Samba server comes from Debian software repositories. The openmediavault project does not maintain this package, all bugs, hotfixes and features come from Debian.
The server configures Samba as standalone mode. The default global section
[global] workgroup = HOME server string = %h server dns proxy = no log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 syslog only = yes panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = no unix password sync = no passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes socket options = TCP_NODELAY IPTOS_LOWDELAY guest account = nobody load printers = no disable spoolss = yes printing = bsd printcap name = /dev/null unix extensions = yes wide links = no create mask = 0777 directory mask = 0777 use sendfile = yes aio read size = 16384 aio write size = 16384 null passwords = no local master = yes time server = no wins support = no
A default share example:
[MyDocuments] path = /media//dev/disk/by-label/VOLUME1/Documents/ guest ok = no read only = no browseable = yes inherit acls = yes inherit permissions = no ea support = no store dos attributes = no printable = no create mask = 0755 force create mode = 0644 directory mask = 0755 force directory mode = 0755 hide dot files = yes valid users = "john" invalid users = read list = write list = "john"
openmediavault automatically configures shadow copies if the shared folder is on a BTRFS file system and if there are snapshots available. These are exposed as Previous Versions to Windows clients.
It is possible to add extra options in the general and share configuration page. Options that are managed by openmediavault can be customized via environmental variables.
The login access in Samba is configured using privileges. This means they will not act in the file system layer, they will run in the Samba authentication layer. From there the access can be controlled to be read only or read/write access and guest account access. This is done with the PRIVILEGES button in the shared folder section, not the ACL. Privileges only gets login access and from there determines if user can read or write. If write access is enabled but files/folders have restricted permissions then write access is not possible using Samba.
Samba does not use PAM for login, it has a different password database. When the admin changes a username password (or the user changes their own) using the web interface what openmediavault does is that it changes both the linux login password and the Samba internal database. If a username changes their password using shell, this will not be reflected in Samba log in.
- How do I enter credentials in a semi-public share?
- In most cases the user will always be logged as guest. Use Windows map network drive feature to provide other login credentials different from guest. In Mac OS X use CMD+K (if using Finder)
- Why the login keeps saying access denied?
- This is more likely caused by two things:
- Permission issue (ACL or non default POSIX permission mode/ownership). Fix the permissions in the shared folder. Samba runs as privileged (root) user, even so if parts of path don’t have adecuate permissions, it will still respond access denied.
- Out of sync password in between linux and Samba. This is very rare but it has happened. Test in ssh the following [tt]smbpasswd username[/tt] enter password and try and login again.
- Why I can’t edit files that other users have created?
- The default umask in Samba is
644for files. To enable flexible sharing check Enable permission inheritance in the Samba share settings, this will force
664creation mode. Files created previously need to change their permission mode. Check also that you don’t have read only enabled. This option overrides privileges and POSIX.