Home
Paul's_Page
UK_NetDirect
PhotoAlbum:
Phoebe 1,
2, 3,
4
Francie 1, 2
Pets 1, 2
Family 1, 2,
3
Special Occasions
Photo Art
Pre-USAF
Devner
Panama 1, 2,
3, 4-misc
Korea & misc
Germany & misc
Soham & misc
Daws_
Hill:
Page 1, 2,
3,
& misc
Leave '96 Mom
UK
Panama '98: 1, 2,
3
Colorado_ Springs:
Leave '98
Springs 1, 2,
3, 4
& misc
Francie's Birth
Rodriguez'
Holiday
Colorado_Homes
PCI_Systems
Online_Documents:
Catalogs
'n Manuals
Howto's
Linux
Microsoft
Security
Mirrored_Sites:
Hardening
Port
Reference
Reghacks
| |
|
Using Samba
Robert Eckstein, David Collier-Brown, Peter Kelly
1st Edition November 1999
1-56592-449-5, Order Number: 4495
416 pages, $34.95
Buy the hardcopy
Table of Contents
|
We mentioned in the previous section that there were no disk shares on the
hydra server. Let's continue with the configuration file and create an empty disk share called [data ]. Here are the additions that will do it:
[global]
netbios name = HYDRA
server string = Samba %v on (%L)
workgroup = SIMPLE
[data]
path = /export/samba/data
comment = Data Drive
volume = Sample-Data-Drive
writeable = yes
guest ok = yes
The
[data] share is typical for a Samba disk share. The share maps to a directory on the Samba server:
/export/samba/data. We've also provided a comment that describes the share as a
Data
Drive , as well as a volume name for the share itself.
The share is set to writeable so that users can write data to it; the default with Samba is to create a read-only share. As a result, this option needs to be explicitly set for each disk share you wish to make writeable.
You may have noticed that we set the
guest
ok parameter to
yes . While this isn't very security-conscious, there are some password issues that we need to understand before setting up individual users and authentication. For the moment, this will sidestep those issues and let anyone connect to the share.
Go ahead and make these additions to your configuration file. In addition, create the
/export/samba/data directory as root on your Samba machine with the following commands: # mkdir /export/samba/data
# chmod 777 /export/samba/data
Now, if you connect to the
hydra server again (you can do this by clicking on its icon in the Windows Network Neighborhood), you should see a single share listed entitled
data , as shown in
Figure 4.4. This share should also have read/write access to it. Try creating or copying a file into the share. Or, if you're really feeling adventurous, you can even try mapping a network drive to it! ![Figure 4.4](figs/sam.0404.gif)
The basic Samba configuration options for disk shares previously introduced are listed in
Table 4.4.
Table 4.4: Basic Share Configuration Options
Option |
Parameters |
Function |
Default |
Scope |
path (directory) |
string (fully-qualified pathname) |
Sets the Unix directory that will be provided for a disk share or used for spooling by a printer share |
/tmp |
Share |
guest ok (public) |
boolean |
If set to
yes , authentication is not needed to access this share |
no |
Share |
comment |
string |
Sets the comment that appears with the share |
None |
Share |
volume |
string |
Sets the volume name: the DOS name of the physical drive |
Share name |
Share |
read only |
boolean |
If
yes , allows read only access to a share. |
yes |
Share |
writeable (write ok) |
boolean |
If
no , allows read only access to a share. |
no |
Share |
This option, which has the synonym
directory , indicates the pathname at the root of the file or printing share. You can choose any path on the Samba server, so long as the owner of the Samba process that is connecting has read and write access to that directory. If the path is for a printing share, it should point to a temporary directory where files can be written on the server before being spooled to the target printer (/tmp and
/var/spool are popular choices). If this path is for a disk share, the contents of the folder representing the share name on the client will match the content of the directory on the Samba server. For example, if we have the following disk share listed in our configuration file:
[network]
path = /export/samba/network
writable = yes
guest ok = yes
And the contents of the directory
/usr/local/network on the Unix side are: $ ls -al /export/samba/network
drwxrwxrwx 9 root nobody 1024 Feb 16 17:17 .
drwxr-xr-x 9 nobody nobody 1024 Feb 16 17:17 ..
drwxr-xr-x 9 nobody nobody 1024 Feb 16 17:17 quicken
drwxr-xr-x 9 nobody nobody 1024 Feb 16 17:17 tax98
drwxr-xr-x 9 nobody nobody 1024 Feb 16 17:17 taxdocuments
Then we should see the equivalent of
Figure 4.5 on the client side. ![Figure 4.5](figs/sam.0405.gif)
This option (which has an older synonym
public ) allows or prohibits guest access to a share. The default value is
no . If set to
yes , it means that no username or password will be needed to connect to the share. When a user connects, the access rights will be equivalent to the designated guest user. The default account to which Samba offers the share is
nobody . However, this can be reset with the
guest
account configuration option. For example, the following lines allow guest user access to the
[accounting] share with the permissions of the
ftp account:
[global]
guest account = ftp
[accounting]
path = /usr/local/account
guest ok = yes
Note that users can still connect to the share using a valid username/password combination. If successful, they will hold the access rights granted by their own account and not the guest account. If a user attempts to log in and fails, however, he or she will default to the access rights of the guest account. You can mandate that every user who attaches to the share will be using the guest account (and will have the permissions of the guest) by setting the option
guest
only
=
yes .
The
comment option allows you to enter a comment that will be sent to the client when it attempts to browse the share. The user can see the comment by listing Details on the share folder under the appropriate computer in the Windows Network Neighborhood, or type the command
NET
VIEW at an MS-DOS prompt. For example, here is how you might insert a comment for a
[network] share:
[network]
comment = Network Drive
path = /export/samba/network
This yields a folder similar to
Figure 4.6 on the client side. Note that with the current configuration of Windows, this comment will not be shown once a share is mapped to a Windows network drive. ![Figure 4.6](figs/sam.0406.gif)
Be sure not to confuse the
comment option, which documents a Samba server's shares, with the
server
string option, which documents the server itself.
This option allows you to specify the volume name of the share as reported by SMB. This normally resolves to the name of the share given in the
smb.conf file. However, if you wish to name it something else (for whatever reason) you can do so with this option.
For example, an installer program may check the volume name of a CD-ROM to make sure the right CD-ROM is in the drive before attempting to install it. If you copy the contents of the CD-ROM into a network share, and wish to install from there, you can use this option to get around the issue:
[network]
comment = Network Drive
volume = ASVP-102-RTYUIKA
path = /home/samba/network
The options
read
only and
writeable (or
write
ok ) are really two ways of saying the same thing, but approached from opposite ends. For example, you can set either of the following options in the
[global] section or in an individual share:
read only = yes
writeable = no
If either option is set as shown, data can be read from a share, but cannot be written to it. You might think you would need this option only if you were creating a read-only share. However, note that this read-only behavior is the
default action for shares; if you want to be able to write data to a share, you must explicitly specify one of the following options in the configuration file for each share:
read only = no
writeable = yes
Note that if you specify more than one occurrence of either option, Samba will adhere to the last value it encounters for the share.
![Previous: 4.4 Server Configuration](gifs/txtpreva.gif) |
![](gifs/txthome.gif) |
![Next: 4.6 Networking Options with Samba](gifs/txtnexta.gif) |
4.4 Server Configuration |
![Book Index](gifs/index.gif) |
4.6 Networking Options with Samba |
O'Reilly Home |
O'Reilly Bookstores |
How to Order |
O'Reilly Contacts
International |
About O'Reilly |
Affiliated Companies
© 1999, O'Reilly & Associates, Inc.
|