[Trac-bugs] Ticket #6 - NFS & Samba Configuration

Ian Robinson fitchkendall at gmail.com
Sat Dec 13 15:06:12 PST 2008 

Dear Kris --

Ticket #6 (Fix KDE samba/NFS sharing) @  http://trac.pcbsd.org/ticket/6  has
been around for 16  months and is now earmarked for the 7.1 release.  Could
you please pass on my information to Florian for whatever help it will
offer.  My information concerns configuring PCBSD to enable NFS and Samba
sharing.

Most of this is not new, and it will not "fix KDE"(if it is a KDE problem),
but it will provide critical information that allows both SD/NFS clients and
Windows clients to pass through the PCBSD pf firewall and see the shared
directories.

Most of these changes to the configuration files could be installed with a
script or incorporated into the "server" installation routine.

I hope this helps.

Ian Robinson
Salem, Ohio

Advice on configuring PCBSD as a network file server with NFS and Samba for
BSD and Windows access.

There are several Server Configuration files that must be modified to
operate an NFS Server with Samba access.  Most of this information is
readily available on the web.  The thing that is critical to making it work
with PCBSD is to modify /etc/pf.conf to let NFS and Windows clients pass
through the pf firewall.  This is the list of files to modify:

1.  /etc/exports (1 line)
2.  /etc/pf.conf (3 lines)
3.  /etc/rc.conf (3 lines)
4.  /etc/hosts.allow (optional)
5.  /usr/local/etc/smb.conf (many lines)

Part 1. ==================== Modify /etc/exports (SERVER)
===================

# identify the directory to export, the local network address, & net mask
# /usr/home/IR -network 192.168.2.0 -mask 255.255.255.0


Part 2. ==================== Modify /etc/pf.conf (SERVER)
===================

# at the top of the file, define a macro variable to identify the local
network
#
lan = "192.168.1.0/24"

# at the end of the file, add lines to pass all traffic to/from local
network
# notice the local network is identified here as the macro variable $lan
# here, xl0 is the network interface card (NIC)
#
pass in on xl0 from $lan to any keep state
pass out on xl0 from any to $lan keep state

Part 3. ==================== Modify /etc/rc.conf (SERVER)
===================

# add the next three lines to make the computer an nfs file server
# see further below to configure an nfs client
#
rpcbind_enable="yes"
nfs_server_enable="yes"
mountd_flags="-r"
#nfs_reserved_port_only="yes"
#nfs_server_flags="-u -t -n 8"


Part 4.  ==================== Optional Modifications to /etc/hosts.allow
(SERVER) ===============

# No changes are necessary, but you could change anyplace
# the file references an ip address or netmask
# to match your particular network


Part 5. =================== Modify /usr/local/etc/smb.conf (Server)
======================

[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
   workgroup = MYGROUP  <------------------------------------ (change to
your Windows workgroup)

# server string is the equivalent of the NT Description field
   server string = Samba Server   <---------------------------(change to
meet your naming needs)

# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the Samba-HOWTO-Collection for details.
   security = user   <------------------------------------ (change to
security = share )

# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
;   hosts allow = 192.168.1. 192.168.2. 127.    <-----------(change to match
the 1st three parts of your network tcp address, keep 127. )

                 * * *

[homes]

   comment = Home Directories
   browseable = no
   writable = yes

              * * *

[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
printable = yes
#
# >>> Custom Additions to Locate Files and Permit Access
<<<==============================
#
[FK_SERVER]                   <------------------- Section Label, here w/ my
server's name
    comment = general user documents and files
    path = /fk_server         <------------------ Mount Path to server files
    public = yes
    read only = no
    writeable = yes
    browseable = yes
    guest ok = yes
    available = yes
    guest account = nobody
    force group = nogroup
    force user = nobody
    create mask = 0777
    directory mask = 0777
    nt acl support = No
#
#  End Samba Changes



To access the NFS Server with a PCBSD CLIENT, you must modify one
configuration file ( /etc/rc.conf ) and create a mount point on the client
directory tree:

# Add this line to /etc/rc.conf
# nfsiod -n 4

Make Mount Point on Client Directory Tree

#mkdir /mnt/server

Now everything should be ready to actually mount a remote file system. In
these examples the server's name will be "server" and the client's name will
be "client."

Execute a command like this as root on the client (Syntax: # mount_nfs
<server_IP>:<server_dir_path> /<mount_point>)

# mount_nfs 192.168.2.100:/home/IR /mnt/server


On the Windows client, you step through "My Network Places" until you see
the PCBSD share.  It helps to go into "My Computer" or "Windows Explorer" to
"Map a Network Drive" to a drive letter.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.pcbsd.org/pipermail/trac-bugs/attachments/20081213/bf3f36b9/attachment.html

More information about the Trac-bugs mailing list