######################### File and Directory Sharing using SAMBA ################################
#### basic SAMBA configuration:
### install samba
apt install samba
# command to check the status of the samba server:
smbstatus
# installing it will add both services: Samba server (smbd) and Samba NetBIOS server (nmbd). The
# nmbd will not be used in this guide, so we can disable it:
systemctl stop nmbd
systemctl disable nmbd
# confirm the name of the network interface which samba will use (ex.: enp0s8):
ip a
# the configuration is made in 2 parts: [global] and [shares], in the file /etc/samba/smb.conf
# first, let's save a version of the original file so that we can edit the configuration file:
mv /etc/samba/smb.conf /etc/samba/smb.conf.orig
nano /etc/samba/smb.conf
### configuration (*part1/2) partial example of /etc/samba/smb.conf:
[global]
server string = example_server #server description (you may leave it as is, if you want to)
server role = standalone server #file sharing standard
interfaces = enp0s8 #name of the interfaces samba will use
bind interfaces only = yes #restrict samba to work ONLY with the specified interfaces
disable netbios = yes #disable NetBIOS functions (which we are not using here)
smb ports = 445 #445 is the default samba port
log file = /var/log/samba/smb.log #name and location of the log file
max log size = 10000 #max size of the log file in KiB, when it reaches that size
# it renames itself as .old and creates another one with
# the original name; on the next occurrence, it does the same
# and deletes the oldest one
log level = 3 passdb:5 auth:5 #(optional)logs more detailed authentication information
# whenever you make changes to smb.conf, run testparm to check for syntax errors:
testparm
# if the syntax is fine, you should get the line "Loaded services file OK"
### creating groups, users and shared directories:
### this part is recommended for organizational purposes, but you may skip to the '###' instructions
### for a faster approach
# first, we create the directory that will be shared and set the group property to the group
# sambashare (which was created when samba was installed):
mkdir /samba/
chown :sambashare /samba/
# now we create the home directory of the samba user we intend to create in this example, inside
# the samba directory we just created:
mkdir /samba/myuser
## IF you need to create new user(s):
# then, we create the user, without creating a new /home, setting the previously created directory
# as its home, blocking SSH access with --shell..., and placing it in the sambashare group:
adduser --home /samba/myuser --no-create-home --shell /usr/sbin/nologin --ingroup sambashare myuser
# the last command will ask you to est a password for the new user, and the system will demand
# some other optional data
## ELSE IF the user(s) is already created in the OS:
# we simply add it to the sambashare group:
adduser myuser sambashare
# now that we have the user(s), set the property and permissions of its(their) directory:
chown myuser:sambashare /samba/myuser/
chmod 2770 /samba/myuser/ #2770 will make it so that files and directories created
# inside this directory will inherit the group permissions
# of the /samba/user directory, in other words, if we were
# to create an admin user (from admins and sambashare groups)
# that had access to myuser's share, when the admin saved a
# new file inside /samba/myuser, myuser would be able to
# read and write to that file
### add user to the Samba server. The Samba server keeps its own database with usernames and passwords
### to authenticate logins
smbpasswd -a myuser #adds user to samba server
smbpasswd -e myuser #enables user on samba server
#the password you set in here will be used to access the samba service and can be different
# from the OS password
### configuration (*part2/2) partial example of /etc/samba/smb.conf (append to the file...):
[myuser] #share name
comment = myuser's share #(optional) comment
path = /samba/myuser #absolute path to the share (directory)
browseable = no #can other samba users see this share?
read only = no #allow valid users to write to this share
writable = yes #guarantees the option above (needed sometimes...)
force create mode = 0660 #forces the permissions of any created file
force directory mode = 2770 #forces the permissions of any created subdirectory
valid users = myuser #lists the valid users of the share, separated by
# ', ' if there is more than one; you may also add
# groups in here with '@' before the word, ex.:
# @admins, @sambashare...
### you may choose to add different permissions to the share depending on who you want to access them,
### and how you want others to access them (read/write). In that case, don't forget to update the
### permissions of the directories (chmod/chown) and the 'force create/directory mode' at smb.conf
### there is also an option in the default configuration file (smb.conf) about enabling shares
### of the users' home directories (look for [homes] in it for more details)
# check syntax again after saving smb.conf:
testparm
# add new shares for other users, if you want to, following the same steps above
### restart samba:
systemctl restart smbd
#########################################################################################
#### How to access a share from Windows:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# File Explorer;
# Click with the right button on 'This PC';
# Add Network Location;
# Click Next;
# Type the Samba server address and the name of the share,
# ex.: \\server_name_or_IP\share_name\
# to map the Samba server share using CMD (ex.: map the share 'myuser' to the letter 'z'):
net use z: \\server_name_or_IP\myuser
#after you inform the username and password, the letter mapping should appear on File Explorer
#### How to access a share from Linux:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
## on Desktop version:
# on 'File Manager', click on '+ Other Locations';
# on 'Connect to Server', type:
smb://server_IP/ #this will show the browseable shares on the server
smb://server_IP/username #this will show the contents of that share
# click on 'Connect' and inform the username and password to connect to the share
## on terminal:
smbclient //server_IP/share_name -U username
# to send file to the server, with the file in your /home/user:
put filename
# to copy the file from the server to your /home/user:
get filename
#########################################################################################
ATTENTION: Always read a script before you run it!!!
To run a basic SAMBA Server configuration script, run the following command line in your server's terminal:
wget -nc https://www.maycke.com.br/guides/raw/samba.sh && chmod 700 samba.sh && sudo ./samba.sh && sudo rm samba.sh
#########################################################################################