Samba
Samba is a re-implementation of the SMB/CIFS networking protocol, a Microsoft Windows alternative to Network File System (NFS).
Installation
Kernel
File Systems --->
[*] Network File Systems --->
[*] CIFS support (advanced network filesystem, SMBFS successor)--->
[*] CIFS Statistics
[*] Extended Statistics
[*] CIFS Extended Attributes
[*] CIFS POSIX Extentions
[*] SMB2 and SMB3 network file system support
If a share fails to mount with the error
CIFS VFS: Unknown vers= option specified: 2.1
, enable the CONFIG_CIFS_SMB2 kernel option.Samba
Samba is a full software suite capable of hosting file shares via SMB, connecting to SMB share hosted non-locally, along with many other features. If the system will only need to mount shares hosted on other systems, then jump to the CIFS section.
USE flags
USE flags for net-fs/samba Samba Suite Version 4
+regedit
|
Enable support for regedit command-line tool |
+system-mitkrb5
|
Use app-crypt/mit-krb5 instead of app-crypt/heimdal. |
acl
|
Add support for Access Control Lists |
addc
|
Enable Active Directory Domain Controller support |
ads
|
Enable Active Directory support |
ceph
|
Enable support for Ceph distributed filesystem via sys-cluster/ceph |
client
|
Enables the client part |
cluster
|
Enable support for clustering |
cups
|
Add support for CUPS (Common Unix Printing System) |
debug
|
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces |
fam
|
Enable FAM (File Alteration Monitor) support |
glusterfs
|
Enable support for Glusterfs filesystem via sys-cluster/glusterfs |
gpg
|
Use app-crypt/gpgme for AD DC |
iprint
|
Enabling iPrint technology by Novell |
json
|
Enable json audit support through dev-libs/jansson |
ldap
|
Add LDAP support (Lightweight Directory Access Protocol) |
llvm-libunwind
|
Use llvm-runtimes/libunwind instead of sys-libs/libunwind |
lmdb
|
Enable LMDB backend for bundled ldb |
pam
|
Add support for PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip |
profiling-data
|
Enables support for collecting profiling data |
python
|
Add optional support/bindings for the Python language |
quota
|
Enables support for user quotas |
selinux
|
!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur |
snapper
|
Enable vfs_snapper module (requires sys-apps/dbus) |
spotlight
|
Enable support for spotlight backend |
syslog
|
Enable support for syslog |
system-heimdal
|
Use app-crypt/heimdal instead of bundled heimdal. |
systemd
|
Enable use of systemd-specific libraries and features like socket activation or session tracking |
test
|
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently) |
unwind
|
Enable libunwind usage for backtraces |
winbind
|
Enables support for the winbind auth daemon |
zeroconf
|
Support for DNS Service Discovery (DNS-SD) |
Especially when setting up an AD DC: Read the current Samba documentation and release notes. MIT kerberos support is still marked experimental in Samba. System Heimdal support also seems broken at the Samba side - That's why, system-heimdal keyword is currently hard masked. For AD DC production environments, running Samba with the bundled heimdal kerberos should be considered at the moment.
Emerge
Install Samba:
root #
emerge --ask --noreplace net-fs/samba
Samba can also be installed by setting the global USE flag samba
and updating the system:
root #
emerge --ask --changed-use --deep @world
CIFS
CIFS utilities are capable of mounting hosted file shares via SMB. If the system will need to do more than mounting SMB shares, then jump to the Samba section.
USE flags
If the full Samba software suite is not needed, the net-fs/cifs-utils package is available:
USE flags for net-fs/cifs-utils Tools for Managing Linux CIFS Client Filesystems
+acl
|
Add support for Access Control Lists |
+ads
|
Enable Active Directory support and create cifs.idmap binary - idmap support |
+caps
|
Enable sys-libs/libcap-ng support |
+python
|
Enable support for python and install python tools |
creds
|
cifs credentials support |
pam
|
Add support for PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip |
systemd
|
Enable use of systemd-specific libraries and features like socket activation or session tracking |
Emerge
Emerge the CIFS user-space tools:
root #
emerge --ask net-fs/cifs-utils
Usage
Services
OpenRC
When using OpenRC, adding Samba to the default runlevel will enable the Samba service to start when the system boots:
root #
rc-update add samba default
To start the Samba service now issue:
root #
eselect rc start samba
systemd
For systemd users, the Samba service can be configured to start during boot using systemctl:
root #
systemctl enable smb.service
To start the service immediately issue:
root #
systemctl start smb.service
Once the client is fully configured, the shares can soon be accessed.
