# Set up a Samba container ## config container ``` mkdir /vol/media /vol/user addgroup --gid 5000 files --system adduser --uid 5000 --ingroup files files --disabled-password --gecos "Files Owner" --system --no-create-home --shell /usr/sbin/nologin --home /srv exit ``` ### mount stuff ``` -v /tank/files/media:/vol/media \ -v /tank/files/user:/vol/user \ ``` replace home with a symlink: ``` cd / && rmdir /home && ln -s /vol/user home ``` ### install samba ``` apt update apt upgrade apt install samba ``` ### config samba disable NMB daemon ``` systemctl stop nmbd systemctl disable nmbd ``` edit `/etc/samba/smb.conf` to have the following contents: ``` # NOTE: Whenever you modify this file you should run the command # "testparm" to check that you have not made any basic syntactic # errors. #======================= Global Settings ======================= [global] ### General ### server string = medusa server role = standalone server disable netbios = yes smb ports = 445 #### Logging #### log file = /var/log/samba/smb.log max log size = 1000 ####### Authentication ####### passdb backend = tdbsam map to guest = bad user ### Permissions ## # The following settings configure all shares to use the filesrv user on the backend force user = filesrv force group = filesrv create mask = 0644 directory mask = 0755 force create mode = 0644 force directory mode = 0755 unix extensions = yes map archive = no map system = no map hidden = no ### Printing ### # Disable all printing load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes #======================= Share Definitions ======================= [media] comment = Shared media files path = /srv/media browsable = yes guest ok = yes read only = yes write list = @filesrv [homes] comment = User homes browsable = no guest ok = no read only = no valid users = %S ``` finally, restart the Samba server with: ``` service smbd restart ``` ## define users ### make script first, we will write a script to automate adding users. Create a file `/usr/local/bin/smbadduser` with the contents: ``` #!/bin/sh adduser "$1" --disabled-password --gecos "" --no-create-home --shell /usr/sbin/nologin usermod -a -G sambashare $1 smbpasswd -a "$1" ``` don't forget to make it executable: ``` chmod +x /usr/local/bin/smbadduser ```