How I Enabled Sharing of a directory via Samba in Nautilus

Archived topics about LMDE 1 and LMDE 2
Locked
psych1610

How I Enabled Sharing of a directory via Samba in Nautilus

Post by psych1610 »

This brief how to should assist a user with enabling sharing of a directory in that users home using the right click menu, properties, and share. As with anything, this worked for me but may not work for you. There is also probably a more secure way of doing what you want, but in a home setting, on a desktop, where you trust the people in your network it works fine for me. It will be up to the individual user to decide whether it will work in their specific situation.

In Ubuntu this worked out of the box, in LMDE I received an error upon clicking "Create Share" that went something like this.

Code: Select all

'net usershare' returned error 255: net usershare: cannot open usershare directory /var/lib/samba/usershares. Error Permission denied
You do not have permission to create a usershare. Ask your administrator to grant you permissions to create a share.
Searching for this error gave multiple hits. The first clue for me was the permission denied error. Someone, somewhere, suggested running Nautilus as root but this didn't seem the right way to go so I hazarded a guess that my user might not have the correct permissions to perform this function.

First, I checked to make sure I actually had the directory mentioned.

Code: Select all

sudo su
should bring you to the root shell.

Code: Select all

 cd /var/lib/samba/usershares/
to make sure it's there. I was not able to do this as a normal user because of permissions issues, hence the need to become root. To drop back down

Code: Select all

 exit
In this bug report: https://answers.launchpad.net/ubuntu/+s ... tion/31818 in the last post (September 2010) a user suggested:

Code: Select all

chown root:sambashare on the /var/lib/samba/usershare
This did not work for me

Since I was trying this as a user I edited it, and in place of root I put my username so that it read

Code: Select all

sudo chown dave:sambashare var/lib/samba/usershare
Replace my username with yours, obviously!

If I understand correctly this sets you as the owner and sambashare as the group of /var/lib/samba/usershare

This needed to be run with root privileges so it might be necessary to add a 'sudo' in front of it for you as it was for me.

Following this step I was able to successfully create the share and view it on my Windows box, however, I was not able to get in as it said I had the wrong password.

To fix this I used 'smbpasswd'. From their man page:
The smbpasswd program has several different functions, depending on
whether it is run by the root user or not. When run as a normal user it
allows the user to change the password used for their SMB sessions on
any machines that store SMB passwords.
Running plain old smbpasswd in terminal asks you for your Old password which, of course, I did not know. Run with the -a switch smbpasswd adds the username to the local smbpasswd file. If the user already exists in that file then the command is treated as a regular request to change the password. Note: this requires sudo in front of it, as I have done, or else it will fail as noted in the man pages.

Code: Select all

sudo smbpasswd -a dave
Again replace my name with your own user name.

Enter your new password twice and you should be all set!

Notes, please read.
Following this I was successfully able to browse my home directory, not just the "Public" directory as I originally requested. I'm unsure of why it didn't. Perhaps (and this is only a guess) Samba had shared my home directory by default and changing the password as we just did above allowed me to access it. The first part of this guide, chowning /var/lib/samba/usershares, may actually be completely unnecessary if you can view your machine in network locations but just cannot access it. As I said though, for me this works perfectly.

I hope this helps someone setup sharing quickly and easily. Tips, suggestions on how to make this more secure or better are of course welcome. I'm no master here by any means, however, this got me up and sharing without breaking anything so I deem it a success!
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
cecar
Level 4
Level 4
Posts: 370
Joined: Tue Aug 24, 2010 2:47 am
Location: Stenungsund, Sweden

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by cecar »

You have to add yourself to the sambashare group. I think thats the name of the group. Not 100% shure though.
altair4
Level 20
Level 20
Posts: 11419
Joined: Tue Feb 03, 2009 10:27 am

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by altair4 »

LMDE does not set up groups by default as Gnome Mint does. Changing /var/lib/samba/usershares to have you as owner will fix the problem for you ( dave ) but the preferred method , as cecar suggested, is to add yourself to the sambashare group. If you look at the permissions on /var/lib/samba/usershares:
drwxrwx--T 2 root sambashare
All you need to do is add every user to the samashare group:

Code: Select all

sudo gpasswd -a dave sambashare
Then logout and login again for the group change to take affect.

