💾 Archived View for pwshnotes.flounder.online › gemlog › 2022-05-02-install-samba.gmi captured on 2023-01-29 at 02:53:40. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-06-04)

➡️ Next capture (2023-04-19)

-=-=-=-=-=-=-

Install Samba

I'm using Manjaro on my desktop. And I want to create a read-only file share to share files with my iPad. I will be logging in as a guest. Here, I install and configure Samba. And I include configuration parameters that make the share compatible with my iPad.

I already created a directory for my file share at /data/fileshare. And I placed a test file in there: weird_fishes.txt

Install

Install Samba Package

sudo pacman -S samba

Write smb.conf

Installing Samba does not include a default configuration file. Here is an example file for my share which is compatible with Apple devices. 

sudo pwsh -c "New-Item -Path '/etc/samba/smb.conf' -ItemType File -Force"
sudo vim /etc/samba/smb.conf

File Name:

/etc/samba/smb.conf

File Contents: 

[global]
   server role = standalone server
   log file = /var/log/samba/%m.log
   map to guest = Bad User
   load printers = no
   printing = bsd
   printcap name = /dev/null
   disable spoolss = yes
   show add printer wizard = no
   vfs objects = fruit streams_xattr

[fileshare]
   path = /data/fileshare
   public = yes

Run the testparm command after writing the configuration file to validate the smb.conf syntax. 

# basic
testparm -s

# verbose
# Press Enter to load Vim after testparm runs. 
testparm -v | vim +"set nomodified" -

Start Samba

Enable and start Samba. 

sudo systemctl enable --now smb.service

Confirm Directory Permissions

You can check the current permissions of the file share and its parents with namei.

If you save the namei output to a file, you can revert any permission changes you make in the next step or later. There won't be a way to undo changes made with chmod without this information. 

namei -l /data/fileshare

# Save namei output to a file. 
namei -l /data/fileshare >> /home/michael/Desktop/namei_output.txt

The guest user (nobody) should have read and execute permissions on the shared folder and execute permission on all parent directories. To accomplish this, you will need to modify the 'other' permissions for each directory. I am not aware of an easy way to do this work in one step. The best way is making changes to individual directories with chmod.

The example below adds the execute permission for 'other' to the /data directory. The execute permission allows Samba to traverse this directory to any child directories: like "fileshare". 

chmod o+x /data

Verify Guest Access

Try to access the file share with the smbclient terminal application. At the smb: \> prompt, try using ls to list the files available on the share.

Skip the password prompt for smbclient -L by pressing enter.

In this example, we can see the weird_fishes.txt file is listed. 

> smbclient -L localhost
> smbclient -N //localhost/fileshare
smb: \> ls
  .                                   D        0  Mon May  2 07:42:32 2022
  ..                                  D        0  Sun May  1 07:21:15 2022
  weird_fishes.txt                    N      691  Sun May  1 11:32:31 2022

		479597248 blocks of size 1024. 440488612 blocks available
smb: \> exit

After verifying guest access, the file share should be working for you.

Test iPad

Try connecting to the share with the iPad.

From here, I can browse and open files on the share.

I noticed that sometimes I see the iCloud folder instead of the fileshare folder after tapping on my fileshare. Tapping the top left link to navigate back to the parent folder and tapping on fileshare again seems to work around the issue. I've also noticed that pulling down on the folder contents to refresh also addresses the issue. So, after a few days, I've gotten into the habit of refreshing after reconnecting to the server. After refreshing, I can tap on my fileshare folder and will be sent to the correct view. I don't think the Files app actually supports refreshing. I just think the gesture works around the issue a little better.

If you reach the Files app side panel again and want to return to the shared folder, the file share will be listed under the Shared heading with the server name. On my Files app, I see Shared and then edward. The eject button next to the server name lets you explicitly disconnect from the server.

Troubleshooting

iPad Error Messages

During testing, I received two error messages from the iPad.

The operation couldn't be completed. Operation not supported.
Content Unavailable The folder contents could not be displayed because of an unknown error.

Make sure that you are not using the "hosts allow" parameter in smb.conf. I noticed that the iPad was communicating with the server via IPv6. That makes it difficult to create a reliable list of allowed hosts. So, I don't use "hosts allow". The "interfaces" smb.conf parameter might also cause problems.

Alternatively, try connecting via the full file share name. For example, instead of "edward", I might try the fully qualified path:

smb://edward/fileshare

Administration

Check Samba Logs

Note that journalctl will not show the full log. Go to /var/log/samba and read the logs directly.

List the modified logs. 

