Recommendations for SMB/CIFS file server configuration

Eric Shubert ejs at shubes.net
Mon Sep 13 17:00:07 MST 2010 

James Dugger wrote:
> 
> I checked the RAID configuration again and it is controlled with Ubuntu 
> and not the MB.  I configured the RAID as a part of the installation of 
> Server 10.04.

Good. You should see your array status with:
$ cat /proc/mdstat

>  > SMB and CIFS are pretty much the same thing. I could say simply that 
> CIFS is
>  > 'better' (given that it's a newer dialect of SMB), but that would be
>  > misleading. Do some googling and you'll find links such as this:
>  > http://linux.derkeiler.com/Mailing-Lists/SuSE/2007-03/msg01423.html
> 
> My understanding is that CIFS does not use the smb.conf file for file 
> server settings (I may be wrong on that).  Also that Samba is backward 
> compatible with older Windows OS like ME, 98 (my oldest Windows box is 
> XP Pro).  Currently file server is running CIFS, with the following 
> added to fstab on client box:
> 
> //192.168.0.2/av <http://192.168.0.2/av>   /home/username/av   cifs   
> credentials=/home/username/.smbcredentials,iocharset=utf8,file_mode,0777,dir_mode=0777 
> 0 0
> 
> av being the desired shared directory on the server
> 
> In each home directory of each user (client box) I have added the 
> .smbcredentials file with the following:
> 
> username=username
> password=password
> 
> This is working in one desktop however when I try to duplicate it on 
> another. I am getting an error when trying to mount the drive.
> 

I haven't used CIFS sans samba, so you could be in an area with which 
I'm not familiar.

I understand your mounting of a samba share using a client fstab entry. 
What did you do on the server to define the share named "av"?

Regarding mount error on the 2nd computer, is there perhaps a problem 
with having the "av" share mounted on different computers concurrently? 
I would see if the 2nd computer mounts it ok when the first computer is 
off (or simply umount the share on the 1st computer).

>  > KISS. Use what's simple. In a home environment, centralized user accounts
>  > are overkill, and not simple (unless you're a seasoned *nix 
> administrator).
>  > You might consider simply allowing guest access to everything, then
>  > tightening restrictions as you go.
> 
> I have a business folder and a webdev folder that I want protected from 
> Kids and guests mainly so there are no inadvertent losses in files or 
> overwrites etc.  Most computers are shared access with user accounts.  
> So I want the two folders above not even to appear on kids or guest 
> accounts.  This is where things get confusing for me in fstab (client 
> side) and smb.conf (server side).  Eventually I would love to have 
> separate servers for these however its not in the budget yet.

You really don't need separate servers (thankfully). Just restrict 
access to the business and webdev shares in the smb.conf file. You can 
do that in a simple way with hosts allow/deny parameters and IP 
addresses. You could also restrict their access to only your account. 
You would need to create your user ID for samba using the smbpasswd 
command in order for samba to recognize your user ID. (See man pages for 
smbpasswd and pdbedit commands).

>  > I would use samba(CIFS) for windows access, NFS for linux access.
>  > Automounting is pretty slick with CentOS/RHEL, and I expect that 
> Ubuntu has
>  > something similar. Also, you might consider using Netatalk for Mac 
> access.
> 
> So run NFS fileserver and Samba(CIFS) fileserver simultaneously on 
> headless server and configure clients with either NFS client or 
> samba(CIFS) client depending on OS?

Right. I'm not positive what would happen if you tried updating the same 
file via both mechanisms simultaneously (probably something bad), but in 
a home environment you should be fine.

> I purchased Using Samba 3rd Edition by O'Reilly to learn more about 
> Samba, Where can I find good doumentation of Samba, CIFS, and NFS?  As 
> you have commented more advanced configuration will require some 
> seasoning.  Much of the forum answers to questions are understandably 
> short on context and usually just generate more questions. 

There is a lot of documentation, some of it difficult to digest. I still 
google for things samba related sometimes. I haven't found anything I 
like any better than the O'Reilly book. The samba.org site is a good 
place to start ("learn Samba" menu item).

> Again thanks for your help.

Sure.
Samba can be pretty complicated, but it doesn't need to be. Keep it 
simple, and you'll improve your chances of success.

-- 
-Eric 'shubes'

More information about the PLUG-discuss mailing list