Guest access is pretty much disabled in both Nautilus-share and Classic Samba sharing and there are other groups you need to add yourself to in order to have the full functionality in LMDE as you would in Gnome Mint. You might want to look at the "Debian" subsection of this HowTo for those: http://forums.linuxmint.com/viewtopic.p ... 18#p315218
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
psych1610

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by psych1610 »

Thanks for the advice! Perhaps this thread might be removed then since there are other, more preferred ways, to do what I accomplished. I wouldn't want to inadvertently steer others in the non-preferred direction. I do love how the same effect can be had two or three different ways though :)

One question though: As it stands, do you think the way I did it would cause problems in the future with permissions or updates? I'm not sure how to revert back to what it was in the past (silly me didn't make a note of it) and since it works I'm tempted to leave it be.
altair4
Level 20
Level 20
Posts: 11419
Joined: Tue Feb 03, 2009 10:27 am

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by altair4 »

Good question. Technically root no longer has write access to that directory but root basically has write access to everything anyway. If it were me I'd revert back to the default:

Code: Select all

sudo chown root:sambashare /var/lib/samba/usershares
The real problem if you don't do it by adding users to the sambashare group is if you add any more local users to your box - even if it's only for testing purposes. They won't be able to create a nautilus-share.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
psych1610

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by psych1610 »

Hi again, I set the usershare directory back to its default state but I was hesitant about adding the lines

Code: Select all

usershare allow guests=yes
to smb.conf.

Instead, I added the packages suggested as well as added my user to the groups of fuse and sambashare and I was able to share my entire home directory with my Windows 7 laptop. It accepted my password and all. I'm still not 100% sure how a guest would have logged on and I haven't investigated enough to find out.

As of right now everything is working how it should, but, should I want to change it to disallow my entire home directory and just a specific folder is there an easy way to do that? Selecting the folder and sharing it does work but is redundant because it's still in my /home.

To clarify, right now no directories have been marked as being shared using nautilus. Samba automatically seems to want to share my home directory provided I have the username and password. Since I do, that's fine. But no one else should be able to view my home either and I wonder if as a guest they would still be able to instead of just the directory I give them.
altair4
Level 20
Level 20
Posts: 11419
Joined: Tue Feb 03, 2009 10:27 am

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by altair4 »

You've got a couple of things going on here so let me give this my best shot:

(1) "usershare allow guests = yes"

That statement in smb.conf is not a mandate - it simply enables the ability to use the "Guest Access" box in nautilus-share. You are under no obligation to check it if you don't want to use it. It's just there if later on you want to use it. And it relates to just the target folder you are sharing.

(2)
To clarify, right now no directories have been marked as being shared using nautilus. Samba automatically seems to want to share my home directory provided I have the username and password. Since I do, that's fine. But no one else should be able to view my home either and I wonder if as a guest they would still be able to instead of just the directory I give them.
In stead of how some other distros modify the samba default configuration that is passed to them from the Samba developers, Debian simply passes them through to the final install. Since Samba is a server utility it sets something up by default called [homes]. The Gnome Mint smb.conf has this section commented out but Debian has it enabled. If you do a "testparm -s" you will see a [homes] section that looks something like this:
[homes]
comment = Home Directories
valid users = %S
create mask = 0700
directory mask = 0700
browseable = No
You will notice that it has no path specifying what exactly is being shared and that's because it's not a share in the traditional sense but rather a template. It will create a share "on the fly" of the users home directory if the remote client user passes the correct username to the server. If the remote user is a Linux client then he would have to connect to the "share" by explicitly entering his username at the moment of initial contact, for example:

