Reply
 
Thread Tools Display Modes
  #1  
Old 11-23-2007, 04:55 PM
graedus graedus is offline
Senior Member
 
Join Date: Jul 2006
Location: .mx
Posts: 606
Thanks: 0
Thanked 0 Times in 0 Posts
Default Quick and not so Dirty Way to Configure NFS & Samba
The following procedures should be done providing root credentials. To obtain root credentials, open up Konsole (kmenu->System->Konsole), type su , and provide your administrative password. If you are not savvy with the shell, you can edit files issuing the following command from kmenu-> Run command: kdesu kwrite, and then locating by hand the file. You should be careful with what files you open, as if you mistake you might break something.

1. Setting up a custom hostname.
--------------------------------
PCBSD sets up the same hostname (computer name) for every install performed (pcbsd is the hostname) If you have more than one computer in the network, it would be advisable that each one has a different hostname.

Edit /etc/rc.conf. Search for the following line, and change pcbsd to a more suitable name.
Code:
hostname="pcbsd"
Edit /etc/hosts. This is the default /etc/hosts file:
Code:
# : src/etc/hosts,v 1.16 2003/01/28 21:29:23 dbaker Exp $
#
# Host Database
#
# This file should contain the addresses and aliases for local hosts that
# share this file.  Replace 'my.domain' below with the domainname of your
# machine.
#
# In the presence of the domain name service or NIS, this file may
# not be consulted at all; see /etc/nsswitch.conf for the resolution order.
#
#
::1                    localhost localhost.localdomain pcbsd.localhost pcbsd
127.0.0.1              localhost localhost.localdomain pcbsd.localhost pcbsd

#
# Imaginary network.
#10.0.0.2               myname.my.domain myname
#10.0.0.3               myfriend.my.domain myfriend
#
# According to RFC 1918, you can use the following IP networks for
# private nets which will never be connected to the Internet:
#
#       10.0.0.0        -   10.255.255.255
#       172.16.0.0      -   172.31.255.255
#       192.168.0.0     -   192.168.255.255
#
# In case you want to be able to connect to the Internet, you need
# real official assigned numbers.  Do not try to invent your own network
# numbers but instead get one from your network provider (if any) or
# from your regional registry (ARIN, APNIC, LACNIC, RIPE NCC, or AfriNIC.)
Replace all the "pcbsd" instances with the new name you provided on the rc.conf file just edited.


2. Disable Firewall
-------------------
Note: Disabling your firewall altogether is not a good idea if you don't trust your local network and don't have a hardware firewall between your network and the internet. Do this at your own risk. Providing a customized pf script trying to address each particular network configuration of yours is out of the scope of a "quick and dirty" setup.

Control Center > System Administration > Services Manager
Click on PF(Personal Firewall), then choose "Stop" and "Disable at Startup"

or do it by hand:
change the following on /etc/rc.conf :

from
Code:
pf_enable="YES"
pf_rules_enable="YES"
to
Code:
pf_enable="NO"
pf_rules_enable="NO"
*Add the following line to /etc/hosts.allow, just below #ALL : ALL : allow
Code:
ALL : LOCAL : ALLOW
(this line can be fine tuned to allow only what you need, check man 5 hosts_options and man 5 hosts_access)


3. Setting up NFS
Depending on your setup, you might want to enable just NFS client or both client and server.

Add the following lines to /etc/rc.conf

Code:
#Enable NFS Client
nfs_client_enable="YES"
nfs_client_flags="-n 4"

#Enable NFS Server
rpcbind_enable="YES"
nfs_server_enable="YES"
nfs_server_flags="-u -t -n 4"
mountd_flags="-r"
Add an /etc/exports file. Example:
Code:
#The following examples export /usr to 3 machines named after ducks,
#/usr/src and /usr/ports read-only to machines named after trouble makers
#/home and all directories under it to machines named after dead rock stars
#and, /a to a network of privileged machines allowed to write on it as root.
#/usr                   huey louie dewie
#/usr/src /usr/obj -ro  calvin hobbes
#/home   -alldirs       janice jimmy frank
#/a      -maproot=0  -network 10.0.1.0 -mask 255.255.248.0
#
# You should replace these lines with your actual exported filesystems.
# Note that BSD's export syntax is 'host-centric' vs. Sun's 'FS-centric' one.
/exportpath       -alldirs        -maproot=root   allowedhostname
For more information on how to set up the exports file, check man exports.

