FILE SERVER CONFIGURATION ON LINUX
In computing, a file server is a computer attached to a network that has the primary purpose of providing a location for the shared storage of computer files (such as documents, sound files, photographs, movies, images, databases, etc.) that can be accessed by the workstations that are attached to the computer network. The term server highlights the role of the machine in the client – server scheme, where the clients are the workstations using the storage. A file server is usually not performing any calculations, and does not run any programs on behalf of the clients. It is designed primarily to enable the rapid storage and retrieval of data where the heavy computation is provided by the workstations.
This project is the combination of 3 protocols FTP+SAMBA+DHCP giving access to data shared in a network to the users. The description/ working of the protocols are mentioned below. I Combined all these Protocols by writing a SCRIPT using BASH environment in REDHAT LINUX Operating System v5.1. In this project I studied/show how to create a file server providing share access in network using small & easy scripts created in BASH environment. I design a script that manage the service in a network START/STOP. Allowing Access OR Deny Access to share for a user in NETWORK. I also design NFS-SERVER SCRIPT that manage a SHARE in a network. The Description of the NFS and all Protocols are described below.
WORKING OF THE PROJECT
Working : Sharing Data or files in NETWORK using any environment LINUX/WINDOWS
Required : FTP, SAMBA & DHCP.
File Transfer Protocol (FTP)
t is a network protocol used to transfer data from one computer to another through a network such as the Internet.
FTP is a file transfer protocol for exchanging and manipulating files over a TCP computer network. An FTP client may connect to an FTP server to manipulate files on that server.
Connection Methods
FTP runs over TCP.[1] It defaults to listen on port 21 for incoming connections from FTP clients. A connection to this port from the FTP Client forms the control stream on which commands are passed from the FTP client to the FTP server and on occasion from the FTP server to the FTP client. FTP uses out-of-band control, which means it uses a separate connection for control and data. Thus, for the actual file transfer to take place, a different connection is required which is called the data stream. Depending on the transfer mode, the process of setting up the data stream is different. Port 21 for control and authentication( match user password ), port 20 for data transfer.
FTP and web browsers
Most recent web browsers and file managers can connect to FTP servers, although they may lack the support for protocol extensions such as FTPS. This allows manipulation of remote files over FTP through an interface similar to that used for local files. This is done via an FTP URL, which takes the form ftp(s)://<ftpserveraddress> (e.g., ftp://ftp.gimp.org/). A password can optionally be given in the URL, e.g.: ftp(s)://<login>:<password>@<ftpserveraddress>:<port>. Most web-browsers require the use of passive mode FTP, which not all FTP servers are capable of handling. Some browsers allow only the downloading of files, but offer no way to upload files to the server.
vsftpd Configuration Options
Although vsftpd may not offer the level of customization other widely available FTP servers have, it offers enough options to fill most administrator’s needs. The fact that it is not overly feature-laden limits configuration and programmatic errors.
10
All configuration of vsftpd is handled by its configuration file, /etc/vsftpd/vsftpd.conf. Each directive is on its own line within the file and follows the following format:
<directive>=<value>
There must not be any spaces between the <directive>, equal symbol, and the <value> in a directive.
Package used for FTP in Linux : vsftp*
Daemon name : vsftpd
_____________________________________________________]
Samba
It is a free software re-implementation of SMB/CIFS networking protocol, originally developed by Australian Andrew Tridgell. Samba is released under the GNU General Public License. The name Samba comes from SMB (Server Message Block), the name of the standard protocol used by the Microsoft Windows network file system.
As of version 3 Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member. It can also be part of an Active Directory domain. Samba runs on most Unix and Unix-like systems, such as Linux, Solaris, AIX and the BSD variants, including Apple’s Mac OS X Server (which was added to the Mac OS X client in version 10.2). Samba is standard on nearly all distributions of Linux and is commonly included as a basic system service on other Unix-based operating systems as well.
