Bootstrap FreeKB - Samba (File Server) - Install Samba on Docker (smb)
Samba (File Server) - Install Samba on Docker (smb)
Updated:   |  Samba (File Server) articles

A Docker image contains the code used to create a Docker container, such as creating a Nginx web server, or a mySQL server, or a home grown app, and the list goes on. In this way, an image is like a template used to create a container. An image is kind of like a virtual machine, but much more light weight, using significantly less storage a memory (containers are usually megabytes in size).

 

The docker pull command can be used to pull down the latest samba image.

~]# docker pull dperson/samba
Using default tag: latest
latest: Pulling from dperson/samba
df20fa9351a1: Pull complete
cdd17995a233: Pull complete
02fdab01eee5: Pull complete
Digest: sha256:66088b78a19810dd1457a8f39340e95e663c728083efa5fe7dc0d40b2478e869
Status: Downloaded newer image for dperson/samba:latest
docker.io/dperson/samba:latest

 

Or you could create Dockerfile so that the Dockerfile contains something like this.

FROM samba:latest

 

Then use the docker build command to create the image, running this command in the same directory as the Dockerfile.

docker build . --tag samba:latest

 

The docker images command can be used to display the samba image.

~]# docker images
REPOSITORY          TAG              IMAGE ID       CREATED         SIZE
dperson/samba       latest           aac8a52c5b16   15 months ago   52.1MB

 

The following command can then be used to create and start the Samba container. Let's break down this command.

  • The docker run command is used to create and start the Samba container.
  • The --detach flag is used to run the container in the background.
  • The --publish option is used to configure both the Docker server and Samba container to listen on ports 139 and 445, which adds a rule to iptables to allow connections between the Docker system and container on ports 139 and 445.
  • The --volume option (optional) is used to mount the /usr/local/docker/samba/smb.conf file on the Docker system to /etc/samba.smb in the container so that the container is using your own smb.conf file.
  • The --volume option (optional) is used to mount the /usr/local/docker/samba/share directory on the Docker system to /usr/local/share in the container. The /usr/local/share directory is the directory that contains the files that will be shared.
  • The --name option is used to name the container samba.
  • The --restart unless-stopped option is used so that the container is started if the Docker server is restarted
  • The dperson/samba image is used.
docker run
--detach
--publish 139:139
--publish 445:445
--volume /usr/local/docker/samba:/etc/samba
--volume /usr/local/docker/samba/share:/usr/local/share
--restart unless-stopped
--name samba
dperson/samba

 

If using the --volume option, here is a starter smb.conf file. In this example, the tdbsam (trivial database sam) backend is being used. I prefer to also disable printers.

[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw

[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes

[share]
path = /usr/local/share
browsable = yes
public = yes
writeable = yes

 

If using the --volume option, ensure the directory being shared on the Docker system has SELinux type etc_t.

~]$ ls -lZ /usr/local/docker/samba/
drwxrwxrwx. 4 root root system_u:object_r:usr_t:s0 4096 Oct 25 02:37 share

 

The docker container ls command can be used to ensure the container is running.

~]# docker container ls -a
CONTAINER ID   IMAGE           COMMAND                 CREATED      STATUS      PORTS                            
ba2fff144f7f   dperlson/samba  "/sbin/tini -- /usr/…"  3 hours ago  Up 3 hours  0.0.0.0:139->139/tcp, :::139->139/tcp, 137-138/udp, 0.0.0.0:445->445/tcp, :::445->445/tcp  samba

 

The docker logs command should return something like this.

~]# docker logs samba
smbd version 4.12.2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2020
daemon_ready: daemon 'smbd' finished starting up and ready to serve connections

 

Use the docker exec command to create a new user in the container.

useradd -p itsasecret -d /home/john.doe -s /bin/bash john.doe

 

The user should now exist in the /etc/passwd file in the container.

~]# docker exec samba cat /etc/passwd
john.doe:x:1000:1000::/home/john.doe:/bin/bash

 

Use the smbpasswd -a command to add the user to the Samba database.

~]# docker exec -it samba bash
bash-5.0# smbpasswd -a john.doe
New SMB password:
Retype new SMB password:
Added user john.doe.

 

The pdbedit --list --smbpasswd-style command can be used to verify the user was added to the SMB database. The output should be identical to the smb.passwd file.

~]# docker exec samba pdbedit --list --smbpasswd-style
john.doe:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:43A29EF878C2498C6960672E21CA9B9D:[U          ]:LCT-616C00EF:

~]# docker exec samba cat /etc/samba/smb.passwd
john.doe:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:43A29EF878C2498C6960672E21CA9B9D:[U          ]:LCT-616C00EF:

 

The smbclient command can be used to see if you are able to connect to a share with a certain user and their password (john.doe in this example).

smbclient --list //$(hostname -s)/share --user john.doe

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 05138e in the box below so that we can be sure you are a human.