Sharing Resources Using Samba

Samba is a suite of utilities that allows your Linux box to share files and other resources such as printers with Windows boxes. Either configuration will allow everyone at home to have their own logins on all the home windows boxes while having their files on the Linux box appear to be located on a new Windows drive shared access to printers on the Linux box shared files accessible only to members of their Linux user group.

Configure samba server

Prerequisites of samba server

  • linux server with ip address 192.189.0.254 and hostname Server

  • A window client with ip address 192.189.0.2 and hostname Client2

  • Updated/etc/hosts file on linux system

  • Running port map and xinetd services

  • Firewall should be off on server

Configuring SWAT (Samba web administration tool)

  • Samba has a web based configuration tool called SWAT that allows you configure your smb.conf file no need to remember all the formatting.

  • Each SWAT screen is actually a form that covers a separate section of the smb.conf file into which you fill in the desired parameters.

  • For ease of use, each parameter box has its own online help.

Basic SWAT setup

  • You must always remember that SWAT edits the smb.conf file but also strips out any comments you may have manually entered into it beforehand.

  • The original Samba smb.conf file has many worthwhile comments in it and should be saved as a reference before proceeding with SWAT which will remove them.

  • For example, you could save the original file with the name /etc/samba/smb.conf.original as seen below.
[root@wilshire~]# cp /etc/samba/smb.conf /etc/samba/smb.conf.original
  • As you can see, using SWAT requires some understanding of the smb.conf file parameters because it eliminates these comments.

  • It is therefore always good practice to become familiar with the most important options in this file before proceeding with SWAT.

  • SWAT doesn’t encrypt your login password. This may be a security concern in a corporate environment.

  • Because of this, you may want to create a Samba administrator user that has no root privileges and/or only enable SWAT access from the GUI console or localhost.

 service swat
{
port = 901
socket_type
protocol
wait = no
user = root
server = /usr/sbin/swat log_on_failure += USERID disable = no only_from = localhost }

The formatting of the file is fairly easy to understand, especially as there are only two entries of interest. The disable parameter must be set to no to accept connections.

Therefore to activate SWAT

  • The default configuration only allows SWAT web access from the VGA console as user “root” on port 901 with the Linux root password.

  • This means you’ll have to enter http://127.0.0.0:901 in your browser to get the login screen.

  • You can make SWAT accessible from other servers by adding IP address entries to the only_from parameter of the SWAT configuration file.

  • Here’s an example of an entry to allow connections only from 192.189.1.3 and localhost. Notice there is no commas between the entries.

only_from = localhost 192.189.1.3

Therefore, in this case you can also configure Samba on your Linux server Skynet IP with address 192.189.1.100 from PC 192.189.1.3 using the URL http://192.189.1.100:901. Remember that most firewalls don’t allow TCP port 901 trough their filters. You may have to adjust your rules for this traffic to pass.

Controlling SWAT

As with all xinetd controlled applications, the chkconfig command will automatically modify the “disable” field accordingly in the configuration file and activate the change.

Activating SWAT

[root@wilshire~] chkconfig swat
on Deactivating SWAT
[root@wilshire~] chkconfig swat off

Subscribe For More Content