I wanted to mount some files from a remote Linux box on my OpenBSD firewall. I would have loved to have used sshfs as it would have made everything quick and painless, but from all my searching there is no sshfs module for fuse on OpenBSD. If someone knows this not to be true hit up my "About" section, grab my email address and set me straight. The next idea was using NFS as I know OpenBSD supports NFS and so does Linux. Then I thought about dealing with the portmapper and firewalls and I did not want to deal with opening ranges of ports for NFS. I finally settled on using Samba. 4 ports and we are done. Plus even windows clients can use it if need be.
Since I have Ubuntu for my Linux box I just did an "sudo apt-get install samba" and that quickly installed Samba. I had made a very simple smb.conf file that I dropped in /etc/samba/smb.conf (see below). After that I started Samba with "service smbd start". Then I opened ports 137,138,139 and 445 on my Linux boxes firewall. Here is the simple read only config for my Samba share.
[global] workgroup = workgroup netbios name = linuxhost security = share #interfaces = 127.0.0.0/8 lo socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536 #bind interfaces only = true [share1] comment = Samba Share path = /path/to/share read only = Yes guest only = Yes #writeable = Yes guest ok = yes create mask = 0755
The Samba config is set to read only so no worries about people deleting your files. I left some lines commented out for notes to myself. If you do need write access then this config gets a little more complicated and that is not what is intended for this blog post.
After getting the Linux Samba share configured and exported I now needed to mount it on the OpenBSD box. To do this in OpenBSD there is a program called sharity-light. It is available from OpenBSD packages. I switched to a root account and installed sharity-light with "pkg_add -i sharity-light" (remember to set your PKG_PATH env var to get this to work). Then I made a dir where the share was going to be mounted "mkdir /tmp/share". Lastly mounted the share from the Linux box with "shlight //linuxhost/share1/ /tmp/share -U guest".The share will then ask you for a password. Since this is a guest account there is none so just hit enter. Your files should now appear on your OpenBSD machines mount point.
I did have one problem with permissions on the Linux box hosting the files. You need to make sure all the files permissions are open enough for the mount point to access the files. The easiest way to do this is to make sure the files your sharing are chmod'ed to 755. This will allow the owner of the files on the Linux box to still be able to write to them and the group and global permissions will be readable and executable. Remember you need directories to have execute on for an account to be able to get into it. So if you keep getting "Permission Denied" when trying to copy a file check on the local file permissions and the remote file perms.
