Mac OS X and SMB HOWTO

Simply put, SMB is a protocol. If you're note quite sure what a protocol is, think of it as a language that computers use to communicate. SMB stands for Server Message Block. It's a lightweight protocol designed to allow the sharing of files and printers in a small network. At this point, SMB is being renamed to CIFS, or Common Internet File System. These days, those abbreviations are pretty much interchangable.

I would hope by now that the need for SMB has presented itself. The ability to share files across many different platforms is a huge benefit for those of us running mixed networks. Gone are the problems of getting a file from a Windows machine onto your Mac, or vice-versa. No more messing around with translation software. Now it's all done in the background for you.

Some words that you'll want to be familiar with:

To mount a share using the Finder, you will need at least Mac OS X 10.1. Previous versions of the OS do not contain the necessary features to support accessing SMB shares natively. The first step to mounting the share is to select the Go menu and then select Connect to Server. The Finder keyboard shortcut is Command + K. This will open the Connect to Server dialog box. In this box there is a field labeled Address. In this field you want to enter:

smb://workgroup;username@netbiosname/share

The second method of mounting an SMB share in OS X is to delve into its UNIX roots and use the command-line interface. First, open up the Terminal. To do this, double-click on Macintosh HD, then on Applications, then Utilities, and finally, Terminal. This will open up a command line session on your Mac and present you with a prompt. To mount the share, you will first need to create a folder to attach the share to. To do this, use the mkdir command as follows:

% mkdir myshare

# mount_smbfs -W myworkgroup //username@netbiosname/share ./myshare

Instead of having to re-enter your password, username, and workgroup every time, there's actually a shortcut available to you. You can create a file in your home directory called .nsmbrc (note the dot). This file has a simple format that I'll explain below and allows you to store the information to save you time. One thing to note is that you should use the chmod command to change the permissions of the file to 0600 to protect your passwords. My ~/.nsmbrc file is below:

[WINBOX:JLDERA:JLDERA]
addr=192.168.0.7
password=mypass
workgroup=ARTOFTECH

[WINBOX:JLDERA:MP3]
addr=192.168.0.7
password=mypass
workgroup=ARTOFTECH

Samba is an open source project that is continuing to develop a freely available implementation of the SMB and CIFS protocols. Since it's open source, volunteers and computer enthusiasts collaborate to develop the software. You can read more about the Samba project on their website, http://www.samba.org.

To get the newest version of Samba, you can download the source from the Samba website. For a direct link to the latest source, try http://us2.samba.org/samba/ftp/samba-latest.tar.gz. I suggest creating a directory in your home folder called samba and then storing the source archive there. For the remainder of this article, I will assume you've done this. Once you have the file in the samba directory, open up Terminal (see instructions above) and execute the following commands to prepare Samba to be installed on your computer:

% cd samba
% tar zxvf samba-latest.tar.gz
% cd samba-2.2.1a

In order to compile and install the Samba software, you will need to have installed the OS X Developer Tools. This is a free download in the Developer section on the Apple website, http://developer.apple.com/macosx. Once you have installed the tools, to continue, you must be in the above-mentioned directory and have used the su command to become the root user. Now, issue the commands below to configure Samba for the OS X architecture and to install the binary executables into their appropriate locations:

# cd source
# ./configure --with-syslog --prefix=/etc/samba \
  --bindir=/usr/bin --sbindir=/usr/sbin --libdir=/etc/samba --mandir=/usr/share/man
# make
# make install

To configure Samba to load with OS X, you need to set it up with the System Startup process. To do that, first create a directory in the correct path:

# mkdir /Library/StartupItems
# mkdir /Library/StartupItems/Samba

SMBSERVER=-YES-

#!/bin/sh
#
# *********************************************************************
# **                /Library/StartupItems/Samba/Samba                **
# *********************************************************************
# **                                                                 **
# **  This is the intialization script for Samba services on Mac OS  **
# **  X.  This script has been tested under OS X 10.0 and 10.1. The  **
# **  permissions of this file need to be set to 0755. This can be   **
# **  accomplished from the Terminal while in this directory by      **
# **  typing: chmod 0755 Samba  This will adjust the properties so   **
# **  that Samba can be executed.                                    **
# **                                                                 **
# **  To configure Samba to launch: as root, edit the file           **
# **    /etc/hostconfig  After the WEBSERVER entry, add this line:   **
# **    SMBSERVER=-YES-  You can easily change this entry to enable  **
# **  or disable Samba whenever you like.                            **
# **                                                                 **
# **                                                                 **
# *********************************************************************
#

