You are not logged in.

#1 2020-06-16 20:39:41

d.ALT
Member
Registered: 2019-05-10
Posts: 914

[ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

Hey, hi to all archers around here!

I'd like to share with you all, my (n00b) doubts about this topic.

I was wandering: are there some essential guidelines and common best practices in the Linux world about private file-sharing?
Are there some de-facto standards historical directives?
Which folders to use, which users create,

Sometimes, with the huge amount of choices in the Linux world, I feel somewhat like I'm lost in the maze of docs and guides about this matter.

I'd like to hear words and suggestions from you longtime experts and those who use Linux for a long years of experience, both in your free and working time (if someone here uses Linux for work).


Here's my worry.
I'm setting up a "portable" mini-pc machine (not laptop) that often I'll bring with me to friends' house, to my parents, and so on...
This is a simple box, that I'd like to plug into TVs and from there see photos, playing with RetroArch, watching movies with Kodi, etc...
Being a portable machine, I want to set-up a (easy) network share that I can share across everyone and everybody  (Linuxes, Windows, macOS, Android): just simply plug ethernet cable (with DHCP) and go!
I don't need nor I care about ultra security IT practices from network storage environments or business applications like active directory, Kerberos, domain controller.

And now... Let's start with some keypoints!! wink

  • enabling ssh <--- ah, thou my savior!! cool

  • enabling SAMBA (for Windows and macOS machines, Android) and NFS (Linux) at boot

  • ?) what do you think about using

    /srv/storage

    for both SAMBA and NFS

  • ?) does it makes sense

    chmod -R 777 /srv/storage
  • ?) what do you think about

    chown -R 65534:65534

    or

  • ?) should I create a dummy

    storage

    user for SAMBA and Arch with

    /usr/bin/nologin
  • using

    security = user

    inside smb.conf

  • ...

  • ...

  • am I missing something?

OK, I'm done... lol
Feel free to add you advices, share your experiences: in short, feel free to have your say! wink


<49,17,III,I>    Fama di loro il mondo esser non lassa;
<50,17,III,I>    misericordia e giustizia li sdegna:
<51,17,III,I>    non ragioniam di lor, ma guarda e passa.

Offline

#2 2020-06-17 04:07:10

Awebb
Member
Registered: 2010-05-06
Posts: 6,272

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

Why do you think you need NFS for Linux? You already have a good sharing system with Samba. Use NFS, if you have specific use cases for NFS's specific features. Every time you have to change something, you'll have to do it twice for little to no gain.

Setting 777 for anything "just because" is never a good idea. I also don't know what that chown is going to do. 1. Directories need x to be entered, files don't.
2. Whoever mounts your shares doesn't care about x flags for files.
3. Files and folders should be readable and writable to whoever is allowed to read and write. You have not specified, whether you want logins or not. Refer to the Samba wiki entry to understand users. If you use nobody as guest user, then you need lax permissions. Have you understood how Linux permissions work?

I see no reason why /srv/storage or even /storage shouldn't be a good idea. Afaik, automatic mounts of desktop environments go to /media or even somewhere in /var/run, so there shouldn't be a collision. Traditional mounts go to /mnt.

Whatever you've read, it looks like you need to go back and work through the Samba wiki article here on the Arch wiki again, because it basically answers all your questions.

Offline

#3 2020-06-17 17:14:54

d.ALT
Member
Registered: 2019-05-10
Posts: 914

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

Awebb wrote:

3. Files and folders should be readable and writable to whoever is allowed to read and write. You have not specified, whether you want logins or not. Refer to the Samba wiki entry to understand users. If you use nobody as guest user, then you need lax permissions. Have you understood how Linux permissions work?

Hey Awebb, thank for your time! wink I want to set-up the share (and all its subfolders and files) to let anyone and everybody write+read all the contents, without hassles and without bothering typing passwords.
I used 65534 in chown to have an agnostic user holding that folder.
Should I create an ad-hoc user for that share and set it with a blank password?


<49,17,III,I>    Fama di loro il mondo esser non lassa;
<50,17,III,I>    misericordia e giustizia li sdegna:
<51,17,III,I>    non ragioniam di lor, ma guarda e passa.

Offline

#4 2020-06-17 17:43:05

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,442
Website

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

d.ALT wrote:

I used 65534 in chown to have an agnostic user holding that folder.

And what's the point of that?  The fact that you chose an arbitrary user number with no user name doesn't mean the contents aren't owned by any user.  Why chown at all, there is some existing ownership of the files - even if it's just root:root.  Nothing you are discussing suggests needing to modify ownership in any way.

Last edited by Trilby (2020-06-17 17:43:35)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#5 2020-06-18 04:35:52

Awebb
Member
Registered: 2010-05-06
Posts: 6,272

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

There are two types of user involved here, the Linux user and the Samba user. The Linux user that runs the samba server should have access to the files. I don't have an idea, what an agnostic user is supposed to be. If you don't want users in Samba, you can skip that part.

I could tell you to set x, y, and z, but I'm a bit reluctant, because you need to understand permissions in the long run and not just copy-paste commands you read somewhere.

https://wiki.archlinux.org/index.php/Fi … attributes

Offline

#6 2020-06-18 11:35:34

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,442
Website

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

My user is clearly not agnostic, but atheist:

$ god
/bin/ash: god: not found

While IANA seems a bit more agnostic:

$ whois god
[Querying whois.iana.org:43 'god']
[Querying whois.iana.org:43 'domain god']
[whois.iana.org]
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
%
% Error: Invalid query domain god

Although strictly speaking that may fit the ignostic defintion better.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#7 2020-06-18 17:10:46

d.ALT
Member
Registered: 2019-05-10
Posts: 914

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

Trilby wrote:
d.ALT wrote:

I used 65534 in chown to have an agnostic user holding that folder.

And what's the point of that?  The fact that you chose an arbitrary user number with no user name doesn't mean the contents aren't owned by any user.

So... Are you suggesting me not to use nobody:nobody?
What do you think about that:

# useradd -s /bin/nologin -M -U -c "Public user for SMB share" public 
Awebb wrote:

There are two types of user involved here, the Linux user and the Samba user. The Linux user that runs the samba server should have access to the files. I don't have an idea, what an agnostic user is supposed to be. If you don't want users in Samba, you can skip that part.

Or I could create a user:

# pdbedit -v -a -u public
BLANK PASSWORD
# pdbedit -u public -c "[N]"

<49,17,III,I>    Fama di loro il mondo esser non lassa;
<50,17,III,I>    misericordia e giustizia li sdegna:
<51,17,III,I>    non ragioniam di lor, ma guarda e passa.

Offline

#8 2020-06-18 17:22:37

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

So... Are you suggesting me not to use nobody:nobody?

If you mean the user nobody, then call it by its name and not by id. Not everyone has the same id, older installations still have nobody = 99.
nobody is fine.

Last edited by progandy (2020-06-18 17:22:54)


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#9 2020-06-18 17:29:45

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,442
Website

Re: [ADVICE] storage sharing over (agnostic) LAN, asking to experts! ;)

d.ALT wrote:

So... Are you suggesting me not to use nobody:nobody?

Yes, I am suggesting you not do that.  Not unless you have a relevant reason to do so.

As for your useradd command ... I don't think much of it.  There are hundreds of random commands you could post here and ask for feedback on.  Whether they're syntactically correct or not doesn't impact their relevance.

Again, you seem to be adding a lot of complexity for no (apparent) reason.  If you just want to share files on the local network, very few of these hoops that you are trying to figure out how to jump through are actually necessary.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

Board footer

Powered by FluxBB