Local File Sharing in Linux With Samba
Table of Contents
Last time I checked, Ubuntu has an easy folder sharing option. You can right-click any folder and share it easily on the local network, for others to read and optionally write to. In the Arch world, things are a little more manual to set up. Here I will give some instructions on how to set this all up to work seamlessly.
Update 2020-05-08: It looks like with recent versions of GNOME 3 (I’m currently on 3.36.2) sharing is done over WebDAV. If you opt for this, the setup is much easier: using the file manager, simply go into your ~/Public folder, and follow the prompts. The only downside I can tell is that others on your network can modify your files in that folder, and the port chosen each time is random (so you can’t reliably use ufw
). But the ease of use is pretty nice, and the user doesn’t need to confirm “anonymous” user with no password each time.
Packages #
First, we need to install some packages:
samba
- One of the following:
nautilus-share
(if you’re using Gnome Files)nemo-share
(if you’re using Nemo file manager)- There are probably others, go look them up for your file manager!
samba
will pretty much depend on all the other packages you will need (the Samba client, for example).
Configuration #
Samba does not ship with a default configuration file in place. I have modified the default that comes with Ubuntu and added some extra configuration options. You can find the contents of that file here:
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
workgroup = WORKGROUP
# server string is the equivalent of the NT Description field
server string = %h server (Samba)
# Server role. Defines in which mode Samba will operate. Possible
# values are "standalone server", "member server", "classic primary
# domain controller", "classic backup domain controller", "active
# directory domain controller".
#
# Most people will want "standalone server" or "member server".
# Running as "active directory domain controller" will require first
# running "samba-tool domain provision" to wipe databases and create a
# new domain.
server role = standalone server
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Put a capping on the size of the log files (in Kb).
max log size = 1000
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
dns proxy = no
# Make it fast
server multi channel support = yes
socket options = SO_RCVBUF=131072 SO_SNDBUF=131072 IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT
deadtime = 30
use sendfile = Yes
write cache size = 262144
min receivefile size = 16384
aio read size = 16384
aio write size = 16384
# Usershare stuff
usershare path = /var/lib/samba/usershares
usershare max shares = 100
usershare allow guests = yes
usershare owner only = yes
Edit (or create) the file /etc/samba/smb.conf
as root, and add/replace everything with the above. Of note, the Usershare section is what allows any user in the sambashare
group to create folder shares, the Make it fast section is just to speed up file transfers, and the workgroup is set so that Windows machines can also see these shares. For any other information you could possibly want, please look at the ArchWiki entry for Samba.
Usershares #
This has been taken directly from the ArchWiki entry for Samba. Just follow along, and run these all as root! First we create a folder for the usershares:
# mkdir -p /var/lib/samba/usershares
This creates the group sambashare:
# groupadd -r sambashare
This changes the owner of the directory to root and the group to sambashare:
# chown root:sambashare /var/lib/samba/usershares
This changes the permissions of the usershares directory so that users in the group sambashare can read, write and execute files:
# chmod 1770 /var/lib/samba/usershares
Add your user to the sambashare group. Replace $USER
with the name of your user if for some reason it doesn’t expand to your username:
# gpasswd sambashare -a $USER
Make sure that the smb.service
and nmb.service
are enabled:
# systemctl enable smb.service
# systemctl enable nmb.service
Afterwards, reboot your computer. This is an easy way for your user to be added to the sambashare group, Nautilus to be restarted, and to have the above services (re)started.
Permissions #
One thing that stumped me for a while was not being able to share folders in my home folder. When browsing to my home folders shared Public folder, I would be greeted with a “Failed to mount Windows share: Permission denied” error. To remedy this, you need to make sure others can execute your home folder. By default, my home directory has a permission of 700. Simply setting it to 701 fixes this error.
chmod 701 ~
Firewall #
If you have ufw
installed, it will block Samba connections. Unfortunately, using the ufw allow cifs
command does not open the proper ports. If you use gufw to manage your firewall with a gui, there is a preconfigured firewall rule for samba (I highly recommend this!). If not, you can use these commands:
# ufw allow proto udp from any to any port 137,138
# ufw allow proto tcp from any to any port 139,445
Share #
That should be it! You should be able to right-click your Public folder in your home directory and click a new option called “Sharing Options”. In there, you can configure it so that others can see your share, but not modify files in it.
This share can now be seen in any Linux or Windows computer. In Gnome, click the “+ Other Locations” section in the bottom right, and then click on your computers name. If you set it up to allow guest access, you can connect anonymously.