Samba File Sharing Server Management

Foreword

⚫ After completing the courses on basic openEuler commands and

operations, you can set up openEuler-based various services and apply
them to IT systems. In this course, you will set up a file sharing server using
openEuler and Samba.

1 Huawei Confidential
 Objectives

⚫ Upon completing this course, you will understand:

 openEuler-based File sharing server configuration
 File sharing server user and permission configuration
 File sharing server basic O&M and troubleshooting

2 Huawei Confidential
 Contents

1. Samba File Sharing Server Setup

2. User and Permission Configuration for Samba

3. Samba Server O&M and Troubleshooting

3 Huawei Confidential
Samba File Sharing Service
⚫ Samba is a piece of software which enables the Linux OS to use the Server Message
Block (SMB) network communication protocol.
⚫ Samba can be used for file sharing and print sharing between Linux and Windows
systems, as well as between Linux systems.
⚫ Samba adopts the client/server structure, so a Samba server can function as:
 A file sharing server
 A Samba client

⚫ On Windows, Samba uses the NetBIOS protocol. To use files shared from Linux on
Windows, ensure that this protocol is installed.

4 Huawei Confidential
Samba Suites
⚫ To install a Samba server, at least three suites are required: samba, samba-common,
and samba-client.
 samba: contains the smbd and nmbd daemons, Samba documents, log rotation settings, and
preset startup options
 samba-common: provides the main configuration file of the Samba smb.conf and the
testparm program for checking the syntax of the smb.conf file
 samba-client: provides the tool commands required when running a Samba client on Linux,
such as the smbmount command for mounting a Samba file system

5 Huawei Confidential
Samba Configuration Files (1)
⚫ Samba configuration files are stored in /etc/samba. The main configuration files are smb.conf,
Imhost, and smbpasswd.
 smb.conf: the most important Samba configuration file—also the only basic settings configuration file. Its
main sections are:
◼ [global]: sets server functions
◼ [sharedir]: sets the attributes of each shared directory

 lmhosts: maps the NetBIOS names and IP addresses of the hosts. Samba is constantly improving and can
now, at startup, obtain the IP addresses which correspond to hosts' NetBIOS names in the local area
network (LAN). Generally, you do not need to configure this file.
 smbpasswd: If the Samba server requires users to log in with passwords, user passwords are stored in this
file.

6 Huawei Confidential
Samba Configuration Files (2)
⚫ smb.conf file example

[global] # Set the overall environment of the Samba server.

workgroup = MYGROUP # Name of a work group
server string = Samba Server Version # Description of the host
netbios name = MYSERVER # Default host name of the Samba server
hosts allow = 127. 192.168.12. 192.168.13. # IP address range that is allowed to access the
Samba server. By default, all IP addresses are
allowed.
security = user # Set the security mode. user mode requires user
authentication while share mode does not.

[homes]
valid users = # Specify users who are allowed to access the Samba server.
invalid users = # Specify users who are not allowed to access the Samba server.
write list = # Specify users who are allowed to write data.
read list = # Specify users who are allowed to read data only.
public = yes # Specify whether anonymous access is allowed.

7 Huawei Confidential
Common Samba Commands
⚫ Common commands of the Samba server are as follows:
 smbpasswd: sets Samba users and passwords. Option -a is used to add a Samba
user and set that user's password.
 smbclient: views the directories and devices shared from a host. Option -L is
followed by the IP address of the host to be viewed, and -U is followed by the user
name used for login.
 smbmount: similar to the mount command, this mounts a shared directory from a
remote host to the Linux host.
 testparm: tests whether the Samba configuration is correct by checking the
smb.conf file. If the file passes the test, the Samba service will be able to properly
load the configuration.
8 Huawei Confidential
Installing Samba from a Specific Source using DNF
⚫ Configure the software source for the DNF software package management tool,
then obtain and install the Samba suites, including samba, samba-common, and
samba-client along with their dependency packages.
 Add a DNF software source:
◼ dnf config-manager --add-repo repository_url
 Enable the added DNF software source:
◼ dnf config-manager --set-enable repository
 Download and install the software using DNF:
◼ dnf install samba samba-common samba-client

9 Huawei Confidential
Managing the Samba Service, Listening Port, and Startup
Settings
⚫ After Samba is installed, enable the Samba service to start upon system startup, start
the Samba service, and check the status of its listening ports.
 Enable the Samba service to start upon system startup:
◼ systemctl enable smb
 Start the Samba service:
◼ systemctl start smb
 View the Samba service running status:
◼ systemctl status smb
 Check the port listening status:
◼ netstat -lantp |grep 139
◼ netstat -lantp |grep 445

10 Huawei Confidential
 Contents

1. Samba File Sharing Server Setup

2. User and Permission Configuration for Samba

3. Samba Server O&M and Troubleshooting

11 Huawei Confidential
Adding Users
⚫ If you need the Samba server to control access to resources, you need to create
a user on openEuler and only allow the user to log in through the Samba
service (not log in to the system through a shell).
 Create user smb. Do not create a home directory for the user or grant the user shell
login permission.
[root@openEuler ~]# useradd smb –M –s /sbin/nologin

 Allow the smb user to log in through the Samba server and set the user’s password.
[root@openEuler ~]# smbpasswd –a smb