To remotely mount the filesystem, issue the following command:
Code:
mount hostname:/exportpath /mountpoint
where hostname is the name of the computer acting as nfs host, exportpath is the path you set on the exports file, and /mountpoint is the directory to which this filesystem will be mounted (it has to be a directory owned by the mounter and empty).

To see the host's exports list, issue this command:
Code:
showmount -e hostname

4. Setting up Samba

Find where the smb.conf file is located:
smbd -b | grep smb.conf
In this case, it is located on /usr/local/etc/smb.conf

Adjust the following line in smb.conf (example: /usr/local/etc/smb.conf )
Code:
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
   workgroup = MYGROUP
Append (add at the end) your shared folders (example):
Code:
[public]
   path = /usr/somewhere/else/public
   public = yes
   only guest = yes
   writable = yes
   printable = no
Check the examples provided at the end of the smb.conf file, also check man smb.conf

Add users using smbpasswd (example):
Code:
smbpasswd -a username
(the command will prompt for a password to be created)

And that's it. You should be able to see the samba shares and remotely mount using nfs.

Online References:
http://trac.pcbsd.org/ticket/6
http://www.freebsd.org/doc/en_US.ISO885 ... k-nfs.html
http://us4.samba.org/samba/docs/man/Sam ... l#id318178
Reply With Quote
  #2  
Old 11-26-2007, 04:46 PM
anotherdave anotherdave is offline
Junior Member
 
Join Date: Oct 2007
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
If you actually HAVE machines that are named after dead rock stars, you'll want to change the line above to:
Code:
#/home   -alldirs       janis jimi frank
And of course, your next machine will be named jerry, right?

(Useful information. Thanks! :-) )
Reply With Quote
  #3  
Old 03-08-2008, 09:21 PM
nayan nayan is offline
Junior Member
 
Join Date: Mar 2008
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
Thanks for the tips: they were very useful.

To add to your post, I thought it might be worthwhile to mention that you could edit the /etc/fstab file to mount the Windows drive automatically via Samba or, allow you to use a simple command such as:

# mount /mnt/godruma/data

where /mnt/godruma/data is the mount point you create on the BSD system as root as follows.

Code:
# mkdir -p /mnt/godruma/data
# chown -R <your username>:<your group> /mnt/godruma
# chmod -R 744 /mnt/godruma
Thereafter edit the /etc/fstab file by appending as follows.

Code:
# Samba shares
//godruma/data /mnt/godruma/data        smbfs   rw         0       0
To mount automatically, you could specify rw, username=xyz, password=xyz in the entry above in place of rw. However, that can be a security risk and you'd need to make the file read-only for root thus:

Code:
# chmod 600 /etc/fstab
Hope this helps.

< I am new to BSD having come from the Linux world, so please excuse any errors above >
Reply With Quote
  #4  
Old 03-09-2008, 12:25 PM
antik antik is offline
Senior Member
 
Join Date: Jul 2005
Location: Estonia
Posts: 3,610
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
Originally Posted by nayan
Thereafter edit the /etc/fstab file by appending as follows.

Code:
# Samba shares
//godruma/data /mnt/godruma/data        smbfs   rw         0       0
I won't encourage mounting external mountpoints from /etc/fstab at all- what happens when networks is down when you start your computer?

Better place to mount those points is from /etc/rc.local
__________________
"All parts should go together without forcing. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer." -- IBM maintenance manual, 1975
Reply With Quote
  #5  
Old 04-22-2008, 06:08 PM
thenrie thenrie is offline
Senior Member
 
Join Date: Jan 2008
Posts: 169
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
You can add the option "intr" in the /etc/fstab line to be able to interrupt the bootloader's attempts to load the samba share while the network is down by using ^C. Otherwise it will keep trying to load it forever and stop the boot process. You can also add the option "noauto" so that the line is there in fstab, but not automatically loaded during boot. You can mount it with the "mount -a" command when you need it.

