
A Docker image contains the code used to create a Docker container, such as creating a Nginx web server, or a mySQL server, or a home grown app, and the list goes on. In this way, an image is like a template used to create a container. An image is kind of like a virtual machine, but much more light weight, using significantly less storage a memory (containers are usually megabytes in size).
The following docker-compose.yml file can be used to pull down the Samba image, create and start the Samba container. Let's break down this file.
- The dperson/samba image is used.
- The ports option is used to configure both the Docker server and Samba container to listen on ports 139 and 445, which adds a rule to iptables to allow connections between the Docker system and container on ports 139 and 445.
version: "3.7"
services:
samba:
image: dperson/samba
ports:
- "139:139"
- "445:445"
The docker stack deploy command is used to pull down the Samba image, create and start the Samba container. The --detach flag is used to run the container in the background.
~]# docker stack deploy --compose-file docker-compose.yml samba_stack
Creating network samba_stack_default
Creating service samba_stack_samba
The docker network ls command can be used to confirm that the samba_stack_default network was created.
~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
r0zassvat4e5 samba_stack_default overlay swarm
The docker stack ls command can be used to confirm that the samba_stack was created.
NAME SERVICES ORCHESTRATOR
samba_stack 1 Swarm
The docker stack services command can be used to confirm that the samba_stack service was created.
ID NAME MODE REPLICAS IMAGE PORTS
ivq9h5yxl1om samba_stack_samba replicated 1/1 dperson/samba *:139->139/tcp, *:445->445/tcp
The docker container ls command can be used to ensure the container is running.
~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
ba2fff144f7f dperlson/samba "/sbin/tini -- /usr/…" 3 hours ago Up 3 hours 0.0.0.0:139->139/tcp, :::139->139/tcp, 137-138/udp, 0.0.0.0:445->445/tcp, :::445->445/tcp samba_stack_samba.1.fc1stjk8hd65inznq0b03jmqk
The docker logs command should return something like this.
~]# docker logs <samba container ID>
smbd version 4.12.2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2020
daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
Use the docker exec command to create a new user in the container.
useradd -p itsasecret -d /home/john.doe -s /bin/bash john.doe
The user should now exist in the /etc/passwd file in the container.
~]# docker exec samba cat /etc/passwd
john.doe:x:1000:1000::/home/john.doe:/bin/bash
Use the smbpasswd -a command to add the user to the Samba database.
~]# docker exec -it <samba container ID> bash
bash-5.0# smbpasswd -a john.doe
New SMB password:
Retype new SMB password:
Added user john.doe.
The pdbedit --list --smbpasswd-style command can be used to verify the user was added to the SMB database. The output should be identical to the smb.passwd file.
~]# docker exec <samba container ID> pdbedit --list --smbpasswd-style
john.doe:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:43A29EF878C2498C6960672E21CA9B9D:[U ]:LCT-616C00EF:
~]# docker exec <samba container ID> cat /etc/samba/smb.passwd
john.doe:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:43A29EF878C2498C6960672E21CA9B9D:[U ]:LCT-616C00EF:
The smbclient command can be used to see if you are able to connect to a share with a certain user and their password (john.doe in this example).
smbclient --list //$(hostname -s)/share --user john.doe
Did you find this article helpful?
If so, consider buying me a coffee over at