Preparing the Linux Server for SAMBA
Desktop - OpenSUSE
Before we configure SAMBA we should make sure that the file-systems that we share to Windows users will support the Windows style of Access Control Lists. Linux file-system security will allow for rights to be assigned to one user, one group and everyone else. Windows will allow multiple users and groups in the access control lists.

If we share existing file-systems you may also want to check for case-sensitivity of filenames. Linux will allow the same filename to be stored but in a different case, so we can have a file called file1.txt and FILE1.TXT in the same directory. Windows users may not be used to this, so be prepared to correct this.

IMPORTANT: Finally, if we are using openSUSE 11.4 we need to correct and issue with a security service AppArmor before we can start the SAMBA Server.

  1. Allowing Windows Style File-System Permissions using ACLs. For file-systems that we share out we should consider adding in the Linux mount option “acl” if it does not already exist. Certainly with openSUSE 11.4 the acl option is included by default you can check this by entering the command mount. You can see from the highlighted section of the output below that the option is included. 

    If it is not shown you can edit this option directly in the /etc/fstab file, or, if you prefer via YaST > System > Partitioner.


  2. AppArmor and openSUSE 11.4. AppArmor is a security service that controls what level of access services and programs have to the file-system and library modules. In openSUSE 11.4 there is an AppArmor module that controls SAMBA but does not allow it access to write to files in /etc/samba. This is required for the SMB daemon on initial start-up. We could adjust AppArmor to allow for this but is out of the scope of this course so we will simply disable the AppArmor service. From YaST > Novell AppArmor > AppArmor Control Panel deselect the Enable check box as below.