Samba administration on Linux Mint

So, we have out copy of Linux Mint (17.2) installed and it all looks very pretty, but it still isn’t talking to the other computer (Windows or Linux) on the LAN. Let’s try following the tutorial on the Mint site here.

• An updated fresh Mint installed
• Grabbed a copy of WINE for future Adobe Flash DRM video viewing with:

apt install wine --install-recommends

The tutorial then gives the following two commands, but I thought I’d check the Webmin site to see if there had been a webmin update (there had) and so changed the version number as seen below.

cd ~/Downloads
wget http://iweb.dl.sourceforge.net/project/webadmin/webmin/1.610/webmin_1.610_all.deb

So the source I changed to

wget http://iweb.dl.sourceforge.net/project/webadmin/webmin/1.760/webmin_1.760_all.deb

right, that’s downloaded the package. Now to get the rest of the supporting libraries:

sudo apt-get update
sudo apt-get install libnet-ssleay-perl libauthen-pam-perl libio-pty-perl apt-show-versions libapt-pkg-perl -y

Both updates went through without a hitch. Now, I can go ahead and actually install Webmin:

sudo dpkg -i ~/Downloads/webmin_1.760_all.deb

Woohoo! Looks good, and the installation process also told me that I could login to webmin at https://dibbler:10000/ as root with my root password – ‘dibbler’ is the hostname of my machine. Alternatively, a more generic login would be:

https://localhost:10000/

Old Dibbler gets the panics!

A moment’s panic!! Firefox tells me that old ‘dibbler’ has seen an untrusted connection at this address! What do I do? Well, I’m fairly sure that this is just webmin as directed, so I click ‘I understand the risks’ and it wants me to add an exception to Firefox’s blocking rules. Wavering slightly, I do so and a pop-up does just that!

I chose ‘Get certificate’ and ‘confirm security exception’ – let’s hope those were the right choices!

Well, it all looks good – a login to webmin screen has appeared in my browser. I login as ‘root’ with my root password and go straight into the webmin options. Good grief! Where to start?

Webmin Administration

The first thing I notice on the home screen is that 13 package updates are available, so I click on the link to see if it will update them. Hmmm…. lots of GRUB stuff and some important kernel updates! Seems to be doing them ok… Yay! All good. Return to package list.

Using the Menu I went to Servers>Samba Windows File Sharing. There’s an awful lot of information here that I don’t understand, so I’m going to follow the tutorial steps pretty closely. I looked for ‘Add Samba User by converting a system user’…. In the second block of icons down, called ‘Samba Users’ there was an icon for Convert Users – perhaps this is what I need? I click on it. I checked the radio button for Only listed users or UID ranges, and then Use this password for newly created users.

Looking for the Verify option mentioned int he tutorial, I found the User Synchronisation section and checked the radio boxes for Add a Samba user when a Unix user is added, Change the Samba user when a Unix user is changed and delete the Samba user when a Unix user is deleted. It seemed to make sense that the users were synchronised. So, back to the main sharing menu. As the tutorial says, clicking on Samba Users does indeed show ‘nobody’ and my username.

I then chose to Restart the Samba Servers using the button at the bottom, and it failed! Damn! What now? Back to the tutorial… no help 😦

I restarted the Winbind server with no problem. Perhaps I can restart samba from the command line?

sudo restart smbd
sudo restart nmdb

Which all seems to go ok… but no luck!

Making file shares

Maybe I don’t have anything to share on the network? So, I went to the Create a new share option and selected my Downloads directory as a test but to no avail.

Not giving up yet, I went to the Windows Networking Options section from the main screen, put in my machine’s name as the server name and alias, changed the default service to ‘global’ (in the hope of catching any traffic!) and clicked Save. I used the above two commands to start & stop the service….  still no joy.

I then went to Security And Access Control under File Share Defaults. I changed the share to writeable as I wanted to receive files from other machines, made it accessible to Guests (user: nobody)and clicked save.

Sadly, still can’t get any networking working with either linux or Windows machines…

FTP onto the Ubuntu Gutsy Server

Getting an FTP client

Going to the Synaptic Package Manager on my Ubuntu desktop and typing ftp into the search bar, I find a popular little client called gFTP. I mark it for installation and click Apply. It downloads and installs successfully.

Flushed with optimism after the recent success with Apache, I launch the client and try to connect to the server using ftp.sylvarwolf.homelinux.com but the connection gets refused. Mmmm – either there is no ftp server installed on the server or I have not set up an ftp user.

Webmin

I just noticed that in Others>Upload and Download there is a facility to upload files directly to the server. That’s pretty amazing. However it would be nice to have an FTP server running so that I can give other members of the family their own accounts and enable them to build web-pages. So I go to Servers>ProFTPD Server which looks like it might do the job and it tells me that it cannot find it but offers me a chance to download and install using APT. Now that sounds good. So I follow the click here link.

