Now that I have set-up my file server I need to be able to save / restore files to it. Linux uses the Samba protocol to share files between computers on a network, including Windows and Mac. The easiest and quickest way to manage Samba is to go through webmin GUI. I will be using the command line for simple operations, so SSH into the server too.
The idea is that you create a share (link to a directory within your server) then set users who may access data within the directory. Users are created in the server, then converted to Samba users. Data can be written to the file server as their users and group, or custom user, groups. Make sure users have rights to access the directory on the server.
Create a new user:
sudo adduser pingu
Now, convert to a Samba user:
sudo smbpassd -a pingu
Note: if you use the same username and password of the computer connecting to the share, the user should be able to automatically log-in.
Within your file server, create a directory to share. In this example, we will create user Pingu and directory pingu-files.
Change directory permissions to desired user. E.g.
sudo chown pingu:users -R /pool/data/pingu-files
However, you may wish to make the directory accessible by all. For example, chmod 777 -R will allow all users to read / write but keep the owner, should have have access to a Samba account. This makes back-up much easier later.
Log-in to Webmin. On the left-hand menu, access (under Servers) Samba Windows File Sharing.
To create your first share you need to have the directory exisit on your file server. In this example, I will use /pool/data/pingu-files. The test directory must be accessible by the user. In my example, I will be using the nobody user; I only have access to this machine so not a security problem for me. In a multiuser environment, you may wish to take more time creating groups.
To create a new share, click the ‘Create a new file share‘ button. You will need to then point the share to a directory. I have forced the user nobody and the group nogroup; this means that any files created using that share (no matter which user creates the file) the file will be create as nobody:nogroup with permissions 777. This is wide open – it means that anyone with access to my file server can access all data. Not something I worry about.
Before we can use the share, let’s edit the permissions: click on Security and Access Control.
In this option we choose who’s allowed to access the share. In my case, I have a user called test.
You only need to put the username in the valid users text box. In here, the user will be able to list, read and write to the share.
Next, I want to edit File Permissions to ensure all data written and edited is forced. Note: there is a typo on the below screenshot, under New Unix file mode the numbers should read 777 not 77 (I took the screenshot before I noticed this).
And that’s it. We should have an accessible share. You can either access the share with the server’s IP address or host name.
You are now able to access files on your file server with a username and password. You can either use as hot storage, so sync files to back-up to the share. For an easy life and a single user environment, shares can be made accessible by guest.
Note: I tried global options (e.g. settings that worked across all shares by default) but had problems with file permissions. For example, I could write a to existing directories, but could not write files to new directories I created. This was fixed by deleting all smb configuration file and then using no global options (As set-up on this article).