Posted by on
In this post, we show how to setup a simple/small LAN samba server. The setup is done on an OpenBSD distribution.
First we start by installing the samba package. This is done by first defining which mirror we will use to download the package and it dependencies.
export PKG_PATH=http://openbsd.cs.fau.de/pub/OpenBSD/`uname -r`/packages/`uname -m`/
pkg_add -r samba-3.6.15p15
The commands above install samba and its dependencies. One of these dependencies is python 2.7. To make this version of python the default one, we need to create the following symbolic links:
ln -sf /usr/local/bin/python2.7 /usr/local/bin/python
ln -sf /usr/local/bin/python2.7-2to3 /usr/local/bin/2to3
ln -sf /usr/local/bin/python2.7-config /usr/local/bin/python-config
ln -sf /usr/local/bin/pydoc2.7 /usr/local/bin/pydoc
We have now installed the samba package. The next step is to configure it. We are going to configure two shared folders. The first is a public share accessible on read and write for everyone. The second is accessible only to members of pre-defined group.
The following commands create the directory, set up the permissions and configure the required group and user.
mkdir -p /pub
chmod -R 777 /pub
mkdir -p /smb
chmod -R 777 /smb
groupadd staff
useradd samba
usermod -G staff samba
smbpasswd -a samba
The next step is changing the samba configuration file to reflect the setup we described above. The file /etc/samba/smb.conf should looks like the following:
[global]
workgroup = WORKGROUP
server string = Samba Server
security = user
log file = /var/log/samba/smbd.%m
max log size = 50
dns proxy = no
allow insecure wide links = no
map to guest = bad user
[pub]
comment = Public file space
path = /pub
read only = no
public = yes
force user = nobody
max connections = 10
[share]
comment = Shared directory
path = /smb
public = no
valid users = samba, @staff
writable = yes
browseable = yes
create mask = 0765
Most of the configuration above are default and self explanatory. It is worth mentioning that map to guest = bad user is necessary to have Windows user access the public share without being prompted an authentication popup.
Finally, we need to add some configuration flags to the samba service and enable it to auto start at boot time.
echo '
smbd_flags="-D"
nmbd_flags="-D"
' >> /etc/rc.conf.local
rcctl enable samba
After restarting the samba service rcctl restart samba, the shared folder should be accessible for our LAN users. You should also have the ports 139 and 445 open and on listening mode.
References: https://www.samba.org/samba/docs/man/manpages/smb.conf.5.html