<--Back
Residential Ubuntu File Server
Having many individual computers, each with it's own storage makes backups more difficult and time consuming. Businesses have long overcome this problem by setting up file servers. A file server is nothing more than a computer that shares portions of it's hard drive space with users. Which portions get shared with individual users is managed by some kind of file ownership scheme. Windows computers typically connect to a central file server through Network Neighbourhood.
A typical residential scenario could be as follows:
- Two parents and two children
- The kids only have access to their own files.
- The parents have complete access to the children's files.
- The parents can copy from each others folders but can't delete the others files.
- Have one directory acts as a general repository where anyone (including guests) can drop files to share with other users on the network.
System requirements
The following server configuration has worked on equipment as low as a Pentium II with 128MB RAM and a 2GB hard drive. Although the accompanying network doesn't demand a router, one would facilitate setup and make adding or removing computers much easier. The server operates using a free, open source distribution of GNU/Linux for the operating system and uses Samba for managing the file sharing.
Install Samba Server
- Burn and Ubuntu server 7.10 image to a CD
- Make sure your computer can boot from a CD. May need edit BIOS settings.
- At the software Selection screen, use the space bar to put an [*] next to Samba file server
- Remove CD after the install completes.
- Reboot
Create 4 accounts: Mom, Dad, Jack, Jill
Note: Ubuntu's philosophy is that users should not run the computer as an administrator (root user). If a regular user wants to run privileged commands they need only precede it with the "sudo" command. After typing their own password they can execute instructions as if they were root (administrator).To add user accounts to the server, use the adduser command:The command prompt in the following examples is depicted by the "#" symbol the equivalent of "C:/" in DOS.
General form of the command: #sudo adduser (username)The big stumbling block when setting up any kind of sharing is with file permissions. Samba, the file sharing software, attempts to have several operating systems, each with very different ways of dealing with file permissions and authentication, play nicely together. Sometimes things get lost in translation. It is important to note that the underlying Linux file and directory permissions structure takes precedence over Samba permissions. In other words, one might configure Samba to allow connections to the server, but if the person connecting to the server does not have the proper rights to the file system, they will not get access.#sudo adduser mom
repeat this procedure for three other accounts: "dad" "jack" "jill"
- Type a password
- Hit enter for the other options
- type "y" then hit enter
We'll manage who is allowed to move files into which directory by manipulating user groups. In this way we'll be able to configure the server as described in the scenario above.
115 second crash course in file permissions
- Each user must be part of a group.
- Creating an account with the adduser command in Ubuntu, the user is assigned a primary group of the same name as the username.
- A group can have many members or it need only have one member.
- File permissions in linux are divided into 3 parts: owner/group/other
- Each part has three attributes: read/write/execute (rwx)
- A files permission can be listed as: rwxrwxrwx
Example:
Suppose a file's permissions is shown as: rwxr-x---The owner, depicted by the first three letters, has read, write and execute permissions
The group the owner belongs to, depicted by the next three letters, only has read and execute permissions.
all others have no rights to the file
15 second crash course in directory permissions
Almost like file permissions except that when dealing with directories:"read" permission means allowed to list files
"write" permission means allowed to create, delete and rename
"execute" permission lets one enter the directory.
Assign groups
When creating a new user, Ubuntu will create a primary group based on the username. e.g. creating a user called tom will automatically create a group called "tom" which will ony have on member: tom. Because the parents should have rights to the children's files they will need to be added to the children's group. Add mom & dad to both children's groups.
General form of the command: #usermod (options) (groupname) (username)-a append to the group file
-G make this a secondary group#usermod -a -G jack mom
#usermod -a -G jack dad
#usermod -a -G jill mom
#usermod -a -G jill dad
View the Group file
Users and the group they belong to can be determined by viewing the Group file found at /etc/groupThe format of the file is as follows:
group name:x:GroupID:user1,user2,etcAfter executing the "usermod" commands above the /etc/group file should look something similar to the following
.
.
.
mom:x:1001:
dad:x:1002:
jack:x:1003:mom,dad
jill:x:1004:mom,dad
Edit directory permissions
At this point files moved to the children's directory will retain the ownership of those that created them. The kids will not be able to open those files. Setting the Group ID bit of the children's directories will makes any file moved or created accessible by the kids.
add group write permissions to the directory and set the sticky bit
General form of the command: #sudo chmod (options) (directory or file)To view the changes to the directory permissions:#cd /home
#sudo chmod g+ws jack
#sudo chmod g+ws jill
#ls -lNow that the underlying linux permissions have been set, we can now focus our attention on configuring Samba.root@ubuntu:/home# ls -l
total 20
drwxr-xr-x 2 dad dad 4096 2008-01-31 18:32 dad
drwxrwsr-x 2 jack jack 4096 2008-01-31 11:41 jack
drwxrwsr-x 2 jill jill 4096 2008-01-31 11:41 jill
drwxr-xr-x 2 mom mom 4096 2008-01-31 10:16 mom
Create samba passwords
In order for networked computers to login to the Samba server they need Samba accounts. Use the same passwords as the linux accounts for mom, dad, jack and jill.
General form of the command: #sudo smbpasswd (options) (username)-a append to the password file
#sudo smbpasswd -a mom
#sudo smbpasswd -a dad
#sudo smbpasswd -a jack
#sudo smbpasswd -a jill
Edit Samba Configuration File
The Final step in configuring this file server is to tell Samba what shares are to be made available to the network
Edit /etc/samba/smb.conf to look something like this:
#
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#[global]
workgroup = LINUX
server string = %h FileServerlog file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %dsecurity = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root# This following is needed for Debian based systems
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *passwd:*password\supdated\ssuccessfully* .socket options = TCP_NODELAY
[mom]
comment = Mom's Directory
path = /home/mom
browseable = yes
valid users = mom, dad
writable = yes
create mask = 0770
directory mask = 0770[dad]
comment = Dad's Directory
path = /home/dad
browseable = yes
valid users = mom, dad
writable = yes
create mask = 0770
directory mask = 0770[jack]
comment = Jack's Directory
path = /home/jack
browseable = yes
valid users = jack, jill, mom, dad
writable = yes
create mask = 0770
directory mask = 0770[jill]
comment = Jill's Directory
path = /home/jill
browseable = yes
valid users = jill, tom, mom, dad
writable = yes
create mask = 0770
directory mask = 0770
Restart Samba
This command will restart the Samba service without rebooting the computer#sudo /etc/init.d/samba restart
Windows accounts:
The user names and passwords on the Windows computers connecting to server should match the linux account usernames and passwords.
