   wait            root    /usr/local/sbin/nmbd    nmbd
3 - you have an AD or ldap, you will use winbindd service samba_server onestart or by /etc/rc.conf
Code:
samba_server_enable="YES"
Confusion - if you choose more than one way I'm not sure if this will act correctly (or unless you have correctly set up domain). I had some problems with it.

Other useful command:
smbcontrol all reload-config
smbstatus
smbtree
nmblookup -B client '*'
smbclient //192.168.1
Then I could
mount_smbfs -I 192.168.1.5 -U raspberry //a@a/raspberry /mnt/sth/
I'm not able to credit all sources. However you may find useful
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
http://www.oreilly.com/openbook/samba/book/
https://www.samba.org/samba/docs/using_samba/toc.html
https://wiki.archlinux.org/index.php/samba

As this is my first post I want to say thank you to the Forum Team, Timur (the port maintainer) and FreeBSD crew.
Cheers
grzes
 
Last edited: