Samba SMB file sharing in openSUSE 11.2
Program Versions Used in this Example Setup:
OS Version: openSUSE 11.2 64 bit (x86_64)
Kernel Version: Linux 2.6.31.12-0.1-desktop x86_64
Samba Version: 3.4.2-1.1.3.1-2229-SUSE-SL11.2
KDE Version: 4.3.5 (KDE 4.3.5) “release 0”
The openSUSE Firewall DISABLED.
In KDE 4.3.5 my “Desktop Settings – Plasma Workspace – Appearance – Desktop Activity: Type” is set for “Folder View”. This does make a difference in creating icons on your desktop as suggested further into this document.
**
Loading Samba into openSUSE 11.2:**
By default I think you will get most of Samba program files already loaded for you, but we will want to add to the list and verify that you have everything your need to get Samba up and running. Even though I am using 64 bit software, I am still loading the 32 bit versions to ensure all 64 and 32 bit program will work properly with Samba. If you are running 32 bit openSUSE, you just need to leave out the 64 bit version, if they are ever a choice for you. I assume you have the default “Software Repositories” installed for you when openSUSE is installed connected to a network that had access to the INTERNET.
Menu > System > YaST > enter root password to start YaST Control Center
In YaST Select: Software > Software Management
In YaST2, pick the “Search” tab and enter “samba” and press the search button. You want to have installed the following applications so check any programs that are missing to be installed for you:
samba
samba-32bit
samba-client
samba-client-32bit
samba-doc
samba-winbind
samba-windind-32bit
The samba-doc file is not loaded by default and is imported when we use the SWAT browser configuration program. After making your selections press the “Select” button on the bottom right and allow the missing applications to be loaded into openSUSE for you.
Editing Text Files using Root Permissions:
You will need to manually edit several plain text files to get Samba configured properly and you must do so with root permissions. Now you have a couple of choices to do this. Just login into openSUSE using the root usename and password. Or, you can make the following suggested change to KWrite in your KDE menu system and make the changes as your normal user self.
First, we want to modify your menu entry for KWrite so that you will run the application as root and will be required to enter the root password when you start the editor. Once the root password is entered correctly, you will be able to view and edit any text file on your computer as root.
Right Click your mouse over the Menu Icon on the bottom left of your desktop and Select “Menu Editor”. Navigate on your left of the menu editor to: Utilities > Editor > KWrite. Select the advanced Tab on the right and check “Run as different user”. Next to Username enter “root”. Now press the save button on the top left corner of the menu editor. Your changes have now been made and saved.
To use the KWrite application without any error messages select: Menu > Utilities > Editor > KWrite (Text Editor) and the text editor will ask for your root password (the first time, but not all of the time) then start if the password is correct. Your default save folder will be listed as Root > home > username > Documents. You will need to select the up arrow until you get to the root folders were you will see the etc folder. This is where most of the changes we will be making are located. After each successful text file modification, do a File/Save, File/Close and then a File/Open for the next file until all files have been modified as I suggest.
**
SWAT, SERVERS and SERVICES file Modifications:**
The following text files located in the folder “/etc/xinetd.d” should already exist. The two lines in each file that you are modifying are shown in bold letters. Basically you are changing “disable=yes” to “disable=no” in each file and you are adding a comment “#” in front of each line “only_from= 127.0.01” which changes this entry to a comment and is thus not used in the setup file.
Three files located in folder “/etc/xinetd.d”
Plane Text Filename: servers
default: off
description: An internal xinetd service, listing active servers.
service servers
{
type = INTERNAL UNLISTED
port = 9099
socket_type = stream
protocol = tcp
wait = no
** disable = no
only_from = 127.0.0.1**
FLAGS = IPv6 IPv4
}
Plane Text Filename: services
default: off
description: An internal xinetd service, listing active services.
service services
{
type = INTERNAL UNLISTED
port = 9098
socket_type = stream
protocol = tcp
wait = no
** disable = no
only_from = 127.0.0.1**
FLAGS = IPv6 IPv4
}
Plane Text Filename: swat
SWAT is the Samba Web Administration Tool.
service swat
{
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/sbin/swat
# only_from = 127.0.0.1
log_on_failure += USERID
** disable = no**
}
**
Samba SMB.CONF file Modifications:**
Next you need to modify the smb.conf file located in the “/etc/samba” folder. Items shown in bold should be changed to match your network setup. Specifically, you need to insert the name of your work group in the line starting with “workgroup=”. Next, you need to insert the name of your computer in the line starting with “netbios name =”. You can optionally make the “server string=” anything you want which shows up like a comment next your nextbios name on Windows computers. You need to modify the “hosts allow=” to the first three IP address numbers you are using for all of your home computers.
The next portion of the Samba configuration file shows the folders your are sharing on your computer. The name shown on brackets such as [Software] will be the share name for the folder or drive you are sharing. The “path = /Software” tells Samba the path in the the Linux folder riser to be shared. In my example I am sharing three folders, all of which are NTFS hard drive partitions mounted per fstab entries into the Linux file system. You will make changes to the example shown below based on your actual drive partition setup you wish to share. You could copy and past the following file and then make the required modifications before you save it.
One file located in folder “/etc/samba”
Plane Text Filename: smb.conf
smb.conf is the main Samba configuration file. You find a full commented
version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
samba-doc package is installed.
Date: 2010-3-15
[global]
workgroup = WINDOWSNT
netbios name = LINUXMASTER
server string = Master of the Universe
security = SHARE
map to guest = Bad Password
socket options = SO_KEEPALIVE TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
printcap name = cups
logon path = \%25L\profiles.msprofile
logon drive = P:
logon home = \%25L%25U.9xprofile
local master = No
domain master = No
ldap ssl = no
usershare allow guests = Yes
usershare max shares = 100
hosts allow = 192.168.0.0/255.255.255.0, 127.0.0.1
hosts deny = ALL
cups options = raw
posix locking = No
Software]
path = /Software
read only = No
acl check permissions = No
inherit acls = Yes
guest ok = Yes
profile acls = Yes
Win_HDC]
path = /Windows/HDC
read only = No
acl check permissions = No
inherit acls = Yes
guest ok = Yes
profile acls = Yes
Win_HDD]
path = /Windows/HDD
read only = No
acl check permissions = No
inherit acls = Yes
guest ok = Yes
profile acls = Yes
Activation of services required to use Samba:
In order for Samba and Samba SWAT to function, we need to start several run servicesto be loaded each time we start or reboot our openSUSE Linux computer. Once the following steps are performed, you will not need to do this again unless your reload your copy of SuSE.
Menu > System > YaST > enter root password to start YaST Control Center
In Yast Select: System > System Services (Runlevel)
Select the Expert bullet at the top and then scroll to the bottom entries. For each of the following services highlight the service with your mouse, select the Set/Reset button on the bottom right and pick “Enable the service”. Next, select the Start/Stop/Refresh button on the bottom left and pick “Start now”. A windows should pop up for each service indicating success with a result of “0”.
Services to Enable/Start:
xinetd
winbind
smb
nmb
Select OK on the bottom right to save your selections. This will start all of the required Samba services for you.
All of the requires services to use Samba should now be running and ready to be used.
**
Suggested NTFS Partitions settings in fstab:**
If you will be sharing any NTFS partitions using Samba please consider using these suggested settings in fstab for these partitions. If you make any changes to fstab, you must restart your computer for them to take affect. Making these changes shown in bold will allow full read and write control of your shared NTFS partitions through Samba.
One file located in folder “/etc”
Plane Text Filename: fstab
This is only a portion of fstab shown. The rw,defaults provides full read/write ability locally and through Samba file shearing. The folder where the drive is mounted such as “/Software” will be different in your fstab copy as will the disk uid. You are only changing the portion shown in bold for drives already being mounted by fstab when you start up your computer.
