Ksmbd (Samba3/4 alternative, ex cifsd/smbd) package support thread

This is the official ksmbd (ksmbd-server, ksmbd-utils) support thread. It can be found in snapshots and 19.07/20.x.

The ksmbd-server is a tiny Samba3/4 alternative, consisting of a kernel module ksmbd.ko and a userspace service usmbd.
The server is smb2/3 compatible and works like a Samba4 drop-in replacement. The wsdd2 service will be compatible and a similar luci-app-ksmbd will be available.

Keep in mind ksmbd has its own uci config and separate smb.conf paths (/etc/ksmbd/smb.conf). The actual init/smb.conf and uci config is very similar and should be easy to adapt from samba4.
Check the examples/helps in the /etc/ksmbd folder.

If needed a user database file (/etc/ksmbd/ksmbdpwd.db) can be created via installing ksmbd-utils (smbuseradd), but is not needed in guest mode.

Advantages:

  • tiny size: kernel module is a ~80kb ipk and the server is ~40kb, with deps its around 200kb total
  • lower CPU usage, compared to Samba-4.11 (5-15%)
  • potentially faster speeds on low end devices

Disadvantages:

  • no VFS modules support (no shadowcopy, macOS Timemachine support)
  • not as fully tested as samba3/4, so bugs/problems may happen (we test since 9 months in snapshots)
  • Just a simple fileserver, no AD-DC old netbios or other advanced samba4 options
  • avahi support is missing atm (ksmbd-avahi-service is in snapshots now), so no discovery of the shares on Linux/MacOS (need to use hostname or ip via UNC path)

PS: Ksmbd and Samba4 can be installed simultaneously, but you need to disable one service, since both can not run at the same time, without using different smb ports aka 445!

13 Likes

I'm testing this... Can you help me with a problem i'm having?
My share is displayed in network (on windows) but it give me error with not finding the network path.
From my pc I can ping my router with the share name.
Also for some reason apps can't see the share on the network. Can you help me troubleshoot this?
With samba4 all works.

Could be some magic done by wsdd2?

Ok i notice i need avahi daemon to make samba share visible to linux device...

I have the exact problem.

Is it correct for wsdd2 to take the system hostname by default and not the share name?

Still not sure what we talking about here, wsdd2 should announce the location to Win10 clients, at least this works for me? If not i need more info about your setup.

Yes, all wsdd2 do is point to the network location where a smb service is running, it has no knowledge about the share names itself, this is done by the client that checks the announced location from wsdd2.

Keep in mind wsdd2 is a windows only service, so Linux/MacOS clients will not get the announced location.

PS: Also keep in mind wsdd2/avahi are just there to announce the location, so directly using the network path via (hostname/ip+sharename) should work regardless.

Via ip works fine but using hostname doesn't in my setup.

On Windows 10 check those services:

  • Start the Function Discovery Provider Host and Function Discovery Resource Publication services, and then set them to Automatic (Delayed Start).
  • When you open Explorer Network, enable network discovery when you are prompted.
1 Like

What about linux device?
The share doesn't show up at all

I did add procd mdns, but i think this only lists the device, not the shares.
I think it might be possible via a custom avahi service config, similar to how samba4 worked before they added direct avahi api support into the bin.

Tobe honest i have not yet looked into linux/MacOS share announcement, was working on the Win10 stuff mainly. I need to contact upstream and see if they have some plans, ideas.

It should show up if you use hostname/ip + share and you use a smb compatible client filemanager or just mount the location via cli?

has anyone got a share working with a username & password "NOT guest mode" ?
I'm using 19.07.0 with windows 7
I have tried to set it up like samba
made user & set it's password & installed smbd-utils & setup user with smbuseradd
all seems to go ok but just can't connect keeps asking for username & password

side note after installing wsdd2 the share stopped working via name but still worked with it's IPV4 address
but turning off ipv6 on the local network interface allowed it to work & kept working after re enabling it seems to be an IPV6 thing it's like there is something broken accessing it via it's ipv6 address

Need to investigate this if i have some spare time.

General advice: When switching SMB servers, or SMB server versions, or fiddling around with configurations, it is sensible to reset Windows' Kerberos credential cache using

klist purge

on the Windows command line (with administrator privileges). If cached tickets mismatch it can lead to problems like yours, username and password can be perfectly correct and it still fails to connect.

1 Like

I finally found time to switch from snapshot to 19.07 and I'm sorry to say I have run into the same problem. Coming from cifsd, I can't manage to set up smbd in the same way.

I am doing this on a device that is exclusively used to test my NAS setup. This config used to work with cifsd on snapshot:

config globals
        option 'name'           'Testserver'
        option 'description'    'Testserver'

config share
        option name 'Data'
        option path '/srv/Data'
        option guest_ok 'no'
        option create_mask '0775'
        option dir_mask '0664'
        option writeable 'yes'
        option users 'myusername'
        option browseable 'yes'

(Please don't mind the possibly less than ideal create_mask & dir_mask. Those should probably be 0770 and 0660, but eh, I'm the only user on the box anyway.)

The user has been properly set up in /etc/passwd and /etc/group and using smbuseradd (which results in a byte-for-byte identical /etc/smbd/smbdpwd.db as previously /etc/cifsd/cifsdpwd.db.) The share directory exists and is temporarily set to 777 to avoid any user rights issues. I get nothing but "access denied" (in contrast to "wrong username/password" when I deliberately mistype it.) I'm connecting through Windows 10.

It's not a big deal right now, I just choose not to deploy smbd to my actual NAS devices just yet and continue with my older snapshots and cifsd for the time being. But something seems to be off with user authentication.

Edit: Just tried today's snapshot, same problem. So it's not an issue between snapshot/master and 19.07.

Thanks for confirming it
I tried with a few pc's & one duel booting between windows 7 & 10 so I'm sure the reboot flushed away any caching
ether way I failed to deploy 19.07.0
samba4 didn't fit in memory
& smaba3.6 well I got it to work but after i installed miniDLNA something broke & failed to work i did this twice with the same result
for now I dropped back to 18.06.6 I'll give it time for the packages to update :slight_smile:

Thanks @Andy2244 for the good work! I replaced samba36 with smbd in 19.06 and now some android apps stopped to work. It seems that the ones that fails uses SMB1. I can see client sending "Negotiate Protocol Request", server ACKing and closing connection right after. It tried both "SMB 2.002" and "NT LM 0.12"

For me, if I try to connect using server name, it tries to use IPv6. smbd seems to listen only on IPv4.
Client gets a TCP RST and desists. IPv4 work as expected

@Andy2244, shares are added again to /var/etc/smbd/smb.conf each time I restart the service.

that seems to match the behavior i saw at the time :slight_smile:

Ok there is a new bug that prevents the authentication if map to guest = Bad User is enabled.
Try remove this line from the smb.conf.template and see if you can connect known users than?

Yes we disabled smb1 support by default, because of all the vulnerabilities.

Will add a issue on upstream.

Not sure what this means? What are you trying to say?

Nice catch, that indeed solves the problem.

(I had to remove the line from smb.conf.template, it doesn't seem to be mapped to any option in /etc/config/smbd, at least from my cursory evaluation of /etc/init.d/smbd)