Scott O'Brien

Ramblings and resources of my online life

Allowing access through NFS & SAMBA

2011-04-04 11:53:32 +0000 +0000

Cifs Share

CIFS (Common Internet File System), the protocol windows users for all it’s ‘windows file sharing’ is the method I’ll allow for my desktops and roaming computers to access files on the file server.

Before we begin, Make sure we install the CIFS kernal modules

1
# pkg install SUNWsmbs # pkg install SUNWsmbskr

next we issue this command to make sure it auto starts

1
# svcadm enable -r smb/server

I’ve decided for every day use, I want a data store on the server, so..

1
# zfs create datastore/homes # zfs create datastore/homes/scott

now, set up compression on my home directory

1
# zfs set compression=on datastore/homes

Time to do some setup so we can log into this share, I’ll make the box join the workgroup ‘home

1
# smbadm join -w home

To start sharing with windows boxes, I need to change the pam.conf file to generate windows passwords too. Add the line below /etc/pam.conf

1
other password required pam_smb_passwd.so.1 nowarn

reset the password for my user scott, then I’ll be able to authenticate with him

1
# passwd scott

The next step is setting up guest access. You may remember we created a media share datastore/media. We want to share that with guests to the network (on the trusted subnet anyway). Before we go ahead and set that up, we want to map the windows Guest user to the unix user nobody.

1
# idmap add winname:Guest unixuser:nobody

then we’ll allow guest access to our media box

1
# zfs set sharesmb=name=media,guestok=true datastore/media

I also want to make my home directory only accessible by me, so I’m going to own the directory

1
chown scott /datastore/homes/scott chgrp staff /datastore/homes/scott chmod 700 /datastore/homes/scott

and share it

1
# zfs set sharesmb=name=scott datastore/homes/scott

So there we have it, a media folder anyone can access, and a ‘scott’ share that I’ll need to authenticate with (HOME\scott user)

NFS Shares

Now we’ve got CIFS set up for our clients, I want to set up NFS shares for other Linux boxes on the network (at this point, only my router) to be able to access. The idea is that my router will have all the home directories on the FileServer (so it’ll get the advantages of snapshots, etc) we well as not being limited to the dying 60GB hard disk for torrenting and such things.

As mentioned, I’m only interested in NFS shares with my router at this point, so we’ll make sure my routers IP address (10.12.1.254) is restricted in the shares.

The first thing we want to try is setting up the nfs mount on our homes directory.

1
# zfs set <a href="mailto:[email protected],[email protected]">[email protected],[email protected]</a> datastore/homes

Now, on my debian router box I want to see if I can mount this (assuming the directory /home2/scott exists on the client)

sudo mount -t nfs -o nfsvers=3 10.12.1.1:/datastore/homes/scott /home2/scott

and Ta-Da! My home directory is mounted. What I want to do now is to set up auto-mounts. That is, when a directory is accessed for my users home directory, it’d mount it on the fly.

First, install the autofs package

1
apt-get install autofs

Add the following line into /etc/auto.master

1
/home2 /etc/auto.home -–timeout=60

and the following into the file /etc/auto.home

1
* -fstype=nfs,rw,nosuid,soft,vers=3 server:/datastore/homes/&#038;

the * and /datastore/homes/� do their magic by automatically mounting the required directory when needed (as long as the /etc/init.d/autofs is started)

Now lets add a place for our downloads

1
# zfs create datastore/media/downloads # zfs set sharenfs=root=router,rw=router datastore/media/downloads

I chose to just mount this using the automounter under the home2 directory, I added this to the /etc/auto.home file

1
downloads -fstype=nfs,rw,nosuid,soft,vers=3 10.12.1.1:/datastore/media/downloads

Pretty neat, now when you head to a directory that’s not mounted yet (like /home2/scott/) in the linux client, it will auto mount the required NFS volume and presto, we’ve got ourselves network storage. Other posts to come in the series:
1. Selecting the hardware
2. Installing the Operating System
3. Setting up File systems � Snapshots
4. Allowing access through NFS � SAMBA
5. Setting up encrypted off-site backups
6. Configuring Windows � Linux clients to dump backup info to the FileServer
7. My router setup, configuring IP tables � torrents on a low-powered server.