Code:
Samba shares//godruma/data /mnt/godruma/data smbfs rw,intr(or noauto) 0 0
Reply With Quote
  #6  
Old 12-13-2008, 10:52 PM
Ian_Robinson Ian_Robinson is offline
Senior Member
 
Join Date: Jan 2007
Location: Salem, Ohio, U.S.
Posts: 328
Thanks: 0
Thanked 2 Times in 2 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
Advice on configuring PCBSD as a network file server with NFS and Samba for BSD and Windows access (PCBSD 1.5.x and 7.0.x)

There are several Server Configuration files that must be modified to operate an NFS Server with Samba access. Most of this information is readily available on the web. The thing that is critical to making it work with PCBSD is to modify /etc/pf.conf to let NFS and Windows clients pass through the pf firewall. This is the list of files to modify:

1. /etc/exports (1 line)
2. /etc/pf.conf (3 lines)
3. /etc/rc.conf (3 lines)
4. /etc/hosts.allow (optional)
5. /usr/local/etc/smb.conf (many lines)

In these examples, the local network uses:

Tcp/ip addresses in the range 192.168.1.x and a netmask of 255.255.255.0.
The server is called "server" and uses a fixed ip address of 192.168.1.100
The files to share are stored in either the home directory or at a directory called /server_files
The client mount point is at /mnt/server


Part 1. ==================== Modify /etc/exports (SERVER) ===================

Exporting the "home" directory:

Code:
# identify the directory to export, the local network address, & net mask 
/usr/home/IR -network 192.168.1.0 -mask 255.255.255.0
or exporting another directory:

Code:
/server_files -network 192.168.1.0 -mask 255.255.255.0

Part 2. ==================== Modify /etc/pf.conf (SERVER) ===================

# at the top of the file, define a macro variable to identify the local network
Code:
#
lan = "192.168.1.0/24"
#
At the end of the file, add lines to pass all traffic to/from local network.
Notice the local network is identified here as the macro variable $lan.
Here, xl0 is the network interface card (NIC)
Code:
#
pass in on xl0 from $lan to any keep state
pass out on xl0 from any to $lan keep state
#
Part 3. ==================== Modify /etc/rc.conf (SERVER) ===================

# add the next three lines to make the computer an nfs file server
# see further below to configure an nfs client

Code:
rpcbind_enable="yes"
nfs_server_enable="yes"
mountd_flags="-r"

Part 4. ==================== Optional Modifications to /etc/hosts.allow (SERVER) ===============

No changes are necessary, but you could change anywhere the file references an ip address or netmask to match your particular network.


Part 5. =================== Modify /usr/local/etc/smb.conf (Server) ======================

Code:
[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
   workgroup = MYGROUP  <------------------------------------ (change to your Windows workgroup)

# server string is the equivalent of the NT Description field
   server string = Samba Server   <---------------------------(change to meet your naming needs)

# Security mode. Defines in which mode Samba will operate. Possible 
# values are share, user, server, domain and ads. Most people will want 
# user level security. See the Samba-HOWTO-Collection for details.
   security = user   <------------------------------------ (change to security = share )

# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
;   hosts allow = 192.168.1.  127.    <-----------(change to match the 1st three parts of your network tcp address, keep 127. )

                 * * *

[homes] 

   comment = Home Directories
   browseable = no
   writable = yes

              * * *

[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
printable = yes
#
# >>> Custom Additions to Locate Files and Permit Access <<<==============================
#
[FK_SERVER]                   <------------------- Section Label, here w/ my server's name
    comment = general user documents and files
    path = /server_files         <------------------ Path to location of the files you want to share
    public = yes
    read only = no
    writeable = yes
    browseable = yes
    guest ok = yes
    available = yes
    guest account = nobody
    force group = nogroup
    force user = nobody
    create mask = 0777
    directory mask = 0777
    nt acl support = No
#
#  End Samba Changes


To access the NFS Server with a PCBSD CLIENT, you must modify one configuration file ( /etc/rc.conf ) and create a mount point on the client directory tree:

# Add this line to /etc/rc.conf
Code:
nfsiod -n 4
Make Mount Point on Client Directory Tree

Code:
#mkdir /mnt/server
Now everything should be ready to actually mount a remote file system. In these examples the server's name will be "server" and the client's name will be "client."

Mounting the NFS Server

Execute a command like this as root on the client (Syntax: # mount_nfs <server_IP>:<server_dir_path> /<mount_point>)

Code:
# mount_nfs 192.168.1.100:/home/IR /mnt/server  <--- mounts the home directory
or
# mount_nfs 192.168.1.100:/server_files /mnt/server <----- mounts the server files
If you want to mount both the home directory and the server files, you need to define two export lines and two different mount points.

