You are not logged in.
Hey, hi to all archers around here!
I'd like to share with you all, my (n00b) doubts about this topic.
I was wandering: are there some essential guidelines and common best practices in the Linux world about private file-sharing?
Are there some de-facto standards historical directives?
Which folders to use, which users create,
Sometimes, with the huge amount of choices in the Linux world, I feel somewhat like I'm lost in the maze of docs and guides about this matter.
I'd like to hear words and suggestions from you longtime experts and those who use Linux for a long years of experience, both in your free and working time (if someone here uses Linux for work).
Here's my worry.
I'm setting up a "portable" mini-pc machine (not laptop) that often I'll bring with me to friends' house, to my parents, and so on...
This is a simple box, that I'd like to plug into TVs and from there see photos, playing with RetroArch, watching movies with Kodi, etc...
Being a portable machine, I want to set-up a (easy) network share that I can share across everyone and everybody (Linuxes, Windows, macOS, Android): just simply plug ethernet cable (with DHCP) and go!
I don't need nor I care about ultra security IT practices from network storage environments or business applications like active directory, Kerberos, domain controller.
And now... Let's start with some keypoints!!
enabling ssh <--- ah, thou my savior!!
enabling SAMBA (for Windows and macOS machines, Android) and NFS (Linux) at boot
?) what do you think about using
/srv/storage
for both SAMBA and NFS
?) does it makes sense
chmod -R 777 /srv/storage
?) what do you think about
chown -R 65534:65534
or
?) should I create a dummy
storage
user for SAMBA and Arch with
/usr/bin/nologin
using
security = user
inside smb.conf
...
...
am I missing something?
OK, I'm done...
Feel free to add you advices, share your experiences: in short, feel free to have your say!
<49,17,III,I> Fama di loro il mondo esser non lassa;
<50,17,III,I> misericordia e giustizia li sdegna:
<51,17,III,I> non ragioniam di lor, ma guarda e passa.
Offline
Why do you think you need NFS for Linux? You already have a good sharing system with Samba. Use NFS, if you have specific use cases for NFS's specific features. Every time you have to change something, you'll have to do it twice for little to no gain.
Setting 777 for anything "just because" is never a good idea. I also don't know what that chown is going to do. 1. Directories need x to be entered, files don't.
2. Whoever mounts your shares doesn't care about x flags for files.
3. Files and folders should be readable and writable to whoever is allowed to read and write. You have not specified, whether you want logins or not. Refer to the Samba wiki entry to understand users. If you use nobody as guest user, then you need lax permissions. Have you understood how Linux permissions work?
I see no reason why /srv/storage or even /storage shouldn't be a good idea. Afaik, automatic mounts of desktop environments go to /media or even somewhere in /var/run, so there shouldn't be a collision. Traditional mounts go to /mnt.
Whatever you've read, it looks like you need to go back and work through the Samba wiki article here on the Arch wiki again, because it basically answers all your questions.
Offline
3. Files and folders should be readable and writable to whoever is allowed to read and write. You have not specified, whether you want logins or not. Refer to the Samba wiki entry to understand users. If you use nobody as guest user, then you need lax permissions. Have you understood how Linux permissions work?
Hey Awebb, thank for your time! I want to set-up the share (and all its subfolders and files) to let anyone and everybody write+read all the contents, without hassles and without bothering typing passwords.
I used 65534 in chown to have an agnostic user holding that folder.
Should I create an ad-hoc user for that share and set it with a blank password?
<49,17,III,I> Fama di loro il mondo esser non lassa;
<50,17,III,I> misericordia e giustizia li sdegna:
<51,17,III,I> non ragioniam di lor, ma guarda e passa.
Offline
I used 65534 in chown to have an agnostic user holding that folder.
And what's the point of that? The fact that you chose an arbitrary user number with no user name doesn't mean the contents aren't owned by any user. Why chown at all, there is some existing ownership of the files - even if it's just root:root. Nothing you are discussing suggests needing to modify ownership in any way.
Last edited by Trilby (2020-06-17 17:43:35)
"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman
Online
There are two types of user involved here, the Linux user and the Samba user. The Linux user that runs the samba server should have access to the files. I don't have an idea, what an agnostic user is supposed to be. If you don't want users in Samba, you can skip that part.
I could tell you to set x, y, and z, but I'm a bit reluctant, because you need to understand permissions in the long run and not just copy-paste commands you read somewhere.
Offline
My user is clearly not agnostic, but atheist:
$ god
/bin/ash: god: not found
While IANA seems a bit more agnostic:
$ whois god
[Querying whois.iana.org:43 'god']
[Querying whois.iana.org:43 'domain god']
[whois.iana.org]
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
%
% Error: Invalid query domain god
Although strictly speaking that may fit the ignostic defintion better.
"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman
Online
d.ALT wrote:I used 65534 in chown to have an agnostic user holding that folder.
And what's the point of that? The fact that you chose an arbitrary user number with no user name doesn't mean the contents aren't owned by any user.
So... Are you suggesting me not to use nobody:nobody?
What do you think about that:
# useradd -s /bin/nologin -M -U -c "Public user for SMB share" public
There are two types of user involved here, the Linux user and the Samba user. The Linux user that runs the samba server should have access to the files. I don't have an idea, what an agnostic user is supposed to be. If you don't want users in Samba, you can skip that part.
Or I could create a user:
# pdbedit -v -a -u public
BLANK PASSWORD
# pdbedit -u public -c "[N]"
<49,17,III,I> Fama di loro il mondo esser non lassa;
<50,17,III,I> misericordia e giustizia li sdegna:
<51,17,III,I> non ragioniam di lor, ma guarda e passa.
Offline
So... Are you suggesting me not to use nobody:nobody?
If you mean the user nobody, then call it by its name and not by id. Not everyone has the same id, older installations still have nobody = 99.
nobody is fine.
Last edited by progandy (2020-06-18 17:22:54)
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
So... Are you suggesting me not to use nobody:nobody?
Yes, I am suggesting you not do that. Not unless you have a relevant reason to do so.
As for your useradd command ... I don't think much of it. There are hundreds of random commands you could post here and ask for feedback on. Whether they're syntactically correct or not doesn't impact their relevance.
Again, you seem to be adding a lot of complexity for no (apparent) reason. If you just want to share files on the local network, very few of these hoops that you are trying to figure out how to jump through are actually necessary.
"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman
Online