Ceci est une ancienne révision du document !
This weekend I had a chat with someone who had issues with his media box. Specifically, issues he attributed to SAMBA. When talking to him, I realised he knew very little about SAMBA. He was just expecting it to “work”, but it worked only when his firewall was off. Doing some basic troubleshooting with him, I had my CnC article series for the rest of the year. You see, I used to teach Linux+ and LPIC. Though I think the certification is not worth the price, I do respect it, as it did not have “nonsense” questions. (OK when I wrote it, it did not). The questions were practical, and though there were a few suspect ones, I cannot recall any dumb ones. You know, the type Microsoft uses in their exams; if you have a network in Los Angeles, and a network in Washington, and your Administrator is in Barbados, what color is the CEO’s socks?
Let me give you the run-down. If, and this is a big IF, I remember correctly, it was part of LPIC-2. First thing you have to remember is that SAMBA uses port 445. In the old days, it ran on port 139, because of NETBIOS. I would suggest that any student who wishes to pass any IT exam, learn the basic ports by heart. You can use Anki – it works great on Ubuntu to make yourself some flashcards. If you are too lazy to do it, you don’t want the certification badly enough. SAMBA runs over TCP/IP, so no fire and forget. The other thing you must get an understanding of is the OSI model. SAMBA runs at the Application layer. SAMBA is a sort of unifying project, aiming to let Windows and Linux talk to each other. Server and workstation.
OK, now you take a piece of paper and pull out four facts from that paragraph.
What you also need to understand is that SAMBA is not only for file sharing, you can share printers with SAMBA as well. Why? Let’s go one step down and look at SMB (Server Message Blocks). The SMB protocol (“protocol” here is important) requires a response. It will send a request and will wait for a response. Now when we have Windows in the mix, be it workstation or server, you need to read up on CIFS. (Common Internet File Service). A way to remember that the “C” in CIFS stands for common, is to remember that it needs a common way to talk to Linux. Not common as in found everywhere, but common as in shared. One thing to be aware of, if you are using older stuff at home, is that IPV6 should rather be avoided. For work and for the exam, however, know that IPV6 is supported, but only on port 445, here’s that number again. Now CIFS on IPV6 requires the IBM Data Ontap Library v 7.3.x (in other words, 1-onwards) to work. (https://documents.uow.edu.au/~blane/netapp/ontap/upgrade/upgrading/concept/c_oc_upg_revert_ipv6.html). Now with CIFS, there are UDP ports at play, 137 & 138, because of NETBIOS, but you should not get it as an exam question, but keep that info handy. Nine times out of ten, when someone mentions SAMBA, think SMB over TCP.
TIP: Just remember that NETBIOS does not support IPV6.
Here is your reading for this section: https://www.varonis.com/blog/smb-port – don’t worry, it is very short.
TIP: If you use SAMBA for LDAP, the port you need to pay attention to is port 389, it is easy to remember, as the RDP port is 3389.
Let’s quickly talk about configuring SAMBA. I’ll break it up into a Linux section and a Windows section. Since we are Linux people, let’s talk about Linux configuration first.
Here comes the practical part. (what, you didn’t think you could do this as a mind experiment now?). Fire up Virtualbox and install Ubuntu server. https://ubuntu.com/download/server
I suggest you also grab the CLI cheat sheet. Just fill the form out with junk and once done, the cheat sheet will download, without you getting spam or your details leaked.
Obviously you will put in your own password on the next screen, and “next” through it.
You are going to do the same with the configuration, just “Done” through it.
Once completed, reboot and log in.
Your first order of business is going to be:
sudo apt install samba
and once done:
whereis samba
If you already have a server set up that you can use, you can check if the daemons are running:
systemctl status smbd
systemctl status nmbd
I’m just going to follow along here to get it done: https://ubuntu.com/tutorials/install-and-configure-samba#3-setting-up-samba
When we do the configuring, I will explain each bit so that a newbie would get it, so for now, just go along as this is the easy part.
mkdir /home/<username>/sambashare/
sudo nano /etc/samba/smb.conf
at the end of the file, add:
[sambashare]
comment = Samba on Ubuntu path = /home/<username>/sambashare read only = no browsable = yes
One, two, three, spaces, it does not matter, the indentation here is not white space sensitive.
As always, after any reconfiguration, restart the service:
sudo service smbd restart
or you can use:
systemctl restart smbd
If you use UFW, then you need to allow SAMBA to pass:
sudo ufw allow samba
Nothing fancy or difficult (and, as you can see, I made a mistake that I need to fix quick. This is why syntax highlighting is great!).
The catch here is read only = no is equivalent to writeable = yes
Now if you are like me and prone to type the wrong thing, please type: testparm
It will check your config file for errors.
What you are looking for is, “Loaded services file OK.”
Just like that, we have our base that we will be working from. Join us in the next issue for adding a samba user and explaining a bit more, to paint out the picture.
If I explained anything badly, misc@fullcirclemagazine.org