Getting Started With Networking for Linux Part 3; Sharing File Systems

Introduction

Welcome to the third installment of the Getting Started With Networking for Linux series. In the previous articles we covered networking hardware, basic TCP/IP configuration and how to implement DNS (Domain Name System) for your network. While this article doesn't necessarily require knowledge of the previous topics, it would be a good idea to read the other articles first if you are new to networking in general.

Today we're going to see how you can share and mount remote file systems across your network using NFS (Network File System). We will also see how to use Samba to make sharing and accessing Microsoft Window file systems a possibility. If you haven't experimented with this type of service before you will find that having access to the data of all the computers on a network from one single computer is a very handy service. The idea behind this service is that when a file system is shared on a network, any computer with the correct permissions can mount that file system locally and read/write data from it just like you manage data on your local hard drive.

In the Unix world the NFS service is used to export and mount file systems. NFS is a standard Unix service and chances are it's already installed on your machine. Microsoft Windows machines don't use the NFS service and instead they export file systems using the SMB protocol that is common among Microsoft Window machines. To export and mount Microsoft Windows shares we are going to use Samba, which is an open source software package that allows Linux to use the SMB protocol. Samba may or may not be installed by default on your Linux distribution but in any case you can get the software from www.samba.com.

Exporting File Systems With NFS

The NFS configuration file used to export file system directories to other computers is the /etc/exports file. This file contains a table of exported directories and which computers on your network have access to them. Here's a listing an example NFS configuration file:

/mnt/cdrom 192.168.1.4(ro)
/home/josh/mp3 *.domain.lan(rw)
/usr/local/networkbackup 192.168.1.0/255.255.255.0(rw)
/home/josh/work bob(rw) mary(rw) john(rw) simon(ro)
/home/ftp/pub (ro,insecure,all_squash)


As you can see, there are numerous ways to export directories to all or only a few computers. The first column lists the directories that you want to export. The second column lists the hosts that have access to that directory and the permissions they get granted. You can list hosts with IP addresses, DNS domains with wild cards, IP subnets and hostnames.

The last entry in our example file is a special one. It exports the /home/ftp/pub directory to everybody, even to hosts not on part of your network. The permissions for each host if put after its entry in parenthesis with (ro) being read-only and (rw) being read/write. Many other options (like mapping of user and group ids) can also be put inside the parenthesis. For a complete list of options read the exports(5) man page by typing man 5 exports at your shell prompt.

One thing to note is that DNS wild cards don't match the dots in domain names. This means that having *.domain.lan as a host in your /etc/export file won't give access to computers with domains like subnet.domain.lan. To match those domains you need to specifically add them like *.subnet.domain.lan.

Once you have tailored your /etc/exports file to your taste you must restart the NFS daemon for the changes to take effect. On Linux the NFS file systems are handled by the rpc.mountd and rpc.nfsd daemons. You must restart both of these daemons to have your directories exported. You can restart them by typing the following commands:

killall -HUP rpc.mountd
killall -HUP rpc.nfsd


Mounting Remote NFS File Systems

Now that we have our directories exported let's see how to mount them from another machine. The process of mounting NFS file systems is almost the same as mounting local hard drives or cdroms. You must first have a mount point to access the file system once it's mounted. A common place to put mount points is in the /mnt directory. Mount points are simply directories, so all you need to do is mkdir /mnt/mountpoint to create one.

mkdir /mnt/remote_cdrom
mkdir /mnt/josh_mp3
mkdir /mnt/ftp_pub


Typing the above commands would create three directories in /mnt. Now that we've got mount points let's mount the file systems. For example, say that the computer we have exported the directories on is at IP address 192.168.1.98 and has a domain of node98.domain.lan; the following commands would mount the exported directories on our local machine (assuming we have the correct permissions in the server's /etc/export file).

mount 192.168.1.98:/mnt/cdrom /mnt/remote_cdrom
mount node98.domain.lan:/home/josh/mp3 /mnt/josh_mp3
mount 192.168.1.98:/home/ftp/pub /mnt/ftp_pub


Instead of telling mount to use a local device like we usually do when mounting hard drives or cdroms, we put a hostname or IP address followed by a colon and the exported directory on the target computer. After mounting those three directories you can read and write data to them like normal directories on your local file system. If you try to mount a directory on which you have no permissions you will get a permission denied error. If you get this error check the remote computer's /etc/export file to make sure the computer trying to access the directory is listed. If you get a RPC TimeOut error this means that the rpc.mountd and rpc.nfsd daemons might not be running so be sure to check that they are in fact running by typing ps ax on the NFS server. The rpc.nfsd and rpc.mountd also need the rpc.portmap daemon so they can make rpc calls across the network and this might also be the reason you're getting a RPC TimeOut error.

