You're reading from Linux Networking Cookbook
Once you have a network with multiple devices, it is useful to be able to share files easily between them and between users. Building a centralized file server achieves this goal as well as provides a central point for backing up your data. In this chapter, we will explore several available protocols for storing files. We will start with the SMB/CIFS protocols, commonly used by Windows systems, and work our way to services specifically designed for synchronizing mobile clients.
We are going to start by setting up a simple read-only file server using Samba, and then we will expand on it from there. If you are not familiar with SMB/CIFS, you may know it by another name, Windows File Sharing. This is the protocol, which Microsoft uses for its built-in file sharing, but re-implemented by the Samba project.
Install Samba:
sudo apt-get install samba
Edit
/etc/samba/smb.conf
:[global] server role = standalone server map to guest = Bad User syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d idmap config * : backend = tdb [myshare] path = /home/share guest ok = yes read only = yes
Restart
smbd
:sudo service smbd restart
You should now be able to browse the share like you used to do in Windows file share.
Samba supports granting authenticated access to shares in addition to making them available as public shares.
Select the account that you want to use for authentication. All Samba share accounts must be accompanied by a Unix account. In this case, we'll user a new user called
testuser
:sudo useradd testuser
Create a separate Samba-specific password for that account:
sudo smbpasswd –a testuser
Modify
smb.conf
to set the valid users for the share:[myshare] path = /home/share guest ok = yes read only = yes valid users = testuser
Access the share once again; confirming that this time, you are prompted for a username and password.
As mentioned in the preceding, Samba users must be backed by a system user account that is known to PAM. This could mean a user in /etc/passwd
, or it could mean a user account coming from some sort of directory service. In this case, we are going to create a dedicated user account.
Authentication however is...
NFS, or Network File System, was initially created by Sun Microsystems to allow clients to access remote file shares on Unix systems back in the 80s. NFS is trivial to set up and is typically rather fast, but it can introduce some interesting security issues if it is not done correctly.
Install NFS server:
sudo apt-get install nfs-kernel-server
Configure shares within
/etc/exports
:/directory/to/share client(options)
Install the NFS client software:
sudo apt-get install nfs-common
Mount the share:
mount -t nfs4 server:/directory/to/share /mountpoint
WebDAV was initially created as a protocol for managing web server content over http/https. In other words, it grants you the ability to add, remove, or edit HTML and support web content remotely.
From there, the usage expanded to provide access to general file services as well. For example, Apple's iDisk service (part of iTools/.Mac/MobileMe
) supported accessing your files through any WebDAV client. This support unfortunately ended when iDisk was retired with the transition to iCloud.
WebDAV clients are built into Mac OS X and Windows as well as the file managers for Gnome, KDE and many other Linux desktop environments. You can even find Linux console tools, which support the protocol or mount it directly on your filesystem using the davfs2
filesystem driver.