Книга: Fedora™ Unleashed, 2008 edition
Manually Configuring Samba with /etc/samba/smb.conf
Разделы на этой странице:
Manually Configuring Samba with /etc/samba/smb.conf
The /etc/samba/smb.conf
file is broken into sections. Each section is a description of the resource shared (share) and should be titled appropriately. The three special sections are as follows:
? [global]
— Establishes the global configuration settings (defined in detail in the smb.conf
man page and Samba documentation, found under the /usr/share/doc/samba/docs
directory)
? [homes]
— Shares users' home directories and specifies directory paths and permissions
? [printers]
— Handles printing by defining shared printers and printer access
Each section in your /etc/samba/smb.conf
configuration file should be named for the resource being shared. For example, if the resource /usr/local/programs
is being shared, you could call the section [programs]
. When Windows sees the share, it is called by whatever you name the section (programs
in this example). The easiest and fastest way to set up this share is with the following example from smb.conf
:
[programs]
path = /usr/local/programs
writeable = true
This bit shares the /usr/local/programs
directory with any valid user who asks for it and makes that directory writable. It is the most basic share because it sets no limits on the directory.
Here are some parameters you can set in the sections:
? Requiring a user to enter a password before accessing a shared directory
? Limiting the hosts allowed to access the shared directory
? Altering permissions users are allowed to have on the directory
? Limiting the time of day during which the directory is accessible
The possibilities are almost endless. Any parameters set in the individual sections override the parameters set in the [global]
section. The following section adds a few restrictions to the [programs]
section:
[programs]
path = /usr/local/programs
writeable = true
valid users = ahudsonahudson
browseable = yes
create mode = 0700
The valid users
entry limits userid
to just ahudson
. All other users can browse the directory because of the browseable = yes
entry, but only ahudson
can write to the directory. Any files created by ahudson
in the directory give ahudson
full permissions, but no one else will have access to the files. This is exactly the same as setting permissions with the chmod
command. Again, there are numerous options, so you can be as creative as you want to when developing sections.
Setting Global Samba Behavior with the [global]
Section
The [global]
section establishes configuration settings for all of Samba. If a given para meter is not specifically set in another section, Samba uses the default setting in the [global]
section. The [global]
section also sets the general security configuration for Samba. The [global]
section is the only section that does not require the name in brackets.
Samba assumes that anything before the first bracketed section not labeled [global]
is part of the global configuration. (Using bracketed headings in /etc/samba/smb.conf
makes your configuration file more readable.) The following sections discuss common Samba settings to share directories and printers. You will then see how to test your Samba configuration.
Sharing Home Directories Using the [homes]
Section
The [homes]
section shares out Fedora home directories for the users. The home directory is shared automatically when a user's Windows computer connects to the Linux server holding the home directory. The one problem with using the default configuration is that the user sees all the configuration files (such as .profile
and others with a leading period in the filename) that he normally wouldn't see when logging on through Linux. One quick way to avoid this is to include a path option in the [homes]
section. To use this solution, each user who requires a Samba share of his home directory needs a separate "home directory" to act as his Windows home directory.
For example, this pseudo home directory could be a directory named share
in each user's home directory on your Fedora system. You can specify the path option when using SWAT by using the %u
option when specifying a path for the default homes
shares. The complete path setting would be as follows:
/home/%u/share
This setting specifies that the directory named share
under each user's directory is the shared Samba directory. The corresponding manual smb.conf
setting to provide a separate "home directory" looks like this:
[homes]
comment = Home Directories
path = /home/%u/share
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No
If you have a default [homes]
section, the share shows up in the user's Network Neighborhood as the user's name. When the user connects, Samba scans the existing sections in smb.conf
for a specific instance of the user's home directory. If there is not one, Samba looks up the username in /etc/passwd
. If the correct username and password have been given, the home directory listed in /etc/passwd is shared out at the user's home directory. Typically the [homes]
section looks like this (the browseable = no
entry prevents other users from being able to browse your home directory and using it is a good security practice):
[homes]
browseable = no
writable = yes
This example shares out the home directory and makes it writable to the user. Here's how you specify a separate Windows home directory for each user:
[homes]
browseable = no
writable = yes
path = /path/to/windows/directories
Sharing Printers by Editing the [printers]
Section
The [printers]
section works much like the [homes]
section, but defines shared printers for use on your network. If the section exists, users have access to any printer listed in your Fedora /etc/printcap
file.
Like the [homes]
section, when a print request is received, all the sections are scanned for the printer. If no share is found (and with careful naming, there should not be unless you create a section for a specific printer), the /etc/printcap
file is scanned for the printer name that is then used to send the print request.
For printing to work properly, printing services must be set up correctly on your Fedora computer. A typical [printers]
section looks like the following:
[printers]
comment = Fedora Printers
browseable = no
printable = yes
path = /var/spool/samba
The /var/spool/samba
is a spool path set just for Samba printing.
- Глава 6 В стиле Samba
- Putting Samba to Work
- Manually Configuring Samba with
- Testing Samba with the testparm Command
- Mounting Samba Shares
- Clone a Public Catalog Component Manually
- Chapter 5 Installing and Configuring VirtualCenter 2.0
- Using Double Quotes to Resolve Variables in Strings with Embedded Spaces
- Drawbacks with restore
- 7. AGGREGATION WITH INDEPENDENT WORKS
- Конструкция with-do
- 6.1. Конфигурирование Samba