Samba sets up network shares for chosen Unix directories (including all contained subdirectories). These appear to Microsoft Windows users as normal Windows folders accessible via the network. Unix users can either mount the shares directly as part of their file structure or, alternatively, can use a utility, smbclient (libsmb) installed with Samba to read the shares with a similar interface to a standard command line FTP program. Each directory can have different access privileges overlaid on top of the normal Unix file protections. For example: home directories would have read/write access for all known users, allowing each to access their own files. However they would still not have access to the files of others unless that permission would normally exist. Note that the net logon share, typically distributed as a read only share from /etc/samba/net logon, is the logon directory for user logon scripts.
Configuration is achieved by editing a single file (typically installed as /etc/smb.conf or /etc/samba/smb.conf). Samba can also provide user logon scripts and group policy implementation through poledit.
Samba includes a web administration tool called Samba Web Administration Tool (SWAT)
By using a Samba the sharing is done on Linux to Linux and Windows to Linux ‘
Samba features :-
- 1.Serve directory trees and printers to Linux, UNIX, and Windows clients
- 2.Assist in network browsing (with or without NetBIOS)
- 3.Authenticate Windows domain logins
- 4.Provide Windows Internet Name Service (WINS) name server resolution
- 5.Act as a Windows NT®-style Primary Domain Controller (PDC)
- 6.Act as a Backup Domain Controller (BDC) for a Samba-based PDC
- 7.Act as an Active Directory domain member server
- 8.Join a Windows NT/2000/2003 PDC
How we can configure a samba server by taking a example?
- Let us see installed packages needed for samba setup
- Edit the file and enter following details
(configuration file of samba is smb.conf) - #vi /etc/samba/smb.conf
[sunteam] —————————————>Display Name for the shared path.
comment = For Sunteam use Only ———–>Optional.
path = /home/data————————->Path to be shared.
writable = yes printable = no
browseable = yes
# we can limit the access to this path by adding the following line into the above conf file:
valid users = users to be allowed to share the path
# To connect to a samba share from a shell prompt use the following command :
Smbclient//hostname/host_dir –u username
13
# To mount a samba share to a directory:
Mount –t cifs –o username passwd //servername /share /mnt/point
Package used for SAMBA in Linux : samba*
Daemon name : smb
________________________________________________________]
Dynamic Host Configuration Protocol (DHCP)
It is a network application protocol used by devices (DHCP clients) to obtain configuration information for operation in an Internet Protocol network. This protocol reduces system administration workload, allowing devices to be added to the network with little or no manual intervention.
When a DHCP-configured client (be it a computer or any other network-aware device) connects to a network, the DHCP client sends a broadcast query requesting necessary information from a DHCP server. The DHCP server manages a pool of IP addresses and information about client configuration parameters such as the default gateway, the domain name, the DNS servers, other servers such as time servers, and so forth. Upon receipt of a valid request the server will assign the computer an IP address, a lease (the length of time for which the allocation is valid), and other IP configuration parameters, such as the subnet mask and the default gateway. The query is typically initiated immediately after booting and must be completed before the client can initiate IP-based communication with other hosts.
DHCP provides four modes for allocating IP addresses. The best-known mode is dynamic, in which the client is provided a “lease” on an IP address for a period of time. Depending on the stability of the network, this could range from hours (a wireless network at an airport) to months (for desktops in a wired lab). At any time before the lease expires, the DHCP client can request renewal of the lease on the current IP address. A properly-functioning client will use the renewal mechanism to maintain the same IP address throughout its connection to a single network, otherwise it may risk losing its lease while still connected, thus disrupting network connectivity while it renegotiates with the server for its original or a new IP address. The other modes for allocation of IP addresses are automatic , in which the address is permanently assigned to a client, and manual, in which the address is selected by the client (manually by the user or any other means) and the DHCP protocol messages are used to inform the server that the address has been allocated. The automatic and manual methods are generally used when finer-grained control over IP address is required (typical of tight firewall setups), although typically a firewall will allow access to the range of IP addresses that can be dynamically allocated by the DHCP server. The process of address allocation is known as ROSA. Request, Offer, Send, Accept.
Configuring a DHCP Server
You can configure a DHCP server using the configuration file /etc/dhcpd.conf.