12 Huawei Confidential
Preparing Shared Files and Setting File Access Permissions
⚫ Provide shared directories for the Samba server. Create the shared files on
openEuler and set the permissions on the shared directories.
 Create shared directories share and smb.
[root@openEuler ~]# mkdir /var/share /var/smb

 Grant all users the read, write, and execute permissions on the share and smb
shared directories :
[root@openEuler ~]# chmod 777 /var/share /var/smb

 Change the owner of the smb shared directory to the smb user:
[root@openEuler ~]# chown smb:smb /var/smb

13 Huawei Confidential
Configuring Samba Sharing (1)
⚫ Edit the Samba configuration file smb.conf to allow the client to anonymously read and write to
the share directory, and to allow authenticated users to read and write to the smb directory.
 Add map to guest = Bad User to the [global] section to enable anonymous access.
 Add a [share] section for the share directory and set its permissions:

[share]
comment = share
path = /var/share
guest ok = yes
browseable = yes
writeable = yes

14 Huawei Confidential
Configuring Samba Sharing (2)
⚫ Add an [smb] section for the smb directory and set its permissions:

[smb]
comment = smb
path = /var/smb
write list = smb
browseable = yes
writable = yes
read list = smb
valid users = smb
create mask = 0777

15 Huawei Confidential
Verifying that the Samba Server Can Be Accessed
⚫ On Windows, access the Samba server in file sharing mode. After connecting to
the file sharing server, you should be able to create files.
 Access the directory through \\Samba_IP\share. You should be able to access the
directory without login authentication and create or delete folders or files.
 Access the smb directory through \\Samba_IP\smb. You should be able to open files
and create folders or files in the smb directory after providing the authentication
information of the smb user.

16 Huawei Confidential
 Contents

1. Samba File Sharing Server Setup

2. User and Permission Configuration for Samba

3. Samba Server O&M and Troubleshooting

17 Huawei Confidential
Using a Scheduled Task to Manage Files (1)
⚫ You can schedule a task to back up the shared data of a Samba server every day. Use a shell
script and a crontab scheduled task to archive and back up the data in the share directory to the
smb directory.
#!/bin/sh
Create the backup.sh script in /root.
mkdir /var/backup # Create a temporary backup directory.
cp -r /var/share/ /var/backup/ # Copy the data in the share directory to the backup directory.
tar -zcPvf /var/smb/backup$(date +%Y%m%d).tar.gz /var/backup # Compress the data in the share
directory to /var/backup.
rm -rf /var/backup/ # Delete the temporary backup directory.
find /var/smb/ -mtime +30 -name "*.tar.gz" -exec rm -rf {} \; # Delete backup data that is stored
more than 30 days.

 Set the execute permission on the script.

[root@openEuler ~]# chmod +x backup.sh

18 Huawei Confidential
Using a Scheduled Task to Manage Files (2)
 Set and edit a periodic task by running the crontab command. The backup.sh script
is executed at 22:00 every day. Data is backed up to the smb directory as a file
named after the time the backup is run.
[root@openEuler ~]# crontab –e
0 22 * * * /root/backup.sh
 Run the crontab –l command to view the backup task.

19 Huawei Confidential
System and Service Logs
⚫ To view the status or error information of the Samba server through logs, you
can run ls to find the log file of the Samba service in the /var/log directory.
Then, you can run a command to view the latest 20 log entries.
 Run ls –l /var/log/samba to find the log file in the /var/log/samba directory, for
example, log.smbd.
 Run tail /var/log/samba/log.smbd –n 20 to view the latest 20 log entries.
 Run tail /var/log/messages to view the latest 20 log entries of the openEuler
system.

20 Huawei Confidential
File Sharing Fault Locating and Troubleshooting
⚫ These errors can make the file sharing impossible when you use Samba. Solutions are
provided:
 The file sharing server cannot be accessed or the network connection is faulty.
◼ If the firewall is enabled, run systemctl stop firewalld to disable it.
◼ If the Samba service is not started, run systemctl restart smb to restart it.

 The file sharing server cannot be started due to an incorrect configuration.

◼ Run cd /etc/samba; testparm to check whether the configuration file is configured correctly, and modify the
configuration according to the prompt.

 The user does not have the permission to access or create files. Permissions on the shared directory are
configured incorrectly.
◼ If the file owner is incorrect, run chown smb:smb /var/smb to change the file owner to the correct user.
◼ If the file permissions are incorrect, run chmod 777 smb:smb /var/smb to change the file permissions.

21 Huawei Confidential
 Quiz

1. To configure the Samba file sharing server, which software needs to be installed?
What is the main configuration file? What operations are required for user- and
resource-based access control?

22 Huawei Confidential
 Summary

⚫ This course describes how to deploy, configure, and maintain the file
sharing server as well as how to use openEuler and how to configure
services. It also presents simple service troubleshooting and basic Linux
O&M capabilities.

23 Huawei Confidential
Thank you. 把数字世界带入每个人、每个家庭、
每个组织，构建万物互联的智能世界。
Bring digital to every person, home, and
organization for a fully connected,
intelligent world.

Copyright© 2020 Huawei Technologies Co., Ltd.

All Rights Reserved.

The information in this document may contain predictive

statements including, without limitation, statements regarding
the future financial and operating results, future product
portfolio, new technology, etc. There are a number of factors
that
could cause actual results and developments to differ materially
from those expressed or implied in the predictive statements.
Therefore, such information is provided for reference purpose
only and constitutes neither an offer nor an acceptance. Huawei
may change the information at any time without notice.