Networked file and printer sharing is among the fundamental services offered by Linux and other operating systems. For years, the standard file sharing protocol for Unix has been the NFS. Originally developed by Sun Microsystems, NFS has been implemented on many operating systems and is available in both commercial and free software implementations.
Any Linux system may act as both an NFS server and an NFS client. Clients use mount to attach remote filesystems from NFS servers to their local filesystem. Once mounted, the directory hierarchy mounted on the client appears to users as a local filesystem.
To share a part of your system's filesystem, you must add a specification to /etc/exports. Each line in this file describes a shared filesystem resource. The format of the file is:
directory system(options) system(options) ...
The syntax of /etc/exports on Linux differs significantly from the same file on systems using a Sun-derived NFS implementation.
directory
is a local filesystem directory, such as /home. Each of the space-separated system
s describes clients by name or address, and the associated options
control access. If the system name is omitted, no restriction is placed on which clients can connect. Typical options are:
ro
Export with read-only attribute.
rw
Export with read/write attribute, the default.
no_root_squash
Allow access by user ID 0, root
. Normally root
on the client is mapped to the unprivileged user ID 65534 on the server. This option turns off that feature.
Example 20-4 shows three shared directories from an /etc/exports file.
Example 20-4. Sample /etc/exports file
/ orion(rw,no_root_squash) /usr *.example.com(ro) orion(rw) /pub (ro,insecure,all_squash) /pub/private factory*.example.com(noaccess)
In this example, the entire filesystem (/) is shared with the system orion
in read/write mode, and root
access is accepted. The /usr directory is shared as read-only (ro
) to all systems in example.com
and read/write (rw
) to orion
. The /pub directory is shared as read-only (ro
) to any system, but factory*.example.com
systems cannot look into /pub/private because the noaccess
option is used.
For new or revised entries to be incorporated in the NFS configuration, NFS daemons must be reconfigured or restarted.
Mounting an NFS volume requires the use of a local mount point, a directory in the filesystem over which the remote directory hierarchy will be placed. Once the directory exists, mount is used to create the NFS connection from the local client to the remote server. The syntax is similar to that used for local filesystems, with the addition of the NFS server name or address. For example, if server1
is offering its /home directory via NFS, it could be mounted locally as follows:
#mkdir /mnt/server1
#mount -t nfs server1:/home /mnt/server1
In this example, the mount command uses the -t option to specify mount type nfs
. The second argument specifies the data source by concatenating the name of the NFS server (server1
) with its exported directory (/home). The final argument is the directory name that will serve as the local mount point (/mnt/server1). After successfully mounting, /mnt/server1 appears to be a local filesystem.
This configuration could be incorporated into /etc/fstab for automated mounting at boot time with a line like this:
server1:/home /mnt/server1 nfs defaults 0 0
In this example, defaults
indicates that the filesystem should be mounted using the default options (see the manpage for mount for defaults). The two zeros indicate that the filesystem should not be backed up using dump and that it should not have a filesystem check at boot time.
NFS consists of multiple daemons, which are typically managed through the runlevel system and the series of scripts and links in /etc/init.d and /etc/rc
n
.d. See Chapter 14, "Objective 2: Change Runlevels and Shut Down or Reboot System," for details on starting and stopping services such as the NFS family.
Another extremely popular sharing mechanism is that used on Microsoft and IBM systems, called Server Message Block (SMB). It is implemented as free software as a suite of programs collectively known as Samba, which runs on a variety of operating systems including Linux. Samba consists of two daemons:
This daemon handles file and printer sharing, as well as authentication.
This daemon implements the Windows Internet Name Service (WINS), which maps Windows system names to IP addresses.
Your Linux distribution probably came with a recent version of Samba. If you already have Samba installed, setting up a basic configuration is easy. To check whether Samba is already installed on your system, issue the following command on the command line:
# smbd -h
If Samba is installed on your system, you should see a message similar to:
Usage: smbd [-D] [-p port] [-d debuglevel] [-l log basename] [-s services file] Version 2.0.3 -D become a daemon -p port listen on the specified port -d debuglevel set the debuglevel -l log basename. Basename for log/debug files -s services file. Filename of services file -P passive only -a append to log file (default) -o overwrite log file, don't append -i scope NetBIOS scope to use (default none)
If not, you can get source or binary distributions for Samba at http://www.samba.org.
To begin using Samba, you must create its configuration file, smb.conf. Depending on how you acquired Samba, the default location for this file may be /etc or /usr/local/samba. A basic smb.conf set up is shown in Example 20-5.
Example 20-5. Sample /etc/smb.conf file
[global] workgroup = HOME server string = LINUX encrypt passwords = Yes log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY printcap name = /etc/printcap dns proxy = No socket address = 192.168.1.30 wins support = no wins server = 192.168.1.202 hosts allow = 192.168.1. 127. [myshare] path = /home/myshare guest ok = yes comment = My Shared Data writeable = yes [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers printing = BSD print command = /usr/bin/lpr -r %s path = /var/spool/samba guest ok = yes printable = yes
This example configuration allows Samba to participate in an SMB workgroup called HOME
with a system name of LINUX
. Hosts on the private network 192.168.1 as well as the loopback network (127.) are allowed to access shared resources. The default sections
of Samba's /etc/smb.conf file are as follows:
[global]
The global
section defines items applying to the entire system, such as the workgroup and system names.
[homes]
A section that defines users' home directories to be shared.
[printers]
This section shares all of the printers located in /etc/printcap (provided that a BSD-style printer setup is in use).
[myshare]
This defines a shared directory myshare
. The name myshare
will appear as shared resources to clients. Users' home directories do not need to be explicitly shared if [homes]
is used.
To use Samba, only the workgroup, server string, and a shared service such as [myshare]
need to be configured.
See Samba's manpage for more detailed information on the smb.conf file.
Windows networks allow users to view available shared resources through browsing, a process by which one machine acts as a browser and is updated with information from other machines on the network. Client machines can then obtain lists of resources on the entire network from that single browser machine. Samba's nmbd
daemon implements WINS. To use Samba as a WINS client, you can specify the address of the WINS server on your network using the wins server
directive, as shown in Example 20-5. Samba can also act as a WINS server itself, although this is beyond the scope of the LPIC Level 1 Exams.
Samba v2.0 and later comes with a web-based configuration tool called the Samba Web Administration Tool (SWAT). To use SWAT with inetd, use a line similar to this in /etc/inetd.conf:
swat stream tcp nowait.400 root /usr/sbin/swat swat
You can also run the swat daemon manually. In either case, you must list its port, 901, in /etc/services. Once swat is configured, you can point your browser to http://localhost:901 and log in using the root password; swat offers a convenient series of forms that you can fill in using the browser to configure Samba. When you commit changes, the smb.conf file is updated for your system.