I’m trying to create a password protected samba share via SSH but some commands are missing in coreelec like groupadd, useradd.
How can I do that?
Do it from settings…
I need to do this via ssh
You can’t add user into coreelec. But you can edit samba.conf file with terminal
Why don’t you use coreelec settings ?
No way!
Care explaining why not?
That was a joke. He’s kind of guy who suggests you to open the hood when you asked about how to fix the engine…
In order to create a password protected samba share I need to create a samba group&user for it.
That’s the problem.
Use coreelec settings
is not an option because the box is used as a tvheadend server and accessible only via SSH.
CoreELEC:~ # ls -al /opt/etc/passwd
-rw-r--r-- 1 root root 336 Dec 20 23:33 /opt/etc/passwd
CoreELEC:~ # smbpasswd -a smbuser
New SMB password:
Retype new SMB password:
Failed to add entry for user smbuser.
Samba is not used from entware but it is part of CE and it uses file /etc/passwd which is readonly.
Can I disable the built-in samba and install another from entware?
Disable samba in CoreELEC settings addon under services.
I’m not using Kodi. The box serves as a tvheadend server on the LAN.
Should I disable it from systemd?
Finally solved. Writing here the steps in case someone else needs it.
source: shared folders - password protected samba share - Unix & Linux Stack Exchange
-
First stop the built-in samba server
# systemctl stop smbd
-
install samba4 from entware
# opkg update && opkg install samba4-server
-
modify /storage/.config/system.d/smbd.service like below (modify required paths to /storage/.opt/ only)
[Unit]
Description=Samba SMB Daemon
Wants=network-online.target nmbd.service
After=network-online.target nmbd.service
ConditionPathExists=!/storage/.cache/services/samba.disabled
ConditionPathExists=/run/samba/smb.conf
[Service]
Type=forking
PIDFile=/storage/.opt/var/run/samba/smbd.pid
LimitNOFILE=16384
ExecStart=/storage/.opt/sbin/smbd --configfile=/storage/.config/samba.conf
ExecReload=/bin/kill -HUP $MAINPID
TimeoutStopSec=1s
Restart=always
RestartSec=2
StartLimitInterval=0
[Install]
WantedBy=multi-user.target
- edit
/storage/.config/samba.conf
and create a share
[Private Share]
path=[give here the path to the folder to be shared]
force user = smbuser
force group = smbgroup
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
writable = yes
-
Create a system group. I chose smbgroup
# addgroup --system smbgroup
-
create a user smbuser, in smbgroup but do not create a home directory, and also deny the ability to log in to the system
# adduser -S -H -G smbgroup -s /bin/false smbuser
-
Change the ownership of folder to be shared.
# chown -R smbuser:smbuser [folder path]
-
Give write access
# chmod -R g+w [folder path]
-
Add samba password to smbuser.
# smbpasswd -a smbuser
New SMB password:[password]
Retype new SMB password:[password]
- Now restart smbd.
# systemctl restart smbd
Other factors need to be considered for using samba on entware, especially for long term usage.
The most prominent one I found so far is entware has independent setting for folders like /var and /tmp, and if you use them by default they write to your TF card (if CE is running on TF) or internal emmc (if installed internally). Just make a system script and point those folders to CE’s tmpfs instead to reduce wearing.
ln -s /tmp/temp /storage/.kodi/
ln -s /tmp/ /storage/.opt/
ln -s /var/ /storage/.opt/
Doesn’t samba sever in entware has own start scripts? And you should disable samba completely
systemctl mask smbd
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.