Blog
IPFire
Samba on IPFire
0As I have previously mentioned, IPFire supports addons by way of package manager, Pakfire.
One of the many addons you can get, is Samba. Now since I’ve got my media drive working in the new setup, I needed a way of sharing the data across my network (all windows based machines).
So after I installed samba, you get a new entry “Samba” on the side-bar of the Pakfire page, not sure why they put it there but whatever.
After much research and tinkering I found the best settings were essentially what you are given as the default but with a few tweaks.
I set “Security” to User and Map to Guest to “Bad User”. Also, as the router is essentially the server, I enabled Local Master and Preferred Master; hopefully that means that Samba will take charge of resolving Netbios names and means (I guess) less traffic.
And these are the setting for the share:
[media]
path = /mnt/media
comment = Media Drive
browseable = yes
writeable = yes
create mask = 0777
directory mask = 0777
public = yes
read only = no
Now this will allow for essentially anyone to read/write the share, which is a mega security risk normally, but considering this is a home network, it’s function over security and I’m not too worried about hackers watching my Harry Potter rips =D.
On top of this share, I also have another share I need to make for backups.
For this one, I made a new samba user. Now you could either do it the long way in the shell (useradd [user] -p [pass], then smbpasswd -a [user]), or just use the great little web interface they give you.
So I made up a new user ‘backups’ and gave it a password.
Then I used the following settings for the share
[backups]
path = /var/backups
browseable = yes
writeable = yes
create mask = 700 – ensures the files created are owned by its’ owner (backups)
directory mask = 0700 – ensures the directories created are owned by its’ owner (backups )
force user = backups – ensures all files/folders created will be owned by ‘backups’
valid users = backups – finally, locks the share to only one account
Now i’m sure I don’t need all of those options, for example, it seems rather redundant to limit the share to the backups user when only backups can read/write anyway, but until I can see a reason why not to, I will err on the side of caution.
Note: the unix permissions will first need to be set on the target folder (/var/backups/ in this case). For example I did chgrp -R backups /var/backups to assign the folder to the backups group. And also you will want to change the file permissions to ensure no one else can access the folder, so chmod -R 700 /var/backups will give you read/write permissions only for the backups user.
When it comes to Samba, remember that it cannot override UNIX permissions, so its best to sort them out first. Oh and btw the user backups is a member of the samba user group, so if you give group permissions, I’m pretty sure that you would be essentially giving samba rights to deal with permissions on it’s own terms. Not a good thing imo.
teh norm
013 years
So, as per usual, everything has gone wrong (this time it was actually my fault -it happens :D)
After realising that there was no way in hell SmoothWall would ever accept an NTFS drive, or rather I just didn’t have the knowledge to do it, I moved on to other ideas; That’s where I came across IPFire, which is basically IPCop + SmoothWall + Awesomeness.
I know the whole idea of IPCop and SmoothWall is primarily to provide a solid firewall, but with all the mods you can get for both of them, it almost seems pointless not to be able to increase functionality to include network storage.
IPFire is essentially the same idea as the other two (in fact it’s based on IPCop I believe) except its using a newer kernel, and includes kernel modules such as NTFS-3G and FUSE so that its able to read/write NTFS without problems, and it even includes facility called ExtraHD which as far as I can tell is an fstab editor.
My favourite feature of all is Pakfire, which is a package installation system (like apt, yum, etc.). Its a highly simplified version, but its perfect. It will hopefully take away the need for command line crap. I sincerely hope I don’t ever have to open PuTTy again :D. (yeh right)
Anyways, I downloaded the ISO, burnt it and away we go right, backed up all the important stuff, plugged in the ol’ CD drive, rebooted (took ages to get into the bios to make it the boot device – damned thing gives you about 5ms to press F2 -and didn’t even tell you what button to press), and installed it. No problem right? Well not exactly, as you may have already guessed; so here goes: it installed IPFire onto …the 2TB media harddrive…. All of those movies gone, 1.2TB of entertainment obliterated… gone…
You have no idea how stupid I felt after that.
After I stopped banging my head against the wall, I unplugged the 2TB, installed IPFire on the 80GB it was supposed to.
So once again I’ve managed to make one problem into several.