Code: Select all

smb://192.168.0.100/altiar
But in a Windows client there is a 12 year old design flaw in which the Windows client automatically passes the Windows user's actual local login username and password at the moment of initial contact. If there is a match in usernames on both systems then the Linux Samba server will automatically set up a share to that user's Linux home directory. Note that it's to that specific user and no one else. In fact the Windows client user wouldn't even know that another user has a home directory on that server. And a "guest" would not know any of the home directories exist

That all works fine if the Linux box is in fact an actual Samba File Server. But if this is more a peer-to-peer samba server where bob wants to share some directories with sally then this is overkill. If your intent is to share a few folders with others on your LAN and they are using Windows then one way out of this is to disable the [homes] directory by commenting out those lines just as the regular Mint and Ubuntu do:

Edit smb.conf as root and place a # sign in front of all the [homes] related share definition parameters so that it looks like this:
#[homes]
#comment = Home Directories
#valid users = %S
#create mask = 0700
#directory mask = 0700
#browseable = No
Then restart samba:

Code: Select all

sudo service samba restart
I should also note that there are two completely different ways of using Samba to share files: Nautilus-share and Classic-share. The [homes] share represent one of many ways to create Classic Samba shares. It's best not to use both methods on the same target and it's best not to share directories within directories.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
hurinth

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by hurinth »

Using LMDE edition, what I had to do was, first go to Users and Groups, then Manage Groups > Sambashare > Properties and then check your user name.

Later, go to /etc/samba/smb.conf, and under the [global] section, add usershare owner only = false

Log out, then log in.
altair4
Level 20
Level 20
Posts: 11419
Joined: Tue Feb 03, 2009 10:27 am

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by altair4 »

hurinth wrote:Using LMDE edition, what I had to do was, first go to Users and Groups, then Manage Groups > Sambashare > Properties and then check your user name.

Later, go to /etc/samba/smb.conf, and under the [global] section, add usershare owner only = false

Log out, then log in.
You have to do a whole mess of stuff to get Samba to work on LMDE ( http://forums.linuxmint.com/viewtopic.p ... 18#p315218 ) and I'm really somewhat ambivalent on the use of "usershare owner only = false "

On the one hand why would you want any user on your system to share everything - like another users home directory?

On the other hand it will only work if the folder you are attempting to share that you do not own has permissions of 777. If not it will fail when it tries to change permissions - unless of course you trying to create a read only share. It would be better in my mind to just open a root instance of nautilus ( gksu nautilus ) and share whatever as root.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
hurinth

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by hurinth »

On the one hand why would you want any user on your system to share everything - like another users home directory?
If your statement is true (haven't tested that far) then you are right, but then again, Im the king of my computer, no other user accounts in it. And this is the same truth for many people.
On the other hand it will only work if the folder you are attempting to share that you do not own has permissions of 777
Don't user folders come by default as 755? What is the concern above all about then?

Cheers
altair4
Level 20
Level 20
Posts: 11419
Joined: Tue Feb 03, 2009 10:27 am

Re: How I Enabled Sharing of a directory via Samba in Nautil

Post by altair4 »

Nautilus-share does 2 distinct things when it creates a Samba share:

(1) It sets up the share definition itself.
(2) It automatically modifies the Linux permissions on the target shared directory so that it is consistent with the permissions you specified in the share definition.

If you set "usershare owner only = false" and you attempt to share a directory you do not own then it will faithfully fulfill item (1) and create the share but it will ultimately fail when it attempts to do item (2) - unless the folder is already at 777 - because User1 cannot change permissions of a folder owned by User2. Depending on the default Linux permissions of the target directory however, User1 may still be able to create a read-only share of User2's directory.

All in all I don't think it's a good idea to enable "usershare owner only = false" in a multi-user setup. In a single user setup the user will have to go outside of nautilus-share to modify permissions to be consistent with how he set up the share which defeats the usefulness of nautilus-share. That's why I suggested that for folders he does not own the user bring up a root instance of nautilus and create the share there . Then root has authority to modify the underlying Linux permissions as needed.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Locked

Return to “LMDE Archive”