Kali Linux Setup Samba Share for Home LAN

From WikiMLT
Revision as of 14:51, 14 September 2022 by Spas (talk | contribs) (→‎Notes:)

In­stall Sam­ba

sudo apt install samba smbclient nautilus-share
sudo usermod -aG sambashare $USER

Sam­ba Ba­sic Set­up

Add or mod­i­fy the fol­low­ing lines with­in smb.conf.

sudo nano /etc/samba/smb.conf
cat /etc/samba/smb.conf | grep -Pv '^(;|\s*#)' | sed '/^$/d'
[global]
   client min protocol = LANMAN1
   server min protocol = LANMAN1
   workgroup = WORKGROUP
   interfaces = 127.0.0.0/8 eth0 br0
   log file = /var/log/samba/log.%m
   max log size = 1000
   logging = file
   panic action = /usr/share/samba/panic-action %d
   server role = standalone server
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
   map to guest = bad user
   usershare allow guests = yes
   usershare owner only = false
[homes]
   comment = Home Directories
   browseable = no
   read only = yes
   create mask = 0700
   directory mask = 0700
   valid users = %S
[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   printable = yes
   guest ok = no
   read only = yes
   create mask = 0700
[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no

Notes:

  • For client/​​​server min pro­to­col you can try al­so with NT1 or SMB2.
  • The fol­low­ing is not list­ed de­fault val­ue from the [glob­al] sec­tion: user­share path = /​​​var­/​​​­lib­/​​​­samba­/​​​­user­shares.

Restart the Sam­ba and the Net­BIOS ser­vices.

sudo systemctl restart smbd.service nmbd.service

Share a Di­rec­to­ry via CLI

1. One op­tion is to ed­it the file smb.conf and add a sec­tion, as the shown be­low, at the very bot­tom of the file. Then restart the Sam­ba and the Net­BIOS ser­vices.

sudo nano /etc/samba/smb.conf
[Share]
   comment = Shared filews
   path = /home/share
   public = yes
   writable = yes

Notes:

  • The sec­tion name [Share] is mat­ter of you choice – this will be­come the name of the shared fold­er.
  • The di­rec­to­ry pro­vid­ed as path val­ue, /​​​home/​​​share in this case, must have enough per­mis­sions.

2. An­oth­er op­tion is to use the net tool in a way as the the fol­low­ing to cre­ate or re­move a net­work share.

net usershare add Git /home/$USER/Git "$USER's git projects" Everyone:F guest_ok=y
net usershare delete Git

The above com­mand will share the user's ~/​​​Git di­rec­to­ry and will grant it guest ac­cess. The com­mand ac­tu­al­ly cre­ates a file en­try in /​​​var­/​​​­lib­/​​​­samba­/​​​­user­shares.

cat /var/lib/samba/usershares/git
#VERSION 2
path=/home/<user>/Git
comment=<user>'s git projects
usershare_acl=S-1-1-0:F
guest_ok=y
sharename=Git

Notes:

  • man net/​​​usershare: The op­tion­al "acl" field spec­i­fies which users have read and write ac­cess to the en­tire share. Note that guest con­nec­tions are not al­lowed un­less the smb.conf pa­ra­me­ter "user­share al­low guests" has been set. The de­f­i­n­i­tion of a user de­fined share acl is: "user:permission", where user is a valid user­name on the sys­tem and per­mis­sion can be "F", "R", or "D".
    • "F" stands for "full per­mis­sions", ie. read and write per­mis­sions.
    • "D" stands for "de­ny" for a user, ie. pre­vent this user from ac­cess­ing this share.
    • "R" stands for "read on­ly", ie. on­ly al­low read ac­cess to this share (no cre­ation of new files or di­rec­to­ries or writ­ing to files).
  • In ad­di­tion the user must have enough filesys­tem per­mis­sions to the di­rec­to­ry, for ex­am­ple yf you re­al­ly want to al­low every­one to write to the di­rec­to­ry you may need to chmod o+rwx ~/​​​Git.

Ref­er­ences