File (and printer) sharing

There are many technologies that enable sharing. The choice depends on the situation, policies and politics, security, and convenience required. The different scenarios are (“AS” = Autonomous System):

 
File Sharing ScenarioTechnology Choices
User A to share with self On Same host
Different hosts, same type, on same AS sFTP, scp, NFS, Samba
Different hosts, different types, on same AS sFTP, scp, SMBfs, Samba
Different hosts, same type, on different ASes sFTP, scp, NFS, Samba
Different hosts, different types, on different ASes sFTP, scp, SMBfs, Samba
User A to share with User B
On same hostcp, NFS (insecure), Samba
Different hosts, same type, on same AS sFTP, scp, NFS, Samba
Different hosts, different types, on same AS sFTP, scp, SMBfs, Samba
Different hosts, same type, on different ASes sFTP, scp, NFS, Samba
Different hosts, different types, on different ASes sFTP, scp, SMBfs

In addition to the technologies shown above additional “push” technologies can sometimes be used, including email and rdist.

NFS

NetBIOS

Samba and CIFS

Samba Configuration

Both Samba daemons use the same configuration file, smb.conf. This "INI" like file contains comments, blank lines, and various sections. Aside from a few special sections there is one section per share.

After editing smb.conf you should run "testparm" to verify the syntax of this file.

Samba/CIFS use the following port numbers. You must make some holes in your firewall or Samba can't work!

Samba Port Numbers
UDP/137 Used for NetBIOS network browsing
UDP/138 Used for NetBIOS name service
TCP/139 Used for file and printer sharing and other operations
TCP/445 Used by Windows 2000/XP when NetBIOS over TCP/IP is disabled
TCP/901 Used by SWAT

Samba can be configured to start on demand (by configuring xinetd) or at boot time (by enabling the smb (sometimes samba) service).

Sharing files

You can create your test share with:

mkdir -p -m 1777 /tmp/wpshare
echo 'it works' > /tmp/wpshare/afile.txt
chmod 444 /tmp/wpshare/afile.txt

You can test your server with:

	smbclient -L wpserver -U%

Your smb.conf file should look similar to this one:

[global]
    netbios name = wpserver
    workgroup = CTS2322
    wins support = yes       ***OR the following instead:
    wins server = IP Address of WINS server

[wpshare]
    comment = For testing only!
    path = /tmp/wpshare
    read only = no
    browseable = yes
    guest ok = yes

Sharing printers

First define a printer (and enable CUPS if needed). Then modify your smb.conf file by adding:

[global]
   load printers = yes
   printing = cups
   printcap name = cups
   auto services = list of printers

[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   use client driver = Yes
   public = yes
   guest ok = yes
   writable = no
   printable = yes
   printer admin = root

The "auto services" lists the printers that you want browseable; other printers are available but not visible in the borwse list.

If you wish to allow Windows clients to point and click through the Add-A-Printer dialog you must provide the Windows print drivers for your printers. This is done by changes the "use client driver" value to "no", and adding the following section:

[print$]
   comment = Printer Drivers
   path = /etc/samba/drivers
   browseable = yes
   guest ok = no
   read only = yes
   write list = root

You also need to actually download and install the printer drivers! You get them from: ftp://ftp2.easysw.com/pub/cups/windows/. These drivers work on NT, 2000, and XP. You need drivers from Adobe for Win95, 98, and ME; this is not discussed here. Then do the following to install them:

# mkdir /tmp/cups-samba; cd /tmp/cups-samba
# mv ~/ cups-samba-version.tar.gz .
# tar xvzf cups-samba-version.tar.gz
# ./cups-samba.install
# cupsaddsmb -v -H localhost -U root -a

Sharing home directories

Add the following to share all user's home directories, except the ones listed:

[global]
    invalid users = root bin daemon adm sync shutdown \
                    halt mail news uucp operator ...

[homes]
    browsable = no
    writable = yes

The non-browser feature means that users will need to know their username.