The /etc/samba/smb.conf file is broken into sections. Each section is a description of the resource shared (share) and should be titled appropriately. The three special sections are as follows:
• [global] Establishes the global configuration settings (defined in detail in the smb.conf man page and Samba documentation, found under the /usr/share/doc/samba/docs directory)
• [homes] Shares users' home directories and specifies directory paths and permissions
• [printers] Handles printing by defining shared printers and printer access
Each section in your /etc/samba/smb.conf configuration file should be named for the resource being shared. For example, if the resource /usr/iocai/programs is being shared, you could call the section [programs]. When Windows sees the share, it is called by whatever you name the section (programs in this example). The easiest and fastest way to set up this share is with the following example from smb.conf: [programs]
path = /usr/local/programs writeable = true
This bit shares the /usr/local/programs directory with any valid user who asks for it and makes that directory writable. It is the most basic share because it sets no limits on the directory.
Here are some parameters you can set in the sections:
• Requiring a user to enter a password before accessing a shared directory
• Limiting the hosts allowed to access the shared directory
• Altering permissions users are allowed to have on the directory
• Limiting the time of day during which the directory is accessible
The possibilities are almost endless. Any parameters set in the individual sections override the parameters set in the [global] section. The following section adds a few restrictions to the
path = /usr/local/programs writeable = true valid users = ahudsonahudson browseable = yes create mode = 0700
The valid users entry limits userid to just ahudson. All other users can browse the directory because of the browseable = yes entry, but only ahudson can write to the directory. Any files created by ahudson in the directory give ahudson full permissions, but no one else will have access to the file. This is exactly the same as setting permissions with the chmod command. Again, there are numerous options, so you can be as creative as you want to when developing sections.
Setting Global Samba Behavior with the [global] Section
The [global] section set parameters establishes configuration settings for all of Samba. If a given parameter is not specifically set in another section, Samba uses the default setting in the [global] section. The [global] section also sets the general security configuration for Samba. The [global] section is the only section that does not require the name in brackets.
Samba assumes that anything before the first bracketed section not labeled [global] is part of the global configuration. (Using bracketed headings in /etc/samba/smb.conf makes your configuration file more readable.) The following sections discuss common Samba settings to share directories and printers. You will then see how to test your Samba configuration.
Sharing Home Directories Using the [homes] Section
The [homes] section shares out Ubuntu home directories for the users. The home directory is shared automatically when a user's Windows computer connects to the Linux server holding the home directory. The one problem with using the default configuration is that the user sees all the configuration files (such as .profile and others with a leading period in the filename) that he normally wouldn't see when logging on through Linux. One quick way to avoid this is to include a path option in the [homes] section. To use this solution, each user who requires a Samba share of his home directory needs a separate "home directory" to act as his Windows home directory.
For example, this pseudo home directory could be a directory named share in each user's home directory on your Ubuntu system. You can specify the path option when using SWAT by using the %u option when specifying a path for the default homes shares (see the section "Configuring Samba Using SWAT" later in this chapter). The complete path setting would be this:
This setting specifies that the directory named share under each user's directory is the shared Samba directory. The corresponding manual smb.conf setting to provide a separate "home directory" looks like this:
comment = Home Directories path = /home/%u/share valid users = %S read only = No create mask = 0664 directory mask = 0775 browseable = No
If you have a default [homes] section, the share shows up in the user's Network Neighborhood as the user's name. When the user connects, Samba scans the existing sections in smb.conf for a specific instance of the user's home directory. If there is not one, Samba looks up the username in /etc/passwd. If the correct username and password have been given, the home directory listed in /etc/passwd is shared out at the user's home directory. Typically, the [homes] section looks like this (the browseable = no enTRy prevents other users from being able to browse your home directory and is a good security practice):
browseable = no writable = yes
Thisexample shares out the home directory and makes it writable to the user. Here's how you specify a separate Windows home directory for each user:
browseable = no writable = yes path = /path/to/windows/directories
Sharing Printers by Editing the [printers] Section
The [printers] section works much like the [homes] section but defines shared printers for use on your network. If the section exists, users have access to any printer listed in your Ubuntu
Like the [homes] section, when a print request is received, all the sections are scanned for the printer. If no share is found (with careful naming, there should not be unless you create a section for a specific printer), the /etc/printcap file is scanned for the printer name that is then used to send the print request.
For printing to work properly, you must correctly set up printing services on your Ubuntu computer. A typical [printers] section looks like the following:
comment = ubuntu Printers browseable = no printable = yes path = /var/spool/samba
The /var/spooi/samba is a spool path set just for Samba printing.
Was this article helpful?