Better late than never. This article is about installing Samba server on debian linux
Motivation
Once I needed a central storage for shared and private documents for small (rarely changing) user group. We have windows and Linux Machines that should have access this centralized file storage. It should be user-friendly access with minimum of maintenance and so on. Also basic document security (basic level) is also a topic here. Having all that, the following is quite suitable for private use, small working groups, and even kinds of small businesses.
The setup
I think it’s not a bad idea to have two different data spaces: private and shared. This separation leads to simple rules of usage:
- Every user can read their own documents and documents of other users in the shared place.
- write and delete is only permitted in the user’s private directory.
Let’s get concrete and that is the point where Samba goes into play. The configuration presented below was tested on Debian 5 (Lenny) and shortly on Debian 7 (Wheezy) and works from now on more than two years without any problems.
1. Install samba
apt-get install samba2. Backup initial configuration
cp /etc/samba/smb.conf /etc/samba/smb.conf_original3. Create shared spaces
# Create new root.
mkdir /srv/samba
# Create mount point for documents
mkdir /srv/samba/shared
# Create mount point for personal
mkdir /srv/samba/private
# Create general gorup of samba users
addgroup smbusers
# giv 'em some rights.
chown root:smbusers /srv/samba/shared/
chown root:smbusers /srv/samba/private/
# define umask
chmod 2770 /srv/samba/shared/
chmod 770 /srv/samba/private/4. Change configuration file
Now edit /etc/samba/smb.conf file. Just replace the content with the following:
[global]
server string = Samba server %v
unix password sync = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Entersnews*spassword:* %nn *Retypesnews*spassword:* %nn *passwordsupdatedssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
panic action = /usr/share/samba/panic-action %d
idmap config * : backend = tdb
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[shared]
comment = Freigabe documents
path = /srv/samba/shared
read only = No
create mask = 0770
directory mask = 0770
[private]
comment = Freigabe privat
path = /srv/samba/private
read only = NoWhen the changes are done, test your configurations with:
testparm5. Add users
Lets add two users with their private places and access to the shared place. So here are Alexander and Rebecca.
useradd -g smbusers -G users alexander
useradd -g smbusers -G users rebecca
mkdir /srv/samba/private/alexander
mkdir /srv/samba/private/rebecca
chmod 750 -R /srv/samba/private/
chown alexander:smbusers /srv/samba/private/alexander/
chown rebecca:smbusers/srv/samba/private/rebecca/Now don’t forget to set a password for Samba users with:
smbpasswd -a alexander
smbpasswd -a rebeccaNote the following directives in your smb.conf will cause automatically change of UNIX user password on smb password changes, So don’t say i didn’t warned you ;)
unix password sync = Yes
pam password change = YesHave fun! Let me know if you do it in another way.