UCI configuration options
The UCI configuration file is located at /etc/config/samba
Common Options
The config section type
samba determines values and options relevant to the overall operation of samba. The following table lists some (not all) available options, their default value and respectively a short characterization. See http://*** for further details.
These are the default settings for the common options:
config 'samba'
option 'name' 'openwrt'
option 'workgroup' 'WORKGROUP'
option 'description' 'openwrt'
option 'homes' '1'
| Name | Type | Required | Default | Option | Description |
|---|---|---|---|---|---|
name | string | yes? | openwrt | Name of the Server | |
workgroup | string | yes? | WORKGROUP | Name of the Workgroup | |
description | string | yes? | openwrt | Description of the Server | |
homes | boolean | yes? | 1 | Share the user directory |
Sambashare
The daemons are up and running and recheable via NetBIOS. Now you only need to configure the directories you intend to make accesible to users in your LAN. This example assumes you attached a USB harddisk to the USB-Port and correctly mounted a partition. You can now choose to share the partition as a whole, or just individual directories on it. Fo each entry you need to create an individual config 'sambashare' section.
config 'sambashare'
option 'name' 'Shares'
option 'path' '/mnt/sda3'
# option 'users' 'sandra'
option 'guest_ok' 'yes'
option 'create_mask' '0700'
option 'dir_mask' '0700'
option 'read_only' 'yes'
| Name | Type | Required | Default | Option | Description |
|---|---|---|---|---|---|
name | string | yes | (none) | Name of the entry. Will be shown in the filebrowser. | |
path | file path | yes | (none) | The complete path of the directory | |
users | string | no | (none) | the samba-users allowed access to this entry; use smbpasswd to create a user-pwd combination! Several users can be specified, separated by a coma (ex : option 'users' 'root,nobody' ). | |
guest_ok | string | yes | no | Specifies if you need to login via samba-username and password to access this share | |
create_mask | integer | yes | 0700 | chmod mask for files created (need write access) | |
dir_mask | integer | yes | 0700 | chmod mask for directories created (need write access) | |
read_only | boolean | yes | no | no allows for read/write, else only read access is granted; (for rw, you also need to mount fs rw!) | |
Additional Configuration Options
In addition to the UCI file (
/etc/config/samba), modifications can be made to the /etc/samba/smb.conf.template file.Configuration examples
Samba can be configured at either share level access or user level access. At share level access all users on the network can access the share, and all files are shared with all users. At user level access a username and password are needed to access the share. By default Samba is configured for user level access.
These configurations have proven to work for some:
Share level access
At share level access all users on the network can access the share, and all files are shared with all users. To set share level access change
security = user tosecurity = share in /etc/samba/smb.conf.template:[global]
netbios name = |NAME|
workgroup = |WORKGROUP|
server string = |DESCRIPTION|
syslog = 10
encrypt passwords = true
passdb backend = smbpasswd
obey pam restrictions = yes
socket options = TCP_NODELAY
unix charset = ISO-8859-1
local master = yes
preferred master = yes
os level = 20
security = share
guest account = nobody
invalid users = root
smb passwd file = /etc/samba/smbpasswd
Then add a share to
/etc/config/samba. Make sure that guest ok is set to yesconfig 'samba' option 'name' 'openwrt' option 'workgroup' 'WORKGROUP' option 'description' 'openwrt' option 'homes' '1' config 'sambashare' option 'read_only' 'no' option 'create_mask' '0700' option 'dir_mask' '0700' option 'name' 'name-of-share' option 'path' '/path/of/share' option 'guest_ok' 'yes'
This share should now be accessible by
\\ip-adress-openwrt\name-of-share (windows, username and password can be anything).User level access
At user level access a username and password are needed to access the share.
Steps:
1. Add user to system
To access a samba share with user level access there must be a user added to the system. Edit
/etc/passwd and add a line for the new user. Choose a user id (the first number in the line) of 1000 or higher that does not exist yet. Set the group identification number (the second number) to the same number as the user nobody. Copy the rest.root:!:0:0:root:/root:/bin/ash nobody:*:65534:65534:nobody:/var:/bin/false daemon:*:65534:65534:daemon:/var:/bin/false newuser:*:1000:65534:newuser:/var:/bin/false
Note: keep in mind that the user(s) and group(s) utilized by Samba need to have the proper permissions for their shares, i.e. they need write access in order to write via smb.
2. Add samba password to user
smbpasswd -a newuser3. Change samba config to accept users with null passwords
Edit
/etc/samba/smb.conf.template and add null passwords = yes:[global]
netbios name = |NAME|
workgroup = |WORKGROUP|
server string = |DESCRIPTION|
syslog = 10
encrypt passwords = true
passdb backend = smbpasswd
obey pam restrictions = yes
socket options = TCP_NODELAY
unix charset = ISO-8859-1
local master = yes
preferred master = yes
os level = 20
security = user
null passwords = yes
guest account = nobody
invalid users = root
smb passwd file = /etc/samba/smbpasswd
4. Add a share
Then add a share to
/etc/config/samba. Make shure that guest ok is set to noconfig 'samba' option 'name' 'openwrt' option 'workgroup' 'WORKGROUP' option 'description' 'openwrt' option 'homes' '1' config 'sambashare' option 'read_only' 'no' option 'create_mask' '0700' option 'dir_mask' '0700' option 'name' 'name-of-share' option 'path' '/path/of/share' option 'guest_ok' 'no'
This share should now be accessible by
\\ip-adress-openwrt\name-of-share (windows, correct username and password are needed).Notes
If you use a trunk version and experience connection aborts take a look at this file
/etc/samba/samba.conf.template and search for reset on zero vc = yesRemove this line or set it to no.
More information about this issue here: https://dev.openwrt.org/ticket/9992
doc/uci/samba.txt · Last modified: 2013/08/14 10:28 by dylanweber
Комментариев нет:
Отправить комментарий