/dev/disk/by-id/<disk uid name and partition number> /Software ntfs-3g ** rw,defaults** 0 0
/dev/disk/by-id/<disk uid name and partition number> /Windows/HDC ntfs-3g rw,defaults 0 0
/dev/disk/by-id/<disk uid name and partition number> /Windows/HDD ntfs-3g rw,defaults 0 0
Create SWAT and Network Access Icon on Your Desktop:
If everthing has gone correctly for you, it is now time to see the results of your efforts. While SWAT will allow you to see if Samba is running and to make future modifications to your smb.conf file, all should be working after starting the four required services.
To create a SWAT desktop icon go to your desktop and right click your mouse and pick “Create New” and then “Link to Application”. Select the Application Tab and enter the Name “SWAT”. In the Command line enter “firefox localhost:901” and then select the General Tab. Press the icon button on the top left (which defaults to a page with a question mark). System icons will be selected by default. In the search line type in “samba” and pick the monitor icon with the Windows symbol on the bottom left. You can use any icon you want in the future for the SWAT browser function. Pick OK and then pick OK one more time and your changes will be saved. You should now have a SWAT icon on your desktop. Press the icon and see what happens. Firefox should start and an Authentication Window should appear. Enter “root” for the User Name and the root password for Password. Press the OK button and the main Samba screen should appear. Select the the Status Tab and see if smbd, nmbd and winbindd all show to be running. If so, so far so good.
Now we want to create a network Workgroup access icon on your desktop. On your desktop, right click your mouse and pick “Create New” and then “Link to Location (URL)”. A two line window pops up that says “Plasma Workspace”. On the “File Name:” line type in “SMB” and on the “Enter link location (URL):” enter the name of your Workgroup as “smb://workgroup/” were you substitute the name of your for “workgroup” and you do not enter the quotes. In my case I am entering “smb://windowsnt/” for my home Workgroup name. Press the OK button when done and you should now have an icon that will open up all of the computers on your network that are in your selected Workgroup. I get an Earth like icon with a network connection on the bottom. When I press the icon it starts up Dolphin which says “smb – Dolphin” in the top left hand corner and all of my fellow computers at home show up in the list. You can then select any computer sharing icon to see what you can browse through on that computer.
**
Windows Computer file Sharing:**
The intent of this document is to not go over how to share files from a Windows computer. In general file sharing in Windows XP just seems to work with Samba, however you may need to check a few things in Windows Vista and in Windows 7. On the Windows Vista or Windows 7 machine go to:
Start > Control Panel > Administrative Tools > Local Security Policy
In the application “Local Security Policy” open up “Local Polices” on the Left Tree options and select “Security Options”. On the right look for the setting called “Network Security: LAN Manager Authentication Level” and double click this setting with your mouse. On the first tab called “Local Security Setting” select the pull down option that says “Send LM and NTLM – use NTLMv2 session security if negotiated”. Hit the Apply button and then the OK button.
On the same “Security Options” page find the options called “Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients” and “Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers. Both should say next to them “No minimum” as its setting. If either security option does not say “No minimum” then double click that option and on the first tab labeled “Local Security Setting” uncheck the options for “Require NTLMv2 session security” and “Require 128-bit encryption” then press Apply and then OK to set the required options
After the above changes I still had an issue with a computer running Windows 7. When I entered my login name and password, it would not be accepted, even though it was correct. After searching the Internet I found the suggestion to uninstall the “Windows Live Sign in Assistant” on the windows 7 system. To do this on the Windows 7 machine select:
Start > Control Panel > Programs and Features
Allow the loaded application Window to populate with all of your applications then find the “Windows Live Sign in Assistant”, highlight it with your mouse and select to “Uninstall” the application. Reboot your computer when done and see if you can not log into your Windows 7 computer.
Thank You,
James D. McDaniel – Austin