On the Windows client, you step through "My Network Places" until you see the PCBSD share. It helps to go into "My Computer" or "Windows Explorer" to "Map a Network Drive" to a drive letter.
__________________
Ian
FitchKendall AT Gmail.com
Reply With Quote
  #7  
Old 12-14-2008, 11:31 PM
thenrie thenrie is offline
Senior Member
 
Join Date: Jan 2008
Posts: 169
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
Nice, thanks. I was wondering about all that. I haven't had time to set up my sharing features in PCBSD yet. It appears PCBSD is straight FreeBSD as far as NFS and Samba are concerned.

Can you not accomplish the same thing by following the Dolphin wizard provided with PCBSD?
Reply With Quote
  #8  
Old 12-15-2008, 12:21 AM
Ian_Robinson Ian_Robinson is offline
Senior Member
 
Join Date: Jan 2007
Location: Salem, Ohio, U.S.
Posts: 328
Thanks: 0
Thanked 2 Times in 2 Posts
Default Re: Quick and not so Dirty Way to Configure NFS & Samba
Quote:
It appears PCBSD is straight FreeBSD as far as NFS and Samba are concerned.
Yes. Your assessment is 100% correct.

Quote:
Can you not accomplish the same thing by following the Dolphin wizard provided with PCBSD?
A good question. The Dolphin Network Wizard (found in the "Places" component of Dolphin) uses the "fish" protocol. http://www.fishshell.org/ PCBSD developers turn the fish command shell into a beautiful GUI file manager. Fish is also used by PCBSD in the stand-alone Network Folder Wizard (KnetAttach) found at Start > Applications > Internet > Network Folder Wizard.

Until you brought up it up, I did not realized how much fish/knetattach had improved with 7.x. I found that Dolphin Network connected quickly and in a much improved fashion when compared to previous versions of fish/knetattach when I connected to another PCBSD computer on my home network.

However, with 7.x, (and perhaps with PCBSD 1.5.x) you must modify /etc/pf.conf to let fish/knetattach pass through the firewall. The modification is the same as that described above:

At the top of the file, define a macro variable to identify the local network. Here, my router is 192.168.1.1, so my network is 192.168.1.0. Replace the string with your network:

Code:
==================== Modify /etc/pf.conf ===========================
#
lan = "192.168.1.0/24"
#
At the end of the default /etc/pf.conf, you must add two lines to pass all traffic to/from local network. (Notice the local network you identified above is now identified in the following lines as the macro variable "$lan".) But, bear in mind the pf rule that the "last entry controls", you might add them sooner in the file if you have previously customized /etc/pf.conf.
Code:
#
pass in on xl0 from $lan to any keep state
pass out on xl0 from any to $lan keep state
#
xl0 is a network interface card (NIC), so substitute your NIC's name. Also notice that the lines are not identical. The first says "pass in"; the second says "pass out". The first is from "$lan to any"; the second is the opposite from "any to $lan".



Samba allows Windows clients to read and write to files on a Unix or Linux machine. I don't know if fish lets Windows machines do that. But I think it would go the other way -- BSD machines can read remote Windows disks. I'll try it tomorrow at work to see if I can read a Windows machine from a PCBSD machine attached in the same network.

One difference I noted is that an using NFS to mount a remote directory makes the mount a part of your directory until it is umounted. With NFS you can mount multiple remote sources into your directory tree.

It was not obvious where fish/knetattach was mounting, if at all. Dolphin/fish/knetattach would mount quickly and easily whenever you wanted it to, but it was always a fresh mount and required a password each time. There's nothing wrong with that from a security standpoint.

Good tip thenrie.
__________________
Ian
FitchKendall AT Gmail.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Quick and (not so) dirty way to rip CDs to mp3 by drag and d graedus Tips and Tricks 3 02-14-2008 12:38 AM
Quick and dirty way to transcode video (PCBSD 1.4+) graedus Tips and Tricks 0 02-13-2008 06:45 AM
PC-BSD's dirty secret - why it's worse than Windows transced The Lounge 8 09-27-2007 04:26 PM
Option to configure SAMBA in PC-BSD installer Carmen Startup Bug Reports (read-only) 2 10-29-2006 05:58 PM
HELP ME:how to configure samba-2.2.12 in FreeBSD-6.1 qq18875102 FreeBSD Help 0 06-10-2006 05:58 AM


All times are GMT. The time now is 06:26 PM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.