
A Docker image contains the code used to create a Docker container, such as creating a Nginx web server, or a mySQL server, or a home grown app, and the list goes on. In this way, an image is like a template used to create a container. An image is kind of like a virtual machine, but much more light weight, using significantly less storage a memory (containers are usually megabytes in size).
The docker pull command can be used to pull down the latest samba image.
~]# docker pull dperson/samba
Using default tag: latest
latest: Pulling from dperson/samba
df20fa9351a1: Pull complete
cdd17995a233: Pull complete
02fdab01eee5: Pull complete
Digest: sha256:66088b78a19810dd1457a8f39340e95e663c728083efa5fe7dc0d40b2478e869
Status: Downloaded newer image for dperson/samba:latest
docker.io/dperson/samba:latest
Or you could create Dockerfile so that the Dockerfile contains something like this.
FROM samba:latest
Then use the docker build command to create the image, running this command in the same directory as the Dockerfile.
docker build . --tag samba:latest
The docker images command can be used to display the samba image.
~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
dperson/samba latest aac8a52c5b16 15 months ago 52.1MB
The following command can then be used to create and start the Samba container. Let's break down this command.
- The docker run command is used to create and start the Samba container.
- The --detach flag is used to run the container in the background.
- The --publish option is used to configure both the Docker server and Samba container to listen on ports 139 and 445, which adds a rule to iptables to allow connections between the Docker system and container on ports 139 and 445.
- The --volume option (optional) is used to mount the /usr/local/docker/samba/smb.conf file on the Docker system to /etc/samba.smb in the container so that the container is using your own smb.conf file.
- The --volume option (optional) is used to mount the /usr/local/docker/samba/share directory on the Docker system to /usr/local/share in the container. The /usr/local/share directory is the directory that contains the files that will be shared.
- The --name option is used to name the container samba.
- The --restart unless-stopped option is used so that the container is started if the Docker server is restarted
- The dperson/samba image is used.
docker run
--detach
--publish 139:139
--publish 445:445
--volume /usr/local/docker/samba:/etc/samba
--volume /usr/local/docker/samba/share:/usr/local/share
--restart unless-stopped
--name samba
dperson/samba
If using the --volume option, here is a starter smb.conf file. In this example, the tdbsam (trivial database sam) backend is being used. I prefer to also disable printers.
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[share]
path = /usr/local/share
browsable = yes
public = yes
writeable = yes
If using the --volume option, ensure the directory being shared on the Docker system has SELinux type etc_t.
~]$ ls -lZ /usr/local/docker/samba/
drwxrwxrwx. 4 root root system_u:object_r:usr_t:s0 4096 Oct 25 02:37 share
The docker container ls command can be used to ensure the container is running.
~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
ba2fff144f7f dperlson/samba "/sbin/tini -- /usr/…" 3 hours ago Up 3 hours 0.0.0.0:139->139/tcp, :::139->139/tcp, 137-138/udp, 0.0.0.0:445->445/tcp, :::445->445/tcp samba
The docker logs command should return something like this.
~]# docker logs samba
smbd version 4.12.2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2020
daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
Use the docker exec command to create a new user in the container.
useradd -p itsasecret -d /home/john.doe -s /bin/bash john.doe
The user should now exist in the /etc/passwd file in the container.
~]# docker exec samba cat /etc/passwd
john.doe:x:1000:1000::/home/john.doe:/bin/bash
Use the smbpasswd -a command to add the user to the Samba database.
~]# docker exec -it samba bash
bash-5.0# smbpasswd -a john.doe
New SMB password:
Retype new SMB password:
Added user john.doe.
The pdbedit --list --smbpasswd-style command can be used to verify the user was added to the SMB database. The output should be identical to the smb.passwd file.
~]# docker exec samba pdbedit --list --smbpasswd-style
john.doe:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:43A29EF878C2498C6960672E21CA9B9D:[U ]:LCT-616C00EF:
~]# docker exec samba cat /etc/samba/smb.passwd
john.doe:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:43A29EF878C2498C6960672E21CA9B9D:[U ]:LCT-616C00EF:
The smbclient command can be used to see if you are able to connect to a share with a certain user and their password (john.doe in this example).
smbclient --list //$(hostname -s)/share --user john.doe
Did you find this article helpful?
If so, consider buying me a coffee over at