Been "fiddling" with Samba for 4 hours now. I want to emulate having the USB drive that is plugged into my router now (/mnt/sda2) act like it was plugged in parallel to USBs on every computer on the local network. Open data where anyone can read to anywhere and anyone can write to anywhere on this USB drive and this is all happening only on the local LAN. In other words I am looking for a shared NFS with no security. Does anyone have a config file sample of how to make that work?
(Pretty much read all that's been written recently and it's all with user password security, even the "option security share" demands a password when I try to NET USE the drive from Windows)
Here's the last of about a hundred profile changes I've tried:
Also the documentation tells me to make the change of "option security share" editing the template under the Luci Services tab, but I'm not sure how the template is getting plugged into the config file. Very confusing.
**P.S. I don't mind having to enter a password and user name to access the disk, I just don't want the drive divided by user area or any type of writing done on the drive that can't be changed by anyone who accesses it and if a password is necessary or suggested, I don't want to have to manage new passwords every time I get on a new computer and want to get to the drive. THANKS.
**** On second thought, 2 passwords might not be bad if one would be for R/O access and the other for R/W access.
The package assumes no valid smb.conf in the /etc/samba dir, the init script will then use the samba template + config options to create a valid one on /tmp/etc and than link this final one back to /etc/samba, which can than be consumed by the samba daemon.
Also keep in mind that only a handful parameters are implemented via uci (config), so check the openwrt wiki which one work and otherwise parameters have to go into the template.
If you use samba4, than this gives you a full guest share, with read/write access for everyone in the network. If you use linux clients, change the file/dir masks.
Thank you. The opkg repository had only samba 3.6 and when I google samba4 I find a github site with no download feature or no place I can find to explain how I find an opkg side-loadable version of samba4. Thanks again.
I might add that I'm doing this on an espresobin and about 48 hours into this trying to get something for a simple file share on Windows laptops and a KODI box. I'm going to try the media server package for the KODI box and just need something simple for the Samba setup where I can use the USB drive in the espresobin as a shared network server.
Otherwise I can add a new opkg and do a little configuration but after that I've extinguished my skill set. (It took me 4 years of experimenting before I got openvpn server workign on openwrite and that was just trial and error using hundreds of configuration blogs and wikis so that should give you a hint of how intuitive this stuff is for me
guest only and guest ok should mean you aren't asked for a password... so that's a bit weird.
whatever you do, DON'T use the root user as your username and password for accessing the samba share. If I remember correctly samba has its own password database that you modify with smbpasswd but that might be old information. I only use Samba occasionally, i use honest to goodness NFSv4 for most of my file sharing. Not sure what the status is of Windows access to NFSv4 though, so not necesssarily recommending it if you need windows.
So still what is happening is that with these settings, trying to click on the share in the Network menu asks for a password and entering the root ID and password gets the standard invalid user/ password Windows error message.
Can you double check if the UCI settings are actually used, aka check the /etc/samba/smb.conf ? Also check if map to guest = Bad User is active in the template.
(and thanks to whoever in busybox forced super long, cryptic passwords when trying to do development work - can't you just put a system option to disable requiring a novel-long password)
Anyway I tried to add another user, tried to add that user with chown to my /mnt/sda2 drive I had and tried to log on witlh the new userID and all I could get is "access denied" so then I went back to samba under the luci configuration option and I have it so screwed up I can't even load it. So I will be trying to uinstall it and start over with it today. Let this show to developers that something is seriously wrong with this implementation. It may work for system engineers but it's not for the common-Joe who likes to experiment and set up local networks.
OK, I removed samba, deleted all the samba data files and installed it again.
`/etc/samba/smb.conf is:
[global]
netbios name = OpenWrt
display charset = UTF-8
interfaces = lo br-lan
server string = OpenWrt
unix charset = UTF-8
workgroup = WORKGROUP
bind interfaces only = yes
deadtime = 30
enable core files = no
invalid users = root
local master = no
map to guest = Bad User
max protocol = SMB2
min receivefile size = 16384
null passwords = yes
passdb backend = smbpasswd
security = user
smb passwd file = /etc/samba/smbpasswd
use sendfile = yes
[homes]
comment = Home Directories
browsable = no
read only = no
create mode = 0750
[Media]
path = /mnt/sda2
valid users = root
read only = no
guest ok = no
create mask = 777
directory mask = 777
browseable = yes
Also per various suggestions I've read for a Windows 7 machine trying to use Samba, I have done the following:
Windows Run or command prompt entry:
secpol.msc
Local Policies ->Security Options
When you're there change the following policies
Microsoft network client: Send unencrypted password to third-party SMB server: Switch it to "Enabled".