Create the mount points:
root #
mkdir -p /mnt/My-Disk/{Media,Shared}
Manually mount the exported folders:
root #
mount.cifs //O2-Foobar/Media /mnt/My-Disk/Media -o guest
root #
mount.cifs //O2-Foobar/Shared /mnt/My-Disk/Shared -o guest
To automatically mount guest shares on boot:
//O2-Foobar/Media /mnt/My-Disk/Media cifs guest
//O2-Foobar/Shared /mnt/My-Disk/Shared cifs guest
To define user protected shared which can be mounted manually
//O2-Foobar/Media /mnt/My-Disk/Media cifs _netdev,noauto,user=larry
//O2-Foobar/Shared /mnt/My-Disk/Shared cifs _netdev,noauto,user=larry
These mounts can be mounted with:
root #
mount /mnt/My-Disk/{Media,Shared}
* In the case of permission problems are encountered when trying to create files and folders on the disk, try to use
gid=<user's_gid>, uid=<user's_uid>
- Be sure to replace
<user's_gid>
with the user ID of choice.
Troubleshooting
Some problems may occur when trying to mount new CIFS shares. The following sections attempt to provide resolutions to common problems.
Cannot resolve <server-name>
More specifically, the actual error:
root #
mount.cifs ...
"mount error: could not find target server. TCP name foo/bar not found. No ip address specified and hostname not found"
This can easily be fixed by editing /etc/nsswitch and appending wins
next to the hosts
entry:
hosts: files dns wins
If this does not work, use the CIFS server's IP address instead of the O2-Foobar hostname. The nmblookup utility (provided by net-fs/samba) comes in handy when trying to find the IP address of an CIFS host:
root #
nmblookup O2-Foobar
If the system shutdown hangs at
* Unmounting network filesystems ...
then users must make sure the CIFS shares are unmounted properly before udev tries to stop. One way to work around this is to create local.d scripts to unmount the CIFS filesystems:
root #
echo "umount -a -t cifs -f" > /etc/local.d/cifs.stop
root #
chmod a+x /etc/local.d/cifs.stop
If Samba does not start after upgrading to Samba 4.2.11 with the following error:
../lib/param/loadparm.c:1082(lp_set_enum_parm) WARNING: Ignoring invalid value 'share' for parameter 'security' ../source3/smbd/server.c:1256(main) error opening config file '/etc/samba/smb.conf'
Change the Samba security parameter from share
to user
:
[global]
security = user
If guest access is enabled and the client is requesting the share username/password, set the map to guest parameter to bad user
:
[global]
map to guest = bad user
Samba daemon fails to start without error
If Samba daemon does not start:
root #
/etc/init.d/samba restart
* samba -> start: smbd ... * start-stop-daemon: failed to start `/usr/sbin/smbd' [ !! ] * samba -> start: nmbd ... * start-stop-daemon: failed to start `/usr/sbin/nmbd' [ !! ] * Error: starting services (see system logs) * samba -> stop: smbd ... * start-stop-daemon: no matching processes found [ ok ] * samba -> stop: nmbd ... * start-stop-daemon: no matching processes found [ ok ]
And Samba logs do not indicate any errors:
[2022/06/04 20:20:48.851120, 0] ../../source3/smbd/server.c:1741(main)
smbd version 4.16.1 started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
Check that /var/lock has space:
root #
df -h /var/lock
Filesystem Size Used Avail Use% Mounted on tmpfs 1.0M 1.0M 0 100% /var/lock
See also
- Samba (Security Handbook) - The Security Handbook's entry on how to secure a system running Samba.
- Samba/Guide — provides a details guide showing users how to share files and printers between Windows and *nix PCs.
- Samba/Samba 4 Migration — introduces the migration of Samba 3 to Samba 4 with LDAP on Gentoo boxes.
- Smbnetfs — a FUSE-based filesystem for SMB/CIFS shares.
- SSHFS — a secure shell client used to mount remote filesystems to local machines.
- Nfs-utils — a file system protocol that allows client machines to access network attached filesystems (called exports) from a host system.