A basic SAMBA share for home networks

Simple (but not super secure) SAMBA shares for the home user
configuration
samba
linux
Published

May 9, 2020

Intro

Edit October 2020

The original post dealt with setting up a share from an Ubuntu server to provide read/write access without a password. Since writing that part I purchased a Synology NAS and am now including sections on setting up shares for that.

Most SAMBA guides I find online are some combination of out of date or focused on the enterprise. My objective is to provide a quick reference for setting up files shares from a Linux server to Windows clients, or to properly mount SAMBA shares from a NAS device onto Linux clients. This is only appropriate for a home network. In the case of the Linux server I’m sacrificing security/specific user permissions for being easily able to connect to my file share. On a small LAN where I can easily physically monitor the devices I think this is worth it. Clearly you should not do this for an organization or if you have more sensitive data you’re sharing.

Password free server on a Linux box

What I’m installing this on

The current server I’m running this on is an Ubuntu 18.04 machine. Hopefully most of this will translate to similar setups. I’m sure I’ll be upgrading the OS soon so I’ll edit this if I encounter any breaking changes.

The steps

Install samba

sudo apt install samba

Backup any existing smb.conf and then update

# If you have one already
sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.bak

Now setup the new smb.conf:

[global]
        map to guest = Bad User
        logging = systemd
        log level = 1
        guest account = <username>

[data]
        # This share allows guest read write access
        # without authentication, hope you trust everyone on your LAN
        path = /mnt/data/ # Or whatever folder you're sharing
        read only = no
        guest ok = yes
        guest only = yes

Where <username> is the user on your samba server that has appropriate access to the folder you’re sharing.

After saving the config file you can run testparm to see if there are any syntax errors.

Restart and enable SAMBA, give it a test

From the samba server:

sudo systemctl status smbd # check if it's running
# If it's running do this
sudo systemctl restart smbd
# If it's not do this
sudo systemctl start smbd

Try and connect from a Windows machine, make sure you can create and delete files. Back on the samba client you can check if the files you created have the right permissions (should be assigned to the user you created).

Assuming everything works enable the server so it will reload if you restart the machine. From the samba server:

sudo systemclt enable smbd

No Password Conclusion

That’s it! Super simple but every time I tried to get a SAMBA share going in the past I always ended up struggling. Hopefully this guide will be helpful to future me and anyone else who’s got a similar situation.

Mounting shares from a NAS

This part is pretty straightforward, but there are always a few finicky bits that I have to google, so I’m recording the process here for the next time I have to set it up. Setting up the actual share on the NAS is outside the scope of this article. In my case I’m using a Synology box so it’s pretty much just point and click.

Create a credentials file

I’m going to try and pay a reasonable amount of attention to security in this implementation. The NAS has a user set up with read and write permissions for the share that I want to access. I’ll use the suggestions from the Arch Wiki to set up a credential file.

sudo mkdir /etc/samba/credentials
sudo echo "username=<shareusername>" >> /etc/samba/credentials/share
sudo echo "password=<sharepassword>" >> /etc/samba/credentials/share
sudo chown root:root /etc/samba/credentials/share
sudo chmod 700 /etc/samba/credentials
sudo chmod 600 /etc/samba/credentials/share

Find the appropriate UID and GID to assign ownership

When creating the /etc/fstab entry for the share mount we want to assign ownership to the user that will actually be accessing the files. This is done by UID and GID. For my single user systems that’s usually 1000:1000 but I like to double check and I usually have to look up the command so here it is.

id -u <username>
id -g <username>

Will give the UID and GID for user

Create the fstab entry

Now we just need to create an entry in fstab to the share:

//<server>/<share_path> /mnt/<share_point> cifs _netdev,uid=<uid>,gid=<gid>,credentials=/etc/samba/credentials/share 0 0

NAS Conclusion

This extension to the post just has a few code snippets that I’ve found useful. There’s not a lot of exposition on why I’ve set things up the way I did. It’s more meant as a reference for future me, but hopefully it’s useful to others.