Setting up Samba on SmartOS

Oct 24, 2012

A frequent question on #smartos IRC is how to set up SmartOS as a file server. Due to the architecture of SmartOS and its focus on virtualisation, this isn’t as easy as on other systems, and some parts are simply not supported at this time (e.g. NFS).

This guide, therefore, is a simple way to get Samba up and running so that you can at least use a SmartOS machine as a file server, even if it’s perhaps not the protocol you would initially choose.

Create new virtual machine

Let’s start by creating a VM, here is what I use locally, you may want to tweak the settings for your environment. If you already have a suitable VM configured you can just skip this step.

# Import the base1.8.1 image, though any base image will suffice.
$ imgadm update
$ imgadm import 55330ab4-066f-11e2-bd0f-434f2462fada

# I store all my VM configs in this directory
$ mkdir /usbkey/vmcfg

# vmadm configuration for 'store' VM
$ vi /usbkey/vmcfg/store.json
{
  "brand": "joyent",
  "zfs_io_priority": 30,
  "image_uuid": "55330ab4-066f-11e2-bd0f-434f2462fada",
  "max_physical_memory": 256,
  "quota": 750,
  "alias": "store",
  "hostname": "store",
  "resolvers": [
    "193.178.223.141",
    "208.72.84.24"
  ],
  "dns_domain": "adsl.perkin.org.uk",
  "nics": [
    {
      "nic_tag": "admin",
      "ip": "192.168.1.11",
      "netmask": "255.255.255.0",
      "gateway": "192.168.1.1"
    }
  ]
}
# Create the VM
$ vmadm create -f /usbkey/vmcfg/store.json

Install Samba package

Next, log in to the VM and install the required packages. These are not currently available from the default repository, so we will use the generic illumos package set:

$ zlogin <uuid>
# Download and unpack bootstrap kit
$ curl -s http://pkgsrc.smartos.org/packages/illumos/bootstrap/bootstrap-2012Q3-illumos.tar.gz \
    | gtar -zxf - -C /
$ PATH=/opt/pkg/sbin:/opt/pkg/bin:$PATH

# Install latest Samba package (others are available if necessary)
$ pkgin -y up
$ pkgin -y install samba-3.6

Configure Samba

This part will differ based on your requirements, here are a couple of simple examples.

Shared guest mount with full read/write access

For if you just want somewhere to share stuff on a local network with no security.

# Create shared mount user and mountpoint.
$ groupadd -g 500 store
$ useradd -u 500 -g 500 -c "Store user" -s /usr/bin/false -d /store store
$ mkdir /store
$ chown store:store /store
# Configure Samba
$ vi /etc/opt/pkg/samba/smb.conf
[global]
  security = share
  load printers = no
  guest account = store

; Comment out [homes] section

[store]
  path = /store
  public = yes
  only guest = yes
  writable = yes
  printable = no

Shared mount with per-user access

For a bit more fine-grained control.

# Create per-user accounts and mountpoint.
$ groupadd -g 1000 alice
$ useradd -u 1000 -g 1000 -c "Alice" -s /usr/bin/false -d /store alice
$ groupadd -g 1001 bob
$ useradd -u 1001 -g 1001 -c "Bob" -s /usr/bin/false -d /store bob
$ mkdir /store
$ chmod 1777 /store
$ /opt/pkg/bin/smbpasswd -a alice
$ /opt/pkg/bin/smbpasswd -a bob
# Configure Samba
$ vi /etc/opt/pkg/samba/smb.conf
[global]
  security = user
  load printers = no

; Comment out [homes] section

[store]
  path = /store
  valid users = alice bob
  public = no
  writable = yes
  printable = no

Access will be via username and the password set with smbpasswd. Users will be able to create files and read other user files, but will only be able to modify files they created.

Startup scripts

Okay, so I’m lazy and whilst I should provide some SMF scripts and manifests for this, it’s simpler to just write an rc.d script! :-)

$ vi /etc/rc2.d/S99samba
#!/bin/sh

case "$1" in
start)
	# Start up Samba daemons
	/opt/pkg/sbin/nmbd -D
	/opt/pkg/sbin/smbd -D
	;;
stop)
	pkill -9 nmbd
	pkill -9 smbd
	;;
reload)
	pkill -HUP nmbd
	pkill -HUP smbd
	;;
esac

Finally, start it up!

$ chmod +x /etc/rc2.d/S99samba
$ /etc/rc2.d/S99samba start

Multicast DNS

In order for shares to automatically show up in e.g. the OSX Finder, you will need to be running some kind of mDNS service on the server.

The easiest solution is to simply enable dns/multicast in the zone, i.e.:

$ svcadm enable dns/multicast

This will then show up based on the hostname of the server, and clicking on it should show the store mount we created.

All done

I hope this proves useful!

Share this post on Twitter, HackerNews, Facebook or Google+

All Posts