In this tutorial, you will learn a quick way to setup Samba file server on Debian 10. Samba is an opensource suite that implements the Server Message Block (SMB) protocol. Microsoft Windows operating systems and the OS/2 operating system use SMB to perform client-server networking for file and printer sharing and associated operations. Running on a Unix system, it allows Windows to share files and printers on the Unix host, and it also allows Unix users to access resources shared by Windows systems. It is therefore a very useful networking tool for anyone who has both Windows and Unix systems on their network.
Setting up Samba File Server on Debian 10
Samba can be run as:
- An Active Directory (AD) or NT4 domain member
- A standalone server
- An NT4 Primary Domain Controller (PDC) or Backup Domain Controller (BDC)
In this setup, we will run Samba as a standalone file server on Debian 10.
Step through the following steps to learn how to easily install and configure Samba file server on Debian 10.
Install Samba on Debian 10
To easily install and configure Samba File Server on Debian 10, you first need to install Samba packages by running the commands below;
apt updateapt install samba smbclient cifs-utilsSetup Samba File Server
As already stated, in this setup, we will run Samba as a standalone file server on Debian 10. This means that Samba is not configured as a member of any directory service and thus, local system database will be used for authenticating users to access shared files.
Create Shared Samba Directory/Folder
Create a directory where you will place the files to be shared.
You can create a public or a private shared folders.
For example, in this setup, we use /public and /private as our public and private shared directories respectively.
mkdir /publicmkdir /private
We will allow public access to the public folder and a few users to access the private folder.
Open the Samba configuration file for editing;
vim /etc/samba/smb.confGlobal Samba configuration options
Below is our global Samba configuration, with comment lines removed.
[global]
workgroup = WORKGROUP
log file = /var/log/samba/log.%m
max log size = 1000
logging = file
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yesConsult man smb.conf for a description of the configuration options used.
Configure Samba Shares
For now, we will only be configuring file sharing.
Hence, at the end of the Samba configuration file, add the share name and the respective configuration options.
In above, we created two directories, a public and a private one. We will set the public share as publicly accessible and private one will require authentication to access it.
Public Share Configuration
Example public share configurations.
[public]
comment = Public Folder
path = /public
writable = yes
guest ok = yes
guest only = yes
force create mode = 775
force directory mode = 775Private Share Configuration
Example Private share configuration.
[private]
comment = Private Folder
path = /private
writable = yes
guest ok = no
valid users = @smbshare
force create mode = 770
force directory mode = 770
inherit permissions = yesCreate Samba Share User Group
The above Private share will only allow users of the smbshare group to access the share.
Therefore, let us create an smbshare group and add specific users to this group to allow access to the private share.
groupadd smbshareUpdate the permissions of the Shares
Change the group of the shared private directory;
chgrp -R smbshare /private/chgrp -R smbshare /public
Set the permissions of the directory;
chmod 2770 /private/chmod 2775 /public
The value 2 above represents SGID bit. This makes the new files/folders created to inherit the group of the parent directory instead setting it to the users primary group.
Create Samba Users
Next, create local accounts for the users you would like to give access to the private share. The users doesn’t need to have the shell as they wont be used to login to the system.
useradd -M -s /sbin/nologin demouserAdd the user to the smbshare group;
usermod -aG smbshare demouserYou can combine the two commands above using the command:
useradd -M -s /sbin/nologin -G smbshare demouserVerify the user;
id demouseruid=1001(demouser) gid=1002(demouser) groups=1002(demouser),1001(smbshare)Create SMB password for the user;
smbpasswd -a demouserEnable the Samba account:
smbpasswd -e demouserVerifying the Samba configuration
It is recommended that you verify the Samba configuration each time you update the /etc/samba/smb.conf file using the testparm utility
You can simply execute it as follows:
testparmSample output;
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[public]"
Processing section "[private]"
Loaded services file OK.
Server role: ROLE_STANDALONE
...In case of any error, fix it before you can proceed.
Restart Samba service on Debian 10;
systemctl restart nmbdCreate test files/folders on the shares;
mkdir /private/demofolder-priv /public/demofolder-pubtouch /private/demofile-priv /public/demofile-pubAllow Remote Access to Samba
To allow remote access to Samba from a specific network/IP addresses. Replace the network, 192.168.59.0/24 appropriately.
ufw allow from 192.168.59.0/24 to any app SambaAccessing SMB Shares from Clients
Test access to the share locally;
smbclient '\\localhost\public'Enter WORKGROUP\root's password: ENTER for no password
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Wed Jun 9 14:20:16 2021
.. D 0 Wed Jun 9 13:40:52 2021
demofolder-pub D 0 Wed Jun 9 14:20:06 2021
demofile-pub N 0 Wed Jun 9 14:20:16 2021
13350984 blocks of size 1024. 7957104 blocks available
smb: \>Test access to private share locally;
smbclient '\\localhost\private' -U demouserEnter WORKGROUP\demouser's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Wed Jun 9 14:20:16 2021
.. D 0 Wed Jun 9 13:40:52 2021
demofile-priv N 0 Wed Jun 9 14:20:16 2021
demofolder-priv D 0 Wed Jun 9 14:20:06 2021
13350984 blocks of size 1024. 7957088 blocks available
smb: \>To learn how to access SMB share from various clients, follow the guide below;
How to Access Samba Share on Linux and Windows Systems
That brings us to the end of our tutorial on how to easily install and configure Samba File Server on Debian 10.
Other Tutorials
Easily Install and Configure Samba File Server on Ubuntu 20.04
Install and Setup GlusterFS Storage Cluster on CentOS 8
