iiab/roles/samba at 1ec743a65428cd307b0fb951e5525b5d2a805cee - external/iiab

mirror of https://github.com/iiab/iiab.git synced 2025-02-12 11:12:06 +00:00

History

root 3f63c0b4dd Clean df syntax, for each app's disk usage in iiab.ini		2023-06-10 09:10:47 -04:00
..
defaults	Update main.yml	2019-03-05 14:06:48 -05:00
handlers	initial checkin -- May 27, 2017	2017-05-27 11:09:50 -07:00
tasks	Clean df syntax, for each app's disk usage in iiab.ini	2023-06-10 09:10:47 -04:00
templates	smb.conf.j2: hosts allow = 127. 10.10.10.	2022-07-08 22:12:24 -04:00
README.rst	Toughen doc URLs with %3F (instead of .3F)	2023-03-28 15:56:14 -04:00

README.rst

Samba README
============

Do you want your Internet-in-a-Box (IIAB) to act as a file server for your classroom or school?

If `Samba <https://www.samba.org/samba/docs/>`_ is installed and enabled as part of your IIAB's `/etc/iiab/local_vars.yml <https://wiki.iiab.io/go/FAQ#What_is_local_vars.yml_and_how_do_I_customize_it%3F>`_, your IIAB server can advertise a shared "public" folder, available to Windows PC's and laptops on your network.

Default Permissions
-------------------

- Users may read and write to the "public" shared folder.
- They are forced to store their files as a user who has no ability to log on to the server.
- The user, with no ability to log on, has a password which is very difficult to guess e.g. ``verylong%and$hard^to@guess``

Security
--------

**It's critical you understand Samba security,** so as not to endanger your students and community:

- `https://en.wikipedia.org/wiki/Samba_(software)#Security <https://en.wikipedia.org/wiki/Samba_(software)#Security>`_
- https://ubuntu.com/server/docs/samba-securing

Please review the default `/etc/samba/smb.conf <templates/smb.conf.j2>`_ file, and revise it appropriately.

Please also review your overall `IIAB Security <https://wiki.iiab.io/go/Security>`_.