The original reason for this post is the setup of the server relating to sharing media files with serveral users in the home network. As I had to discover there were still some problems on which I had to spend much time to solve them. So to give it a name: I wan't to tell about Samba and further file administration problems.
Before I can start with the linux specific stuff, I will explain the environment and the conditions in my home network. There are actually only two users: me and another one. I have, as one can imagine, a Linux machine and he (the other one) has a Windows machine. Although it doesn't effect the problem directly I have to mention that the other user uses a very well known smartphone of Apple and therefore also iTunes. But this is another problem. The server runs with Linux, too. Both client machines shall have access to shared directories on the server, for instance for:
- music
- videos
- pictures
- documents
- backups.
That is to say, we both use the same media directories with different programmes from different platforms.
Now to the server side. The media data to share is stored on a RAID 1 array mounted at /media/data owned by the root user. The first steps to take are about creating the directories you wan't to share.
sudo mkdir /media/data/music
sudo mkdir /media/data/videos
... (also for the other directories)
The next step is to set up the users and groups that will be allowed to access shared media data. In this setup I will create the users user1 and user2, and the group share_media. Every user in this group shall get access to the data.
sudo groupadd share_media (create the group)
sudo adduser user1
sudo usermod -a -G share_media user1
... repeat the procedure for user2
At the moment the directory /media/data still is owned by the user root and the group root. To let the subdirectories be accessed by users of the created group, the directories have to be assigned the group share_media.
sudo chgrp -R share_media /media/data/*
This assigns the group to all children of /media/data. In my case the directory lost+found is also a child which should be owned by the root user. In this case you should replace * by the special sub directory name.
Now the time is right for installing Samba, a server that enables Linux to share files or directories with other Windows, MAC OS or Linux machines.
sudo apt-get install samba
For configuring Samba you have to open the configuration file /etc/samba/smb.conf in your favourite editor. I do it with vim. How vim works you can see here linuxconfig.org/Vim_Tutorial. Because the owner is root you have to prepend sudo again.
sudo vim /etc/samba/smb.conf
Typically many debian (the ancestor system of Ubuntu) configuration files consist of
- comments marked by the sign "#"
- sections surrounded by square brackets, example: [section name]
- settings in the form of: key = value
[Shared Music]
comment = A shared directory for music on the server.
path = /media/data/music
writeable = yes
browseable = yes
guest ok = no
valid users = @share_media
create mask = 0775
directory mask = 0775
comment = A shared directory for music on the server.
path = /media/data/music
writeable = yes
browseable = yes
guest ok = no
valid users = @share_media
create mask = 0775
directory mask = 0775
Actually the last two lines were the most difficult thing costing me much time to figure out that I had to set these lines. The explanation for this comes a bit later when I talk about file permissions. Although we already have set unix passwords for our users we still must set up users and passwords for Samba. You do it like the following line shows.
sudo smbpasswd -a user1 (then type in the password for user1 again)
... repeat it for user2
Now you can restart the Samba server to get the changes applied.
sudo service smbd restart
When you try to access the shared directory from another machine in the network you should be promted to type in your user name and password. Actually without the mentioned second lines in the Samba share configuration you would only be able to read the shared directories. So now I will explain what these lines are about.
The typical umask (see en.wikipedia.org/wiki/Umask for understanding the term) is 0022 (or shorter 022). This means when directories are created the default permissions are rwxr-xr-x. So the owner (first 3 signs) is able to read, write and execute (when it is a directory the x means you can access it). Users in the same group (second 3 signs) and other users (last 3 signs) are only allowed to read and to execute.
For the shared directory this would mean: When user1 creates a sub directory, user2 is not allowed to write in that directory (create files). This is not the way that I need it. So I had to define an other mask for Samba. The mask system used in smb.conf is another one than umask. There you still have 4 positions with numbers but each number is the sum of the 3 granted rights:
- read with number 4
- write with number 2
- execute / access with number 1.
Until now you have declared how Samba should handle the share and modification operations (rwx). But the shared directories still have the default permission values. These have to be set now.
sudo chmod -R g+rws /media/data/* (take care for lost+found explained above)
That's it. Now you should be able to create, modifiy and delete directories and files with different users from different systems.
No comments:
Post a Comment