DHCP also uses the file /var/lib/dhcp/dhcpd.leases to store the client lease database. Refer to the Section called Lease Database for more information.
Configuration File
The first step in configuring a DHCP server is to create the configuration file that stores the network information for the clients. Global options can be declared for all clients, or options can be declared for each client system.
The configuration file can contain any extra tabs or blank lines for easier formatting. The keywords are case-insensitive, and lines beginning with a hash mark (#) are considered comments.
There are two types of statements in the configuration file:
- Parameters — state how to perform a task, whether to perform a task, or what network configuration options to send to the client.
- Declarations — describe the topology of the network, describe the clients, provide addresses for the clients, or apply a group of parameters to a group of declarations.
Some parameters must start with the option keyword and are referred to as options. Options configure DHCP options; whereas, parameters configure values that are not optional or control how the DHCP server behaves.
Parameters (including options) declared before a section enclosed in curly brackets ({ }) are considered global parameters. Global parameters apply to all the sections below it.
Important
If you change the configuration file, the changes will not take effect until you restart the DHCP daemon with the command service dhcpd restart.
Package used for DHCP in Linux : dhcp*
Daemon name : dhcpd
——————————————————————————–]
Network File System (NFS)
A network file system is any computer file system that supports sharing of files, printers and other resources as persistent storage over a computer network. The first file servers were developed in the 1970s, and in 1985 Sun Microsystems created the file system called “Network File System” (NFS) which became the first widely used network file system. Other notable network file systems are Andrew File System (AFS), NetWare Core Protocol (NCP), and Server Message Block (SMB) which is also known as Common Internet File System (CIFS).
Ideally, a network file system should appear to its users to be a conventional, centralized file system. The multiplicity and dispersion of its servers and storage devices should be made invisible. That is, the client interface used by programs should not distinguish between local and remote files. It is up to the network file system to locate the files and to arrange for the transport of the data.
The most important performance measurement of a network file system is the amount of time needed to satisfy service requests. In conventional systems, this time consists of a disk-access time and a small amount of CPU-processing time. But in a network file system, a remote access has additional overhead due to the distributed structure. This includes the time to deliver the request to a server, the time to deliver the response to the client, and for each direction, a CPU overhead of running the communication protocol software. The performance of a network file system can be viewed as one dimension of its transparency: ideally, it would be comparable to that of a conventional file system.
NFS Configuration
NFS stands for network file system, and is a way to share files between machines as if they were on your local hard drive. Linux can be both an NFS server and an NFS client, which means that it can export file systems to other systems, and mount file systems exported from other machines.
Mounting NFS File systems
Use the mount command to mount an NFS file system from another machine:
mkdir /mnt/local # Only required if /mnt/local doesn't exist mount bigdog:/mnt/export /mnt/local
In this command, bigdog is the hostname of the NFS fileserver, /mnt/export is the file system that bigdog is exporting, and /mnt/local is a directory on my local machine where we want to mount the file system. After the mount command runs (and if we have the proper permissions from bigdog ) we can enter ls /mnt/local and get a listing of the files in /mnt/export on bigdog.
Exporting NFS File systems
The file that controls what file systems you wish to export is /etc/exports .
the ( options ) are optional. For example:
/mnt/export example.com (rw , sync)
NFS Client Configuration Files
Any NFS share made available by a server can be mounted using various methods. The share can be manually mounted, using the mount command. However, this requires that the root user type the mount command every time the system restarts. Two methods of configuring NFS shares to be mounted automatically at boot time include modifying the /etc/fstab or using the autofs service.
/etc/fstab
Placing a properly formatted line in the /etc/fstab file has the same effect as manually
mounting the exported file system. The /etc/fstab file is read by the /etc/rc.d/init.d/netfs script at system startup and any NFS shares listed there will be mounted.
A sample /etc/fstab line to mount an NFS export looks like the following:
<server>:</path/of/dir> </local/mnt/point> nfs <options> 0 0
The <server-host> corresponds to hostname, IP address, or fully qualified domain name of the server exporting the file system.
The </path/of/directory> is the path to the exported directory.