Get-ChildItem -Path "/var/log/samba" | 
  Where-Object { $_.LastWriteTime -ge ((Get-Date).AddMinutes(-20))} | 
  Sort-Object -Property LastWriteTime -Descending | 
  Format-Table -AutoSize

   Directory: /var/log/samba

UnixMode   User Group  LastWriteTime   Size Name
--------   ---- -----  -------------   ---- ----
-rw-r--r-- root root  5/3/2022 21:20   4476 log.smbd
-rw-r--r-- root root  5/3/2022 21:20   7592 log.samba-dcerpcd
-rw-r--r-- root root  5/3/2022 21:20    744 log.rpcd_lsad
-rw-r--r-- root root  5/3/2022 21:20    744 log.rpcd_mdssvc
-rw-r--r-- root root  5/3/2022 21:20    744 log.rpcd_rpcecho
-rw-r--r-- root root  5/3/2022 21:20    744 log.rpcd_epmapper
-rw-r--r-- root root  5/3/2022 21:20    744 log.rpcd_fsrvp
-rw-r--r-- root root  5/3/2022 21:20    744 log.rpcd_spoolss
-rw-r--r-- root root  5/3/2022 21:20  14068 log.rpcd_winreg
-rw-r--r-- root root  5/3/2022 21:20  24704 log.rpcd_classic
-rw-r--r-- root root  5/3/2022 21:20 278637 smbd.log
-rw-r--r-- root root  5/3/2022 21:20  46072 2600_1700_1e80_7880_bc92_a917_e0f1_
                                            2fe3.log
-rw-r--r-- root root  5/3/2022 21:20 154076 mobile.log

Read the log file. 

vim -R /var/log/samba/smbd.log

...
[2022/05/03 21:20:13.032298,  0] ../../source3/smbd/server.c:1741(main)
  smbd version 4.16.0 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2022
[2022/05/03 21:20:13.032359,  2] ../../source3/smbd/server.c:1744(main)
  uid=0 gid=0 euid=0 egid=0
[2022/05/03 21:20:13.032596,  2] ../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
  Registered MSG_REQ_POOL_USAGE
[2022/05/03 21:20:13.032609,  2] ../../source3/lib/dmallocmsg.c:78(register_dmalloc_msgs)
  Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
...

Increase Log Level

Change the log level by adding a parmeter to smb.conf and restarting the smb service. This will show additional information.

Remember to disable the higher log level after you are finished troubleshooting. You can comment out the parameter with '#'. Then restart the service again.

File Name:

/etc/samba/smb.conf

File Contents:

Add log level under [global]. 

[global]
   log level = 3

Manage Samba

You can manage the Samba service with the commands below. 

systemctl status smb.service | vim +"set nowrap" +"set nomodified" -
sudo systemctl start smb.service
sudo systemctl stop smb.service
sudo systemctl restart smb.service

Making Changes to smb.conf

Here are the steps for changing the smb.conf file. 

sudo vim /etc/samba/smb.conf
testparm -s
sudo systemctl restart smb.service

Change the systemd unit File for Samba

Here is the location of the systemd configuration for Samba. For example, you can add smbd options to the "ExecStart=" line available in the file. 

# edit file
# Use '#' for comments inside the file. 
sudo vim /usr/lib/systemd/system/smb.service

# Reload systemd manager configuration
sudo systemctl daemon-reload

# restart unit
sudo systemctl restart smb.service

Uninstall

You can reverse the changes made here and uninstall Samba with these commands.

This leaves the file share directory and contents intact. This does not undo or change any local permissions to the file share directory which might have changed by using chmod. If you saved the namei output before making changes, you can use that information to manually reset permissions for each directory. 

sudo systemctl stop smb.service
sudo systemctl disable smb.service
sudo rm /etc/samba/smb.conf
sudo pacman -Rs samba

Note on Vim

If you pipe stdin to Vim, the resulting buffer or file will be marked as modified. And you will be prompted to save the buffer before exiting Vim. Often this text is not needed. And it would be helpful to exit Vim without habitually typing :q! The problem is that if you accidentally type :q! in another context, you can lose all your work.

You can add a line to vimrc so that you can exit with :q after reading from stdin. This saves you from typing +"set nomodified" at the command line. 

" Don't set 'modified' when reading from stdin
au StdinReadPost * set nomodified

References

Samba | ArchWiki

Sample smb.conf

smb.conf | Arch Manual Pages

Explanation of chmod Symbolic Modes

vfs_fruit Manual Page (Apple compatibility parameters)

umask | Wikipedia

systemd.service | Arch Manual Pages

stdin Configuration Option | starting.txt | Vim Online Help

Changes

Created: Monday, May 2, 2022

Updated: Friday, May 6, 2022