Quick Way to Setup Samba File Server on Debian 10

0
316

In this tutorial, you will learn a quick way to setup Samba file server on Debian 10. Samba is an opensource suite that implements the Server Message Block (SMB) protocol. Microsoft Windows operating systems and the OS/2 operating system use SMB to perform client-server networking for file and printer sharing and associated operationsRunning on a Unix system, it allows Windows to share files and printers on the Unix host, and it also allows Unix users to access resources shared by Windows systems. It is therefore a very useful networking tool for anyone who has both Windows and Unix systems on their network.

Setup Samba File Server on Debian 10

Samba can be run as:

  • An Active Directory (AD) or NT4 domain member
  • A standalone server
  • An NT4 Primary Domain Controller (PDC) or Backup Domain Controller (BDC)

In this setup, we will run Samba as a standalone file server on Debian 10.

Step through the following steps to learn how to easily install and configure Samba file server on Debian 10.

Install Samba on Debian 10

To easily install and configure Samba File Server on Debian 10, you first need to install Samba packages by running the commands below;

apt update
apt install samba smbclient cifs-utils

Setup Samba File Server on Debian 10

Once the Samba package is installed, proceed to setup Samba file server on Debian 10.

As already stated, in this setup, we will run Samba as a standalone file server on Debian 10. This means that Samba is not configured as a member of any directory service and thus, local system database will be used for authenticating users to access shared files.

Create Shared Samba Directory/Folder

Create a directory where you will place the files to be shared.

You can create a public or a private shared folders.

For example, in this setup, we use /public and /private as our public and private shared directories respectively.

mkdir /public
mkdir /private

We will allow public access to the public folder and a few users to access the private folder.

Setup Samba File Server on Debian 10

Open the Samba configuration file for editing;

vim /etc/samba/smb.conf
Global Samba configuration options

Below is our global Samba configuration, with comment lines removed.

[global]
   workgroup = WORKGROUP
   log file = /var/log/samba/log.%m
   max log size = 1000
   logging = file
   panic action = /usr/share/samba/panic-action %d
   server role = standalone server
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
   map to guest = bad user
   usershare allow guests = yes

Consult man smb.conf for a description of the configuration options used.

Configure Samba Shares

For now, we will only be configuring file sharing.

Hence, at the end of the Samba configuration file, add the share name and the respective configuration options.

In above, we created two directories, a public and a private one. We will set the public share as publicly accessible and private one will require authentication to access it.

Public Share Configuration

Example public share configurations.

[public]
   comment = Public Folder
   path = /public
   writable = yes
   guest ok = yes
   guest only = yes
   force create mode = 775
   force directory mode = 775
Private Share Configuration

Example Private share configuration.

[private]
   comment = Private Folder
   path = /private
   writable = yes
   guest ok = no
   valid users = @smbshare
   force create mode = 770
   force directory mode = 770
   inherit permissions = yes
Create Samba Share User Group

The above Private share will only allow users of the smbshare group to access the share.

Therefore, let us create an smbshare group and add specific users to this group to allow access to the private share.

groupadd smbshare
Update the permissions of the Shares

Change the group of the shared private directory;

chgrp -R smbshare /private/
chgrp -R smbshare /public

Set the permissions of the directory;

chmod 2770 /private/
chmod 2775 /public

The value 2 above represents SGID bit. This makes the new files/folders created to inherit the group of the parent directory instead setting it to the users primary group.

Create Samba Users

Next, create local accounts for the users you would like to give access to the private share. The users doesn’t need to have the shell as they wont be used to login to the system.

useradd -M -s /sbin/nologin demouser

Add the user to the smbshare group;

usermod -aG smbshare demouser

You can combine the two commands above using the command:

useradd -M -s /sbin/nologin -G smbshare demouser

Verify the user;

id demouser
uid=1001(demouser) gid=1002(demouser) groups=1002(demouser),1001(smbshare)

Create SMB password for the user;

smbpasswd -a demouser

Enable the Samba account:

smbpasswd -e demouser

Verifying the Samba configuration

It is  recommended that you verify the Samba configuration each time you update the /etc/samba/smb.conf file using the  testparm utility 

You can simply execute it as follows:

testparm

Sample output;

rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[public]"
Processing section "[private]"
Loaded services file OK.
Server role: ROLE_STANDALONE
...

In case of any error, fix it before you can proceed.

Restart Samba service on Debian 10;

systemctl restart nmbd

Create test files/folders on the shares;

mkdir /private/demofolder-priv /public/demofolder-pub
touch /private/demofile-priv /public/demofile-pub

Allow Remote Access to Samba

To allow remote access to Samba from a specific network/IP addresses. Replace the network, 192.168.59.0/24 appropriately.

ufw allow from 192.168.59.0/24 to any app Samba

Accessing SMB Shares from Clients

Test access to the share locally;

smbclient '\\localhost\public'
Enter WORKGROUP\root's password: ENTER for no password
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Wed Jun  9 14:20:16 2021
  ..                                  D        0  Wed Jun  9 13:40:52 2021
  demofolder-pub                      D        0  Wed Jun  9 14:20:06 2021
  demofile-pub                        N        0  Wed Jun  9 14:20:16 2021

		13350984 blocks of size 1024. 7957104 blocks available
smb: \>

Test access to private share locally;

smbclient '\\localhost\private' -U demouser
Enter WORKGROUP\demouser's password: 
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Wed Jun  9 14:20:16 2021
  ..                                  D        0  Wed Jun  9 13:40:52 2021
  demofile-priv                       N        0  Wed Jun  9 14:20:16 2021
  demofolder-priv                     D        0  Wed Jun  9 14:20:06 2021

		13350984 blocks of size 1024. 7957088 blocks available
smb: \>

To learn how to access SMB share from various clients, follow the guide below;

How to Access Samba Share on Linux and Windows Systems

That brings us to the end of our tutorial on how to easily install and configure Samba File Server on Debian 10.

Other Tutorials

Easily Install and Configure Samba File Server on Ubuntu 20.04

Install and Setup GlusterFS Storage Cluster on CentOS 8

How to Configure NFS Server on Ubuntu 18.04 Server

How to Install and Configure NFS Server on RHEL/CentOS 7

LEAVE A REPLY

Please enter your comment!
Please enter your name here