Network security: LAN Manager authentication level: Select the option: Send LM & NTLM - use NTLMv2 session security if negotiated.
Also:
root@OpenWrt:/mnt# ls -l /mnt
drwxr-xr-x 2 root root 4096 May 10 02:40 mmcblk0p1
drwxr-xr-x 2 root root 4096 May 10 03:09 mmcblk0p2
drwxr-xr-x 2 root root 4096 May 10 02:40 sda1
drwxr-xr-x 2 root root 4096 May 10 02:40 sda2
root@OpenWrt:/mnt# cd sda2
root@OpenWrt:/mnt/sda2# touch test.txt
root@OpenWrt:/mnt/sda2# ls
test.txt
root@OpenWrt:/mnt/sda2# ls -l
-rw-r--r-- 1 root root 0 May 11 18:00 test.txt
root@OpenWrt:/mnt/sda2#
Windows command line:
C:\Windows\system32>net use v: \\OPENWRT\Media /USER:root (password)
System error 5 has occurred.
Access is denied.
C:\Windows\system32>
Reference:
C:\Windows\system32>net use ?
The syntax of this command is:
NET USE
[devicename | *] [\\computername\sharename[\volume] [password | *]]
[/USER:[domainname\]username]
[/USER:[dotted domain name\]username]
[/USER:[username@dotted domain name]
[/SMARTCARD]
[/SAVECRED]
[[/DELETE] | [/PERSISTENT:{YES | NO}]]
NET USE {devicename | *} [password | *] /HOME
NET USE [/PERSISTENT:{YES | NO}]
Old notes, may not work and can most certainly be optimized and it's by far not the most secure setup...
/etc/samba/smb4.conf
[global]
workgroup = homegroup
server string = My NAS Box
reset on zero vc = yes
bind interfaces only = true
interfaces = br-lan
load printers = no
disable spoolss = yes
printing = bsd
printcap name = /dev/null
unix extensions = no
use sendfile = yes
syslog = 2
smb encrypt = disabled
smb passwd file = /etc/samba/smbpasswd
printable = no
passdb backend = smbpasswd
guest account = root
null passwords = yes
map to guest = Bad User
enable core files = no
encrypt passwords = true
deadtime = 15
veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
delete veto files = yes
# max log size = 1000
smb passwd file = /etc/samba/smbpasswd
[exthdd]
comment = My External HDD
path = /mnt/sda1/storage
public = yes
guest ok = yes
writable = yes
write list = root
browseable = yes
/etc/scripts/start_smbd.sh
#!/bin/sh
touch /etc/printcap
mkdir -p /var/cache/samba
mkdir -p /var/log/samba
mkdir -p /var/lib/samba/private
# You need to run "smbpasswd -c /etc/samba/smb4.conf -a root" once
smbd -D -s /etc/samba/smb4.conf
Create the /etc/samba/smb4.conf file
Put the startup script (which can be converted to use procd quite easily) somewhere
chmod + x
Run smbpasswd -c /etc/samba/smb4.conf -a root and set a password, preferably the same as on the router itself
Add script to /etc/rc.local (full path)
Run /etc/scripts/start_smbd.sh
Cross fingers
Note: You need to change path = /mnt/sda1/storage in smbd.conf to something that's valid.
Thanks so much. I am not at v4 of Samba because it has been said that I must compile it myself in order to use it and I am just not at this skill level yet (and may never be). I am running out of time on this project and need to get on the road, so I think it's wisest at this point for me to abandon it. Someone should know when they are "whipped", cut their losses and move on. I've certainly lost more money and time on bad decisions in the past. Thanks everyone for your effort to assist me. I appreciate it.
I have to say these "just get's" are killing me. Where did we start, was it 6 months ago ..... me: I am looking for a simple NFS for my camper and a media viewer. I "just got" and espressobin and a MiCool - I have "just gotten" more and more until.... well .... all I can think of is .... "until I am DIZZY". LOL, Grab a snapshot sounds easy to some I would imagine. No Luci on these i read, Another challenge. One step forward, and three back.
LuCI is available (package), I don't know where you've gotten this idea from.
As for the Mecool, https://coreelec.org/#install ...and if you click on the read more link it tells you how to boot for the first time (one time only).
Just for fun... it took me ~22 minutes to from a fresh install to have Samba running and that includes a two very slow package installes and about 3 reboots (one firstboot) which you wouldn't need to do as your device has more than 16Mbyte of flash
So I'd say like 15 minutes or so tops on your device
I have a capture of it which pretty much also applies to your device.
