Franske ITC-2480 Lab 7: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
mNo edit summary
No edit summary
Line 10: Line 10:
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Setup a Guest Folder ==
# The first thing we are going to do is we are going to create a guest share. This share will allow for all users, even those who have not authenticated, to read files.
# To help you better understand samba, this first share will be configured from putty and command line. First, cd into /etc/samba/ and run a ls. In here we have two main files. smb.conf, which holds all of the samba share and authentication settings, and dhcp.conf which is no longer used, but used to be used to define host names and dns servers for samba to use.
# Now with your favorite text editor, open up smb.conf as root (remember to use sudo).
# Scroll to the bottom of the file, and notice how shares are defined. They all have a similar format such as:
<pre>
[Share Name]
        comment = Share Comment
        options....</pre>
# Where options are the different configuration settings. Lets try creating the guest share folder from the config file manually.
# Exit out of nano, and create the folder /srv/Guest-Files as root. This will be the folder we are sharing.
# Now open up /etc/samba/smb.conf in a text editor again as root, and go to the bottom of the file.
# Enter the following:
<pre>[Guest Share]
        comment = Public File Share
        path = /srv/Guest-Files</pre>
# You have now created the public share. To test this share, go into /srv/Guest-Files and create a text file and enter some information. We will use this file to test the read-only settings of the share.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. You should see a share folder called Guest Share. Open it up, and see if your text file is in the share.  Open up the file, and try to edit and save the file. What error do you get?
== Share Home Folders ==
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
Line 40: Line 58:
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.
== Setup a Guest Folder ==
# Now we are going to setup a guest share folder. For this share, we will want to disable all authentication, but set the files to read only for security purposes.
# Back on the Samba Windows File Sharing config page in webmin, click Create a new file share.
# Use the following base configuration:
<pre>Share Name: Guest Share
Directory to share: /srv/Guest-Files
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 755
Create with group: root
Available: yes
Browsable: yes
Share Comment: Public File Share
</pre>
# Now click the Guest Share link to open its configuration page, and then click Security and Access Control. As we are setting this to be accessible by everyone, under Guest Access, set the option to yes and then press save.
# Now back in putty, browse to /srv/Guest-Files/ and using sudo, create a text file with some contents, then save the file. We will use this to test our permission settings.
# Now back on your local machine, browse back to the root of the share (\\172.17.50.xx\). Notice how there is now a folder called Guest Share, and when you enter it, your text file shows up. Open up the file, and try to edit and save the file. What error do you get?
# At this point you have successfully setup a guest share, PAM share, and home folder shares.

Revision as of 14:30, 25 February 2014

Introduction

Lab Procedure

Prerequisites

  1. Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
  2. Make sure that webmin is installed on your system.

Install Samba

  1. With your favorite package manager, install the samba package.
  2. After samba is installed, login into webmin on your local computers web browser.
  3. Under the servers tab, notice how samba does not show up. This is because we just installed the package.
  4. On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?

Setup a Guest Folder

  1. The first thing we are going to do is we are going to create a guest share. This share will allow for all users, even those who have not authenticated, to read files.
  2. To help you better understand samba, this first share will be configured from putty and command line. First, cd into /etc/samba/ and run a ls. In here we have two main files. smb.conf, which holds all of the samba share and authentication settings, and dhcp.conf which is no longer used, but used to be used to define host names and dns servers for samba to use.
  3. Now with your favorite text editor, open up smb.conf as root (remember to use sudo).
  4. Scroll to the bottom of the file, and notice how shares are defined. They all have a similar format such as:
[Share Name]
        comment = Share Comment
        options....
  1. Where options are the different configuration settings. Lets try creating the guest share folder from the config file manually.
  2. Exit out of nano, and create the folder /srv/Guest-Files as root. This will be the folder we are sharing.
  3. Now open up /etc/samba/smb.conf in a text editor again as root, and go to the bottom of the file.
  4. Enter the following:
[Guest Share]
        comment = Public File Share
        path = /srv/Guest-Files
  1. You have now created the public share. To test this share, go into /srv/Guest-Files and create a text file and enter some information. We will use this file to test the read-only settings of the share.
  2. At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. You should see a share folder called Guest Share. Open it up, and see if your text file is in the share. Open up the file, and try to edit and save the file. What error do you get?

Share Home Folders

  1. Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
  2. First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
  3. On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
  4. Now select the "Only listed users or UID ranges", and enter your username.
  5. Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
  6. When you are done, go to the Samba Users page again. Notice how your user account is now listed.
  7. Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
  8. On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
  9. Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
  10. At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
  11. Test creating and deleting a file to verify write access is working.

Setup a Group Share Folder

  1. Now we are going to setup a group folder share that will allow for all samba users to read and write to the folder.
  2. Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
  3. Use the following base configuration:
Share Name: Share-Files
Directory to share: /srv/Group-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: group share folder
  1. Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
  2. Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
  3. Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
  4. At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.