Chris Tyler - Fedora Linux

; valid users = mary fred

; public = no

; writable = yes

; printable = no

; create mask = 0765

From this template, you can see the basic format:

[ myshare ]

Name of the share as it will be seen by the Windows systems.

comment = Mary's and Fred's stuff

The description that will appear when browsing the share.

path = /usr/somewhere/shared

The directory to be shared.

valid users = mary fred public = no

Specifies who can access this share: specific users or everyone ( public = yes ). Either valid users or public should be enabled, but not both.

writable = yes printable = no browseable = yes

Determines what can be done with the share. writable controls whether the remote user can change or create files and directories, printable enables printing (not applicable to a regular directory share), and browseable enables the share to appear when the network user is browsing using a tool such as Windows Explorer.

create mask = 0765

Sets the octal permission that is applied to new files.

To allow read-only access to /usr/share/doc , for example, create this share:

[doc]

comment = Documentation

path = /usr/share/doc

writeable = no

browseable = yes

guest ok = yes

You will need to adjust the SELinux context of the shared directory (see "Using SELinux" in Chapter 8 Lab 8.2, "Using SELinux in Chapter 8).

After editing the configuration file, restart or reload Samba to activate the changes:

# service smb reload

Reloading smb.conf file: [ OK ]

To add Samba users, you must first create a Linux user account (see Lab 4.7, "Managing Users and Groups "), and then use the smbpasswd command with the add option, -a :

# smbpasswd -a frank

New SMB password:

FranklySpeaking

Retype new SMB password:

FranklySpeaking

Added user frank.

To change the password, leave out the -a option:

# smbpasswd jane

New SMB password:

PrimeUser

Retype new SMB password:

PrimeUser

To delete a user, use the -x option:

# smbpasswd -x kim

Deleted user kim.

Samba uses the Server Message Block (SMB) protocol suite and related protocols and programs developed by Microsoftmore recently grouped under the moniker Common Internet File System (CIFS). The name Samba is derived from the acronym SMB.

SMB and related protocols have been in use since the 1980s, but have changed significantly through the years. There are many different, incompatible implementations of the protocols present in various versions of Windows, and in particular, there are several ways of authenticating users. Many of Samba's configuration options relate to compatibility and user authentication.

Samba is implemented as two server daemons:

nmbd

Provides NetBIOS name server services

smbd

Provides SMB/CIFS services

The graphical configuration tool for Samba is system-config-samba .

To prevent Samba from sharing your printers with Windows systems, delete (or comment out) this printer share in /etc/samba/smb.conf :

[printers]

comment = All Printers

path = /var/spool/samba

browseable = no

# Set public = yes to allow user 'guest account' to print

; guest ok = no

; writeable = no

printable = yes

Restart or reload Samba to activate the change.

Use the Places→Network Servers option on the GNOME menu (or go to smb:// in KDE's Konqueror) to browse Windows network shares, including Samba shares.

You can also mount Samba or Windows shares at the command line. To mount the share bluesky from the server pictures on the mount point /mnt/pictures :

# mount -t smb //bluesky/pictures /mnt/pictures

This invokes the smbmount command.

 The manpages for samba , smb.conf , smbd , nmbd , findsmb , smbmount , and smbumount

 The files in /usr/share/samba* , especially /usr/share/samba*/Samba-Guide.pdf and /usr/share/samba*/Samba-HOWTO-Collection.pdf

 The Samba web site: http://www.samba.org/

Dynamic Host Configuration Protocol (DHCP) is used to automatically send basic configuration data to computers and network devices. This centralizes network configuration control so that a change in the network layoutsuch as adding a nameserver or a gateway, or renumbering the networkdoes not require a visit to every computer in the network. DHCP also provides a convenient method of supplying network configuration information to visiting computers, such as the laptop of a visiting colleague.

When a DHCP client system boots, it effectively shouts a broadcast message to the network: "Does anyone know who I am?" The DHCP server replies, "I know you, you're..." and then proceeds to tell the client its IP address and some combination of other network configuration information, possibly including a hostname, nameserver, timeserver, gateway, and default domain. The information sent by the DHCP server is called a lease and is only valid for a set length of time. The client can renew the lease when it expires, in which case it can keep its identity, or, if it disappears from the network and fails to renew the lease, the IP address can be recycled by the DHCP server and assigned to another host.

Most home and small networks are connected to the Internet by a router or gateway device that includes DHCP service capability. However, you may prefer to use the Fedora DHCP server instead because it gives you more configuration options and control over the network configuration.

Before you set up a DHCP server for your network, you must design the network layout that you wish to use.

Private networksones that will not be connected to the Internet, or that will be connected through a router or gateway that performs network address translation (NAT), or masquerading will use one of the private network ranges defined in RFC 1918, shown in Table 7-1.

Table 7-1. RFC 1918 private network addresses

Most small networks use one of the class C networks that start with the 192.168 prefix, yielding 256 addresses. Because two addresses are reserved for broadcast and network messages, that leaves 254 addresses for computers and network devices (such as printers), which is plenty for most homes and small businesses.