Membuat samba file sharing server di ubuntu

Berikut ini cara membuat server data dengan samba di ubuntu beserta audit file. Jadi segala aktifitas manajemen file akan disimpan kedalam sebuah file.

Update dan upgrade server

aptitude update
aptitude safe-upgrade

Instal samba dan teman-temannya

aptitude install libcupsys2 samba samba-common

Backup file konfigurasi samba

cp /etc/samba/smb.conf /etc/samba/smb.conf.ori

Tambahkan user, disini user linux tidak mempunyai folder di home dan tidak bisa login selain untuk samba saja

useradd -c “Redaktur” -d /home/redaksi -s /sbin/nologin red

Buat password samba untuk user

smbpasswd -a red

Setelah perintah di atas muncul pesan untuk memasukkan password dan konfirmasi password, buat juga user lain sebagai tambahan.

Kemudian edit file config samba

nano /etc/samba/smb.conf

Ini isi dari file smb.conf (masih perlu trial dan error, trial 1 error segudang)<h3>

[global]
passdb expand explicit = No
log file = /var/log/samba/%m.log
smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
create mask = 0644
domain master = Yes
interfaces = eth0 lo
passdb backend = smbpasswd
wins support = true
dns proxy = No
netbios name = DATA
hosts allow = 10.***.***.0/24 127.0.0.1
server string = SERVER DATA 2
local master = Yes
workgroup = TI
os level = 33
directory mask = 0755
security = user
max log size = 100
encrypt passwords = True
#smb ports=139 # untuk error Dec 3 08:38:59 serverdata smbd[10983]: getpeername failed. Error was  

   Transport endpoint is not connected
#untuk error printer Unable to connect to CUPS server localhost:631 – Connection refused
#load printers = no
#show add printer wizard = no
#printing = none
#printcap name = /dev/null
#disable spoolss = yes
# Audit settings
full_audit:prefix = %u|%I|%S
full_audit:failure = none
full_audit:success = mkdir rmdir write pwrite rename unlink
full_audit:facility = local6
full_audit:priority = notice
[ADMIN]
comment = Home punya administrator
path = /home/administrator
read only = No
guest ok = No
browseable = No
create mask = 0600
directory mask = 0700
valid users = administrator
admin users = administrator
vfs objects = full_audit

[TeKomJarMi]
comment = Data hari ini
path = /home/TeKomJarMi
read only = No
guest ok = No
browseable = Yes
create mask = 0655
directory mask = 0755
valid users = administrator, red, iklan, war, dok, dtp
admin users = administrator
vfs objects = full_audit

[MASTER]
comment = Master Program
path = /home/MASTER
read only = No
guest ok = No
browseable = Yes
create mask = 0655
directory mask = 0755
valid users = administrator, red, iklan, war, dok, dtp
admin users = administrator
vfs objects = full_audit

[ARSIP]
comment = Arsip Tekomjarmi
path = /home/HDD2/ARSIP
read only = No
guest ok = No
browseable = Yes
create mask = 0655
directory mask = 0755
valid users = administrator, red, iklan, war, dok, dtp
admin users = administrator, dok
vfs objects = full_audit

[CETAK]
comment = Foto dan Iklan Edisi Cetak
path = /home/HDD2/CETAK
read only = No
guest ok = No
browseable = Yes
create mask = 0655
directory mask = 0755
valid users = administrator, red, iklan, war, dok, dtp
admin user = administrator, iklan, dtp
vfs objects = full_audit

[DATA]
comment = Data user
path = /home/HDD2/DATA
read only = No
guest ok = No
browseable = Yes
create mask = 0666
directory mask = 0777
valid users = administrator, red, iklan, war, dok, dtp
admin user = administrator, red, iklan, war, dok, dtp
vfs objects = full_audit

Jangan lupa restart samba dengan perintah /etc/init.d/samba restart jika di ubuntu 9.10, sedangkan di ubuntu 10.04 perintah tersebut tidak bisa dan diganti dengan restart smbd. Entah kenapa perintah tersebut di ganti tapi dari hasil googling ketemunya restart smbd.
Untuk membuat hasil audit disimpan kedalam file, kita perlu modifikasi dari syslog. Edit file rsyslog dengan perintah

nano /etc/rsyslog.conf

Pada baris terakhir tambahkan

local6.notice /var/log/samba/audit.log

Sekarang buat logrotate, dimana file audit.log akan di rotasi tiap minggunya dan di kompres. Rotasi akan dilakukan 6 kali kemudian hapus rotasi yang paling lama. Untuk rotasi ini masih ujicoba, maklum masih nubitol.

Buat file logrotate audit dengan cara nano /etc/logrotate.d/audit kemudian isi seperti dibawah. Untuk logrotate tidak perlu direstart service karena berjalan dengan cron bukan daemon

/var/log/samba/audit.log {
rotate 6
weekly
compress
missingok
notifempty
}

Restart service

service rsyslog restart
service smbd restart
service nmbd restart

Selamat Mencoba..
Author: Aris krisna
Working at PT. Graha Mitra Teguh with proud as Junior Network Administrator and Junior System Administrator. Learning Linux almost everyday just for fill in his empty brain.

1 thought on “Membuat samba file sharing server di ubuntu

Leave a Reply

Your email address will not be published. Required fields are marked *