# ---------------------------------------------------------------------
#  Include system wide configuration options
# ---------------------------------------------------------------------
. /etc/rc.common


# ---------------------------------------------------------------------
#  Start SMB services
# ---------------------------------------------------------------------
if [ "${SMBSERVER:=-NO-}" = "-YES-" ]; then

        ConsoleMessage "Starting SMB services"

        /usr/sbin/smbd -D
        /usr/sbin/nmbd -D

fi

{
        Description             = "smb file server";
        Provides                = ("Samba");
        Requires                = ("Resolver");
        OrderPreference         = "None";
        Messages                =
       {
                start   = "Starting Samba";
                stop    = "Stopping Samba";
       };
}

Samba's configuration is mostly handled through a file called smb.conf. In our build of Samba, one of the settings we specified was the location of this file, which is in /etc/samba. The next step in sharing SMB on your Mac is to edit this file to specify what to share. To start things off, I've posted my configuration below and will explain it to you:

#
# *********************************************************************
# **                       /etc/samba/smb.conf                       **
# *********************************************************************
# **                                                                 **
# **  Configuration file for Samba SMB server                        **
# **                                                                 **
# **                                                                 **
# *********************************************************************
#

# ---------------------------------------------------------------------
#  Global configuration options
# ---------------------------------------------------------------------
[global]
        # basic options
        netbios name            = MOG
        workgroup               = ARTOFTECH
        server string           = Samba %v

        # misc options
        hide dot files          = yes

        # logging options
        log level               = 2
        log file                = /var/log/samba-%m.log
        max log size            = 512
        debug timestamp         = yes
        syslog                  = 1


# --------------------------------------------------------------------
#  Home share configuration
# --------------------------------------------------------------------
[homes]
        comment                 = "Home directory for %u on %L"
        path                    = /Users/%u
        browseable              = no
        guest ok                = no
        read only               = no
        create mask             = 644
        directory mask          = 755


# --------------------------------------------------------------------
#  MP3 share configuration
# --------------------------------------------------------------------
[mp3]
        comment                 = "MP3s"
        path                    = /Users/Shared/MP3
        browseable              = yes
        guest ok                = no
        read only               = no
        create mask             = 644
        directory mask          = 755

Now we get to the actual guts of the smb.conf file: the shares. In this particular configuration, I have two shares set up: [homes] and [mp3]. However, one of them is a special share. I'll start with that one, the homes share isn't actually a "normal" share. What this share does is allow a user to access her home directory on OS X. What happens is when the users logs in, Samba takes her username and looks for it in /Users. That's what the %u represents, the username. So, if the directory is found (which it should be), Samba presents the directory as a share named after the username. So, if my username is jldera, and I try to mount my home directory, it will be presented as jldera on my desktop by the Finder. I turn off browseable so that Samba doesn't show a ghost share labeled homes on a Windows machine. The create mask sets the default UNIX permissions for any files I create, while the directory mask sets the permissions for directories. These permissions should work for most people, though if you're familiar with UNIX based permissions and want to set something more private, this is the place to do so.

The last share is a standard disk share. First off, I'm setting the specific path to the directory on my machine. I then set browseable to yes, I want this to appear in the Windows Network Neighborhood. Now, something I didn't touch on before is the guest ok value. If you set this to yes, anyone can access the share without needing a username or password. I suggest not allowing this, as it can become quite a security issue. There are ways to set the permissions of the account that a guest would use, but it is beyond the scope of this document, and covered in Using Samba. The only other property I didn't mention is the read only property, which should be pretty self-explanatory.

Now that we've gone through all of the trouble of downloading and installing Samba, let's put our efforts to work. This section will cover accessing your Mac's SMB services from the Windows and Linux platforms. Something important to note is that SMB can use two types of passwords: plaintext and encrypted. By default, Samba on both the Mac and Linux uses plaintext, and that is what I've used here. However, most versions of Windows use encrypted passwords. There are two approaches to solving this problem. One is to change Windows over to plaintext passwording, and that is the approach I will use here. I feel it is the easier route. The other method is to set Samba up to use encrypted passwords, which involves creating a special password file and some additional directives in /etc/samba/smb.conf. If you want to employ encrypted passwords, I will again point you to O'Reilly's Using Samba. What follows are instructions for the various operating systems:

# smbmount //MOG/JLDERA /mnt/smb/mog -o workgroup=ARTOFTECH,username=jldera

# smbumount /mnt/smb/mog