Warning

Yesterday, I navigated away from the Webmin install page while it was installing and the server’s file system corrupted. So now I am just going to be patient and reason that if there is a problem it will timeout and tell me. Still waiting…

30 Minutes later and still the same. I did navigate away and decided to try apt-get install proftpd from the CLI. However, it tells me that /var/cache/apt/archives/lock is locked and I cannot lock the download directory. Mmmm….. I have just used Webmin’s file manager to delete this file and will try again from the CLI. Now that seemed to work. I chose inetd as the ftp server type as I’m not anticipating heavy load and Webmin now shows me all the options.

System Logs

Apparently system log files can consume a lot of space, so I go to System>Log File Rotation>Edit Global Options and set Maximum size before rotating to 50M (Mb) and the Number of old logs to keep to 4.

ProFTPD Configuration

1.      Bases on the howto here, I used the file manager to add the line /bin/false to /etc/shells

2.      Then navigate to /home and check my public directory is there. It is, so no problem there.

3.      Then, using Webmin’s command shell,  I add another ftpuser (coz I don’t know how to add to the one I’ve already got) by

                useradd userftp -p <your_password> -d /home/public -s /bin/false

4.      I switch over to the server to type: passwd userftp to make sure the password has been set.

5.      Using Webmin’s file manager, I create directories called downloads and uploads in /home/public.

6.      Clicking on /home/public in the right pane, I can then click on the Info button and take write access off for users and groups, setting permissions to 0755.

7.      Then going to downloads I do the same (0755) and then uploads, I make sure that all access is enabled with 0777.

8.      Going back to Servers>ProFTPD I then click on the Edit Config Files button to make the following changes:

            UserAlias            gary userftp
            ServerType         standalone      (rather than inetd)
               ShowSymlinks    off
               TimeoutStalled   100
            TimeoutIdle        2200
               RootLogin          off                  (line added)
             #It’s better for debug to create log files 😉            (line added)
             ExtendedLog     /var/log/ftp.log                              (line added)
             TransferLog       /var/log/xferlog                             (line added)
             SystemLog         /var/log/syslog                             (line added)

(so I have to delete the log file lines found later)

             #I don’t choose to use /etc/ftpusers files               (line added)
             UseFtpUsers      off                                                (line added)
             MaxInstances     8

Uncomment PersistentPasswd so it reads ‘off’

             MaxClients          8                                                (line added)
             MaxClientsPerHost   8                                           (line added)
             MaxClientsPerUser   8                                           (line added)
             MaxHostsPerUser    8                                           (line added)

Then  added the whole of the next section:

# Display a message after a successful login
AccessGrantMsg “welcome !!!”
# This message is displayed for each access good or not
ServerIdent                  on       “you’re at home”

# Set /home/public directory as home directory
DefaultRoot /home/public
# Lock all the users in home directory, ***** really important *****
DefaultRoot ~

MaxLoginAttempts      5

#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>

<Directory /home/public>
Umask 022 022
AllowOverwrite off
    <Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
    DenyAll
    </Limit>
</Directory>

<Directory /home/public/downloads/*>
Umask 022 022
AllowOverwrite off
    <Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
    DenyAll
    </Limit>
</Directory>

<Directory> /home/public/uploads/>
Umask 022 022
AllowOverwrite on
    <Limit READ RMD DELE>
          DenyAll
        </Limit>

        <Limit STOR CWD MKD>
          AllowAll
        </Limit>
</Directory>

Controlling the Server

To start/stop/restart the server, I should be able to use:

            /etc/init.d/proftpd start
            /etc/init.d/proftpd stop
            /etc/init.d/proftpd restart

Now this all works. It’s not quite what I want, i.e. writing html pages to the webserver but it’s a start.

Powered by ScribeFire.

Installing Ubuntu Server 7.10 (Gutsy) on the Fileserver

Installing from CD

I downloaded the 7.10 Server CD and burnt it. Booting from it gave me a text based installation. All standard stuff. At the end of the installation I chose LAMP, SSH and Samba servers as additional modules to add on.

Testing the network

I then used ping to test the LAN and make sure that the Server was allocated an IP from the Router’s DHCP. ping 192.168.1.1 showed the Router alive and ping http://www.google.com showed Internet connection working.

Updating

I then used sudo apt-get update to update the package list and sudo apt-get upgrade to upgrade/update my installation. Only two packages were selected 🙂

All is going well so far, the next step is to get Webmin installed.

Webmin

As I was going to be doing a lot of ‘root’ work, I set up a root password using sudo passwd root and then logged in as root. To prepare for installation of Webmin I had to download and install the required support libraries, which I did with:

apt-get install openssl libauthen-pam-erl libio-pty-perl libmd5-perl

Peace of cake. The library libnet-ssleay-perl is no longer available. What to do? I found here that the version should be 1.30-1 – so it should be available. A bit of googling later and I found a download link for this version. So I typed:

wget http://ftp.fi.debian.org/debian/pool/main/libn/libnet-ssleay-perl/libnet-ssleay-perl_1.30-1_i386.deb

to download the packages and dpkg -i libnet-ssleay-perl_1.30-1_i386.deb to install it. Phew! That was close – didn’t think I’d get it going.

