new blog 2.0


0x02. [LPIC-302] Samba - introduction to basic configuration

Configuring Samba...
While configuring Samba we should start with learning about it's main config file structure, namely the structure of smb.conf. Many tutorials write entire chapters about it, but I think that an extract in form of bullet points is enough.

  • smb.conf has a general format of a Microsoft Windows INI file.
  • It is divided into sections denoted by a section name enclosed in square brackets, e.g.
    [share name]
  • Sections are file or printer shares that are available on the server.
  • The only section that is not a share is the [global] section.
  • Options specified in the [global] section determine the behavior of the server itself and not it's shares.
  • Every configuration directive in it is of the following format:
    configuration directive = value
  • All lines in the config file starting with ; (semicolon) or # (hash) are understood to be comments.
  • smb.conf DOES NOT support a mix of config parameters and comments on the same line
  • You can extend a long non-comment line in smb.conf file by adding \ (backslash) at it's end and continuing in the following line.
  • If you want to check for the correct smb.conf syntax, use the testparm(1) utility.
Samba variables and configuration parameters.

Samba has over 350 configuration options to apply in the smb.conf file, so you must admit that it is quite customizable just by this fact itself. I'm obviously not going to list them all here. Instead I'm pointing you to a very good reference, namely smb.conf(5) manual page. It describes all of the options we need + many more. So...
$ man 5 smb.conf
The variables as well as the values are not case nor whitespace sensitive.

SMB/CIFS TCP/IP Ports information
SMB/CIFS protocol requires to keep TCP/UDP open on the following ports:
  • 137/udp for nmbd (NetBIOS network browsing)
  • 138/udp for nmbd (NetBIOS name service)
  • 139/tcp for smbd (file and printer sharing)
  • 445/tcp for smbd (to run SMB/CIFS directly via TCP/IP)
  • 901 for SWAT, not essential
Samba logging
Samba logs normally live in /var/log/samba, but this path can be changed during compilation time with --with-logfilebase=/path parameter. If you are not sure about the path on your system, use the magic "smb -b" and grep it for LOGFILEBASE. All of the logging configuration options are optional and all of them come up in the [global] section. Please find the most interesting ones for us below:
  • log level or debug level - defines a loglevel that should be used. By default it is 0, which means it only logs critical events.
  • max log size - defines the maximum log file size.
  • syslog only - it tells smbd not to use the logfiles, but the syslog facility instead.

1 comment:

Anonymous said...

Making money on the internet is easy in the underground world of [URL=]blackhat backlinks[/URL], It's not a big surprise if you don't know what blackhat is. Blackhat marketing uses little-known or little-understood ways to produce an income online.