Installing Samba

If you have both Linux and Microsoft Windows computers on the same network and you want to share files between them, you will need to install the Samba software package. Most Linux distributions ship with a pre-compiled version of Samba but if yours does not the source code for Samba can be downloaded from www.samba.com. Samba can be compiled and installed with the following commands once you have downloaded the source code.

tar zxvf samba-latest.tar.gz (extract source code)
cd samba-latest/source (change to the samba source directory)
./configure --with-smbmount (configure build environment)
make (build Samba package)
su (change to super-user)
make install (install files)
exit (exit super-user shell)


By default this will install the Samba files in /usr/local/samba. If you want to install it in a different directory add --prefix=/samba/install/dir to the ./configure command.

Samba comes with a Web Configuration utility called swat and if you want to use it you will need to add a few lines to /etc/services and /etc/inetd.conf. In /etc/services add the following line if it does not already exist:

swat 901/tcp # Swat, Samba Configuration Utility

You also have to add a line to /etc/inetd.conf to start the service if it's requested so add the following if it does not already exist.

swat stream tcp nowait.400 root /usr/local/samba/bin/swat swat

Please note that the path on that line might be different than the one on your system (especially if you didn't install Samba in the default directory) so change it according to your system. Once both these files are changed inetd must be re-started: you can do this by typing killall -HUP inetd at your shell prompt.

If you're having difficulties installing Samba, the good folks at O'reilly provide a free version of the book Using Samba which is distributed with the Samba source code and is found in samba/docs/htmldocs/using_samba.

Samba Configuration

Before starting up the Samba daemons we still need to build our configuration file for Samba. If you set up swat like I explained in the previous section you can connect to the swat configuration utility with your web browser by entering http://hostname:901 as the URL. This program will give you options for building the Samba configuration file. Since we're not using all of Samba's features I will list a simple configuration file that can get you started. By default this file goes in /usr/local/samba/lib/smb.conf but if your Linux distribution came with a pre-compiled version it's also common to find it in /etc/smb.conf.

[global]
netbios name = MyMachine
workgroup = Workgroup
server string = My Samba Server
security = SHARE
encrypt passwords = Yes

[incoming]
comment = ftp directory
path = /home/ftp/incoming
read only = No
guest ok = Yes
hide dot files = No

[homes]
read only = No

This simple configuration file configures the netbios name of our machine and tells Samba which Microsoft Workgroup our computer is a part of. Both the [incoming] and [homes] sections are exported directories that other computers will have access to. The [homes] share is a special one that lists only the home directory of the user connecting to our Samba server. When a Microsoft Windows user browses your network with the Network Neighborhood utility, he or she will see incoming and their home directory(if he or she has one) as shared file systems.

To add more shared directories to your Samba server simply copy the [incoming] example, rename it and change its path value. Various permission settings such as read and write access must also be specified like we did before. For a full list of options you can specify in your smb.conf file, type man smb.conf at you shell prompt.

Starting Samba and Adding Users

Once you have the configuration done you can start Samba by typing the following at your shell prompt:

/usr/local/samba/bin/smbd -D

/usr/local/samba/bin/nmbd -D

If your configuration file is valid these two daemons should sit in the background and listen to network requests made of your Samba server. To let users have access to your server they must be present in the smbpasswd file. The Samba user authentication is completely separate from your Unix /etc/passwd file.

Adding users to Samba can be done with the smbpasswd utility. To add a new user, type the following command at your shell prompt:

/usr/local/samba/bin/smbpasswd -a username

After typing this command you should be prompted to provide a password for the new user. Remember that this username and password is not the same as the one used to log on your system. The username should be the one the user uses on his Microsoft Windows computer.

Mounting Microsoft Windows Shares

The only thing left to see is how to mount Microsoft Windows shares on your Linux computer. During the installation process we passed --with-smbmount as an argument to ./configure. This argument built the smbmount utility which is used to mount file systems shared on a Windows computer. You can mount Windows shares on your Linux machine by typing the following command at your shell prompt:

smbmount //remotemachine/service /mnt/point -o username=user,password=pass

This command would mount the directory at //remotemachine/server at /mnt/point on your Linux machine. You can pass some command arguments to smbmount to specify which username and password to use (like we did above). Other useful arguments that can be passed to smbmount are ip=ipaddress and workgroup=workgroup which tells smbmount at which IP address the machine is located and which workgroup the machine is a part of, in case the smbmount command fails to find the machine.

For those of you using X11, there's a graphical front-end to smbmount called LinNeighborhood that looks similar to Network Neighborhood under Microsoft Windows. It lets you browse Microsoft networks and mount file systems. LinNeighborhood can be downloaded at www.bnro.de/~schmidjo/ and is definitely worth checking out.

Additional Resources

For additional information visit the Samba Web Site and be sure to take advantage of the great book called Using Samba that O'reilly has made available for free.

You might also wish to read the previous articles from this series which are Getting Started With Networking for Linux and Getting Started With Networking for Linux; Configuring DNS for your network with BIND.