Then to get Webmin, I used:

wget http://garr.dl.sourceforge.net/sourceforge/webadmin/webmin_1.350_all.deb

To install Webmin, I used dpkg -i webmin_1.350_all.deb and, as promised, it said:

Webmin install complete. You can now login to https://Server:10000/ as root with your root password, or as any user who can use sudo to run commands as root.

“Server” is the name that I chose to call the server – now nobody said that I was imaginative! 😉 Then, I noticed from the Webmin site that the latest version was 1.370 (d’oh!) so I am going to have to update it once I get in. I should have downloaded webmin_1.370_all.deb instead.

Anyway, trying to access Webmin across the LAN using https://server:10000 failed with a ‘server not found’ message. Wonder what the IP of the server is?

Hmmm… A small bit of research later and I am no wiser as to what linux CLI command will tell me! Ho hum. Ah yes – log on to the Router and look in the DHCP client list to see which IP has been allocated to Server. Got it – it’s 192.168.1.8.

Updating Webmin

Typing https://192.168.1.8:10000 into a browser (Firefox) takes me to the login page and I can log straight into Webmin – yay! Now this is already one step further than before with 7.04 Feisty. Webmin opens up with some system details and a menu to the left. Clicking on Webmin in that menu and then Webmin Configuration I can choose Upgrade Webmin (Webmin>Webmin Configuration>Upgrade Webmin). I leave the “Latest version from http://www.webmin.com&#8221; selected and click the Upgrade Webmin button. It downloads and installs successfully. At the bottom of the page Webmin tells me that there are 1 updates for this version and I follow the click here link to download it. It is the acl (Access Control List) module and it donwloads and installs flawlessly. Now that was easy. Just to check, I click on System Information in the main menu and it tells me that I am indeed running 1.370. Success.

Samba file sharing

1. I go to Servers > Samba Windows File Sharing.

2. Then, I click on Create a New File Share and fill in the details as follows: Share name = public, Home Directories Share = unselected, Directory to share = /home/public, Automatically create directory = yes, Create with owner = root, Available = yes, Browseable = yes, Share comment = Fileserver stuff.

3. To make sure everybody has got permissions to this folder/share, I click on Others>File Manager and navigate to /home. Damn, Firefox tells me I have to download a plugin, now I know have Flash installed so I am guessing it is either Shockwave or Java, prob. Java. OK, let’s do it. Yup – it was Java.

4. I click on the Info button and check Read, Write and List boxes are ticked on User, Group and Other columns.

5. Lastly, I’ve got to make sure the configuration file is saying the right things. So I navigate to /etc/samba and click on smb.conf and then Edit. A little Java applet window pops up and I can edit the file here – cool, huh? So, what am I looking for? Looking for ; security = user I can now change it to ; security = share.

6. Now I can scroll down to the end of the file, and change:

[public]
comment = Fileserver stuff
path = /home/public

to be:

	[public]		

		comment = public		

		path = /home/public		

		public = yes		

		writable = yes		

		create mask = 0777		

		directory mask = 0777		

		force user = nobody		

		force group = nogroup

I then click on the Save & Close button. Phew - nearly there.

Windows Workgroup

Right. To check I am going to be part of the same Workgroup as trhe rest of my LAN, I click on Servers>Samba Windows File Sharing>Windows Networking in the Global Configuration section. Here I can set the Workgroup to MSHOME and click Save. That should be it – now to test the share from Windows…

Nah – it is asking for user name and password to get into the share and it shouldn’t do that. Interestingly, from another Linux box I can write to this directory – no problem. Hmm a small problem to solve. I shall be back.

Solution Found

Another dumb mistake easily solved. In the instructions above, you should notice a line in the smb.conf file that now reads ” ; security = share “. Remove the semi-colon at the front of the line! It all works beautifully now.

Job done. 🙂

Installing Webmin

Installing Webmin

I downloaded the RPM from the Webmin website and right-click on the desktop icon, chose Open with “Install Software”. It all seemed to work but to check I went to YaST>Software Management and searched for Webmin to check that it was installed. Woohoo!

Using “https://192.168.1.3:10000&#8221; to reach the Webmin page produced mixed results. The IP is the IP of the file server and it works on the console attached to the Server but not from across the LAN. Mmmmm…

Pinging the Server produces results, so it is present. Ah, the program needs Apache and the openSUSE install doesn’t install LAMP apps automatically. So… back to Package installation and in they go.

Still didn’t work. Can access Webmin from the local console but not across the LAN. Now I’m really confused..

Drat, looks like I’ll have to go back to an earlier step…