Samba file server

Create a quick Samba file share server in Linux

Public + Protected folders
We will start this file server with two folders, each with their own unique function.
The "public" folder will be completely open to all and anyone on the network can read, add, remove, or modify it's contents
The "protected" folder will be visible to all but it's contents cannot be modified.

Installing Samba
Update packages
  • This is necessary when installing any Linux program
  • "-y" will automatically accept any prompts
  • sudo apt-get update -y

    Install Samba
    sudo apt install samba -y

    Open the firewall for Samba
    sudo ufw allow samba

    Creating the folders, users and groups
    Create folders
  • "-p" will automatically create the parent folder
  • sudo mkdir -p /share/public

    sudo mkdir /share/protected

    Create smbgroup
  • Adds the smbgroup for the smbusers to the system
  • sudo groupadd --system smbgroup

    Create smbuser
  • No home directory
  • Members of smbgroup
  • Cannot log into host system
  • sudo useradd --system --no-create-home --group smbgroup -s /bin/false smbuser

    Make smbuser and smbgroup own the folders
  • The "-R" flag is for "recursive" which will apply the changes to all child folders
  • sudo chown -R smbuser:smbgroup /share

    Give smbgroup write access to the folders
    sudo chmod -R g+w /share

    Configuring Samba
    Stop Samba
  • You want to stop the service while making edits to it
  • sudo systemctl stop smbd

    Edit the Samba configuration file
  • We will back up and rename the original configuration file
  • We will use nano as the text editor
  • sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.bak

    sudo nano /etc/samba/smb.conf

    Copy this configuration into the text editor and save
  • Press Ctrl+o then Enter to save in Nano
  • Press Ctrl+x to escape back to the Terminal

  • Start Samba
    sudo systemctl start smbd

    Check if Samba is running
    sudo systemctl status smbd

    View your hostname
  • This is your server's name on the network
  • In Windows it will appear as \\hostname
  • This command will display your server's hostname
  • hostname

    Connecting to Samba from a Windows client
    Enable file sharing in Windows with Powershell
  • Enable SMB Server/Client feature
  • Turn on file and printer sharing
  • Enable-WindowsOptionalFeature -Online -FeatureName "SMB1Protocol" -All
    Set-NetFirewallRule -DisplayGroup "File And Printer Sharing" -Enabled True -Profile Any

    Connect to Samba from Windows
  • Open the run dialogue in Windows (Windows Key + R)
  • Run \\hostname
  • Your hostname may differ, mine is ubuntu-vm
  • runsmb

    Private folder
    The next folder on the file server will be private.
    Hidden from public view and only accessible to "user2" with the right credentials.

    Create folder and user
    Create user for the system
  • This user will not have a home directory nor login for the system
  • The user will be named user2
  • sudo useradd -M -s /usr/sbin/nologin user2

    Create private folder
    sudo mkdir /private

    Give user2 permissions to folder
    sudo chown -R user2:user2 /private

    Give user2 write access to the folder
    sudo chmod -R g+w /private

    Configuring Samba
    Stop Samba
    sudo systemctl stop smbd

    Add user to Samba
  • You will be prompted to create a password
  • sudo smbpasswd -a user2

    Edit the Samba configuration file
    sudo nano /etc/samba/smb.conf

    Append this to your smb.conf file and save
    Start Samba
    sudo systemctl start smbd

    Connecting to a private directory from Windows
  • As a private directory, you can only connect to it with the direct address
  • Run \\hostname\private and enter user2's credentials
  • Your hostname may differ, mine is ubuntu-vm

  • Moving Samba folders to a secondary drive
    Generally, the drive with the operating system is not the main data store.
    Let's move the Samba folders we made to secondary drives with large storage capacities.

    Set permissions to parent folders
    Say your drive is mounted at /mnt/4TB and you want your folders to sit in /mnt/4TB/samba_folders,
    the folder samba_folders and those leading up to it must have editing permissions for the owner and group and read permissions for all.
  • Set the permissions for the folders leading up to and including samba_folders to 775
  • sudo chmod 775 /mnt

    sudo chmod 775 /mnt/4TB

    sudo chmod 775 /mnt/4TB/samba_folders

    Copy the folders to the new destination
    The rsync command with "-avz" flags will
  • a: keep original ownership/permissions
  • v: verbose output for transfer
  • z: compress files during transfer
  • sudo rsync -avz /share/public /mnt/4TB/samba_folders

    sudo rsync -avz /share/protected /mnt/4TB/samba_folders

    sudo rsync -avz /private /mnt/4TB/samba_folders

    Give user2 permissions to folder
    sudo chown -R user2:user2 /private

    Give user2 write access to the folder
    sudo chmod -R g+w /private