The </local/mount/point> specifies where on the local file system to mount the exported directory. This mount point must exist before /etc/fstab is read or the mount will fail.
The nfs option specifies the type of file system being mounted.
The <options> area specifies mount options for the file system. For example, if the options area states rw,suid, the exported file system will be mounted read-write and the user and groupid set by the server will be used. Note that parentheses are not to be used here.
Package used for DHCP in Linux : nfs*
Daemon name : nfsd
___________________________________________________________]
TESTING
This is script is to create a combination of four servers : -
NFS - Network file System
SAMBA - Server Message Block
FTP – File Transfer Protocol
DHCP – Dynamic Host Transfer Protocols
First of all we need to install Extended Internet Daemon for support of SAMBA
#rpm -ivh /dump/Server/xinetd* –aid –force
Now I am installing samba packages
Samba provide sharing of data between LINUX and WINDOW
#rpm -ivh /dump/Server/samba* –aid –force
After that install FTP packages
Do not worry VSFTPD is very secure File Transfer Protocols and is enabled for
local users
#rpm -ivh /dump/Server/vsftp* –aid –force
I am also installing DHCP for future
Lab setup if required then I will use this to assign IP address
#rpm -ivh /dump/Server/dhcp* –aid –force
USERS
I am adding two users named POP and ROCK
#useradd pop
#useradd rock
Adding files in the directory of USERS for sharing
#echo “this is a file of users POP ” > /home/pop/sales
#echo “this is a file of users ROCK ” > /home/rock/myfile
Configuring the DHCP for NETWORK
#cat /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample > /etc/dhcpd.conf
#clear
Staring DHCP service
#service dhcpd restart
Starting FTP service
#service vsftpd restart
Starting NFS service
#service nfs restart
Starting SAMB service
#service smb restart
Permanent ON the services
#chkconfig smb on
#chkconfig dhcpd on
#chkconfig nfs on
#chkconfig vsftpd on
#clear
#echo ” all services are started”
#echo “plz assign passwords to both users manually according to your requirement”
#echo ” thanks all things are done and working fine.”
SCREEN SHOT
WHOLE SCRIPT IS RUNNING IN SINGLE RUN
ADVANTAGES OR APPLICATION OF PROJECT
Advantages of file sharing
In a file sharing environment, a large number of users can access a program as though it were on their local machines, when actually the program resides on a single file server. This is a great benefit to small workstations, where disk space is at a premium. A user can have access to a much larger program repertoire than could fit on a private disk.
By having a resource reside physically on a single server, then distributed throughout the network, you can greatly simplify administration. First, you reduce the number of copies of various programs that need to be maintained on the network. Second, you reduce the problems involved in performing backups for a number of machines dispersed over a wide geographical area. By keeping files in a single location, this task becomes comparable to backing up a single machine.
Centralizing files on a few file servers not only simplifies administration, it helps maintain consistency of shared data files. When changes are made to a shared file, they become available to all users immediately.
As an alternative to centralizing files on a few file servers, files may be shared. When a single computer runs out of capacity, more computers can be added to a configuration. Files can be moved to the new computers, while a consistent view of the file system from the user’s perspective is maintained.
The advantages of running a fileserver for your network include (but are not limited to ) speed, non-interference, security.
1) You will get faster response time with the dedicated server, as it’s not running anything else that a normal user would be running.
2) Same as #1, except on client-side. You don’t get any lag by others streaming files from your shares.
3) You don’t really have to worry about your machine being nuked by anything, as it’s not your personal box. You can also tighten it up more (blocking all but samba/NFS ports, chroot jail, etc.
File Server Application Development
The File Server technology enables clients to access files and other resources, such as printers, from a server over a network using TCP/IP.
File Server uses the Common Internet File System (CIFS). This is an extension of the Server Message Block (SMB) file sharing protocol. CIFS enables a network-enabled application to access and manipulate files and directories on a remote server in the same way that it the application accesses and manipulates files and directories on the local system.
File Server supports user-level authentication. This means that any client attempting to access a share on a server must provide a user name and password. When authenticated, the user can then access all shares that are not protected by share-level security on a server.
.
