Installing Samba Packages

All major distributions ship with Samba, but they differ in how they break up the package. Some ship separate packages for clients, servers, and common support programs. Others combine two or all three of these packages. Some distributions provide ancillary packages, such as documentation. The distribution-by-distribution details are listed here:

Debian This distribution provides a shared samba-common package, separate client (smbclient) and server (samba) packages, a samba-doc package holding documentation, and a package holding the Samba Web Administration Tool (SWAT, in the swat package).

Mandrake This distribution provides a breakdown of Samba packages similar to Debian's, but the packages are named differently: samba-common, samba-client, samba-server, samba-doc, and samba-swat.

Red Hat Red Hat has chosen a split much like Mandrake's, except that its Samba server is in a package called samba instead of samba-server. Red Hat also provides a GUI configuration tool in redhat-config-samba.

Slackware Unlike most distributions, Slackware distributes Samba in one monolithic package called samba.

SuSE SuSE's main samba package includes most Samba functionality, including those features present in Samba common, Samba server, and SWAT packages in most other distributions. The samba-client package provides client functionality.

Note The Samba client functionality provided with Samba is for both an FTP-like client and a tool called smbmount that can mount SMB/CIFS shares. Thesmbmount program requires support in the Linux kernel in order to work, though. Figure 24.1 shows this option, called SMB File System Support. The Samba client package also includes tools to enable a Linux computer to print to a printer shared via SMB/CIFS.

Most Linux distributions' Samba packages include SysV startup scripts to launch the Samba server. These scripts are typically called smb, but Debian calls its script samba. Slackware ships with a separate rc.samba startup script for Samba. You can configure the server to start using the procedures described in Chapter 22. The Samba server actually consists of two main programs, smbd and nmbd, and the SysV scripts start both servers. After you make changes to your Samba configuration, you must restart the Samba server, typically by typing a command such as /etc/rc.d/init.d/smb restart. (The exact path and filename will vary depending on your distribution, of course.) The smbd server handles the actual file sharing tasks, while nmbd provides an interface to the NetBIOS name resolution tools used by SMB/CIFS. (These tools partially duplicate ordinary TCP/IP name resolution procedures, and they exist for historical reasons.) Although smbd can run effectively from a super server, nmbd operates poorly in this mode. For this reason, you shouldn't try to run Samba from a super server.

The SWAT package provides a web-based means of configuring Samba. SWAT normally runs from a super server. Once it's running, you can browse to http://localhost:901 on the server computer, or possibly browse to the server computer's port 901 from another system. SWAT will prompt for a username and password (enter root and the root password) and then display the main page, as shown in Figure 24.2. The Globals link enables you to set global options, which are introduced in the next section, "Setting Global Samba Options." The Shares and Printers links provide the means to set up file and printer shares, as described in the upcoming sections, "Creating File Shares" and "Creating Printer Shares." The SWAT configuration options closely mirror those in the main Samba configuration file, so using SWAT should be fairly straightforward once you've read the next three sections.

Figure 24.2: SWAT is a powerful web-based tool for configuring Samba. Warning Using SWAT from a remote computer (particularly one off of your local network) is potentially very risky because of the possibility that a miscreant might sniff your root password. Indeed, running SWAT at all poses some risks, because a miscreant with the root password could then modify your Samba configuration to grant access to /etc, and from there the cracker could do anything. Some distributions implement measures to reduce the risk. For instance, the Mandrake and Red Hat /etc/xinetd.d/swat files tellxinetd to accept connections for SWAT only from the localhost interface (127.0.0.1). If your distribution doesn't implement such restrictions by default, you should configure them yourself. Chapter 20 describes how to do this using packet-filter firewall rules, TCP Wrappers, or xinetd.

Figure 24.2: SWAT is a powerful web-based tool for configuring Samba. Warning Using SWAT from a remote computer (particularly one off of your local network) is potentially very risky because of the possibility that a miscreant might sniff your root password. Indeed, running SWAT at all poses some risks, because a miscreant with the root password could then modify your Samba configuration to grant access to /etc, and from there the cracker could do anything. Some distributions implement measures to reduce the risk. For instance, the Mandrake and Red Hat /etc/xinetd.d/swat files tellxinetd to accept connections for SWAT only from the localhost interface (127.0.0.1). If your distribution doesn't implement such restrictions by default, you should configure them yourself. Chapter 20 describes how to do this using packet-filter firewall rules, TCP Wrappers, or xinetd.

In addition to the main Samba packages, various ancillary tools exist. Some of these are GUI SMB/CIFS network browsers akin to the My Network Places or Network Neighborhood tools in Microsoft Windows. LinNeighborhood (http://www.bnro.de/~schmidjo/), which is shown in Figure 24.3, and Kruiser (http://devel-home.kde.org/~kruiser/) are two examples. Some distributions provide distribution-specific Samba configuration tools, such as Red Hat's redhat-config-samba. You can install such packages, but they aren't required for basic Samba functionality.

Figure 24.3: GUI SMB/CIFS browsers such as LinNeighborhood enable you to browse the contents of a Windows network.
0 0

Post a comment