Sambathumb

Setup Samba 4 on Arch Linux

Updated: [03.05.2015] Sync some performance settings with my own personal settings, added a link to some more performance tips (see bottom).
Updated: [28.09.2015] Sync again

Note: Check this article if you want to install arch on your pogoplug.

Samba 4 is out now 🙂
So I’ll make this tutorial for Samba 4 because it seems to be slightly faster.
This article will tell you how to install it on your PogoplugV2 or another PlugPC.
Should be pretty much the same for all arch installations.

Samba 3 is going to be removed once Samba 4 is installed.
Your old config will be saved to /etc/samba/smb.conf.pacorig

Installation of Samba 4 is pretty easy.

pacman -Sy samba

Now enable the services.

systemctl enable smbd nmbd

Create Users

If you want to create shares for multiple users you have to create new Unix user and add this one to samba as well.
To make it clean we will create a group called “samba”.

groupadd samba

Now we can add a new user to this group. This user “fabian” is not able to login (-s /sbin/nologin) for security purposes.

useradd -m -g samba -s /sbin/nologin fabian

To use this user in samba shares you have to add it to samba

pdbedit -a -u fabian

Create Shares

We are ready to configure our samba shares.
At the beginning configure
To do so edit /etc/samba/smb.conf

nano /etc/samba/smb.conf

Here is an example configuration.
You have to edit the Share definitions below so it fits your setup.

[global]
   workgroup = WORKGROUP
   server string = POGOPLUG
   netbios name = POGOPLUG
   # hosts allow = 192.168.0.
   printcap name = /dev/null
   load printers = no
   disable spoolss = yes
   printing = bsd
   show add printer wizard = no
   print notify backchannel = no
   log file = /var/log/samba/log.%m
   max log size = 50
   security = user
   dns proxy = no
   # For public share without login
   map to guest = Bad User

   # Android bugix for reading files (samba4 bug see: https://bugzilla.samba.org/show_bug.cgi?id=9706)
   unix extensions = false

   # Fix for file batch copy issues (see: http://archlinuxarm.org/forum/viewtopic.php?f=18&t=4864) - seems to be fixed now (28.09.2015)
   # oplocks = no
   # level2 oplocks = no

   # Some Tuning (See Optimize Performance)
   socket options = TCP_NODELAY IPTOS_LOWDELAY
   write cache size = 262144
   # sendfile will interrupt data transfer :/ (but cpu usage is less) - seems to be fixed now (03.05.2015)
   use sendfile = true
   getwd cache = yes
   min receivefile size = 16384
   max xmit = 65536
   # Global security
   public = yes

#============================ Share Definitions ==============================

# Public, read only
[Videos]
        comment = Videos for all
        read only = yes
        # use this only for read only shares!
        fake oplocks = yes
        path = /media/zincobi/Videos

# Public, writeable
[Abrechnungen]
        comment = Abrechnungen
        read only = no
        writeable = yes
        path = /media/zincobi/Abrechnungen

# whole HDD, only for fabian
[zincobi]
        comment = Fabians share
        public = no
        valid users = fabian
        read only = no
        writeable = yes
        path = /media/zincobi

Optimize performance

The stock performance of samba isn’t that great. Especially with NTFS.
But there are some parameters which will increase Samba performance significantly.

Add all these settings to the global section in your smb.conf file.

socket options = TCP_NODELAY IPTOS_LOWDELAY

The main problem for slow file transfer speeds is NTFS, because NTFS needs much CPU on linux.
Nevertheless there are 2 options which will boost the speed:

write cache size

If this integer parameter is set to non-zero value, Samba will create an in-memory cache for each oplocked file (it does not do this for non-oplocked files). All writes that the client does not request to be flushed directly to disk will be stored in this cache if possible. The cache is flushed onto disk when a write comes in whose offset would not fit into the cache or when the file is closed by the client. Reads for the file are also served from this cache if the data is stored within it.

This cache allows Samba to batch client writes into a more efficient write size for RAID disks (i.e. writes may be tuned to be the RAID stripe size) and can improve performance on systems where the disk subsystem is a bottleneck but there is free memory for userspace programs.

The integer parameter specifies the size of this cache (per oplocked file) in bytes.

Default: write cache size = 0

Example: write cache size = 262144 # for a 256k cache size per file

Some example values are:

write cache size = 262144

(262144 = 256KB – you should test some values it’s pretty memory intensive)

Don’t forget to start the samba services or reboot:

systemctl start smbd nmbd

For some additonal performance tips check this blogpost: https://linuxengineering.wordpress.com/2014/08/03/performance-tuning-with-pogoplug-v4/

44 thoughts on “Setup Samba 4 on Arch Linux”

  1. Hello,

    Everything works beautifully, thanks for these instructions.

    Only problem is, I manually need to do a chmod 777 on the mounted directories in /media before I can write to them from other computers. I need to do this after each reboot.

    Is there a way to automate the process? I am using uDevil, like you mentioned in your other article.

  2. I have a pogoplug v4 with usb3.

    I am getting very slow transfer rates with samba, and consistently fail to boot if there is anything else connected to the pogo except for the rootfs usb stick.

    I have a sony 4gb usb stick and the stock archlinux with most of the tweeks listed here and at the linuxengineering website. what is your gut feeling about why it is so slow?

    1. Hi,
      sorry but I need way more information otherwise I can’t help. Please post your configs, your setup (network, hdd,…) and some benchmark results.

        1. Thank you for all of your tutorials; they’re wonderful!

          Are the optimizations applicable to non-ARM Arch Linux installs. I have a server that runs Arch 64bit. Should I change the optimization values you provide? (e.g., write cache size (and/or “socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072”

          Thank you,

          buzz

  3. When I try to start the samba service with:
    systemctl start smb nmb

    I get the following errors:
    Failed to start smb.service: Unit smb.service failed to load: No such file or directory.
    Failed to start nmb.service: Unit nmb.service failed to load: No such file or directory.

    Any idea why?

  4. Thanks!!!

    I recently upgraded from Samba3 to Samba4 and had all kinds of problems with my smb.conf file (which worked fine in Samba3).

    I replaced my [global] section with the one listed here and it fixed everything!!

    Thanks so much for taking the time to write this up.

  5. Hi Obi,
    great tutorials, guided me through the whole process, very much appreciated!
    One question:
    what”s the expected read?write performance with Samba and a NTFS USB disk and the performance settings suggested in your blog?

    I just get a max of 5mb/s read and write over gigiabit lan and expected a little bit more…. any other improvements possible than formating the drive in ext3/ext4?

    Thx
    kurt

      1. Still struggeling with the read (9MB) and write(8MB) speed with NTFS.
        Just wondering if the “big_writes” parameter should be reported with mount?
        In my case it just lists following:
        /dev/sdb2 on /media/Intenso type fuseblk (rw,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,default_permissions,allow_other,blksize=4096)
        Any indication that something goes wrong?
        Thanks,
        kurt

        1. Sorry for my late answer.
          You can’t see this parameter in mount output. You have to execute ‘ps -ef’. There you will find the udevild process running with this parameter.

  6. note that the service names (“d” is missing in your tutorial):

    # systemctl enable smbd nmbd

    1. At least for samba 4.0.6-1:
      # pacman -Ql samba | grep systemd/system
      samba /usr/lib/systemd/system/
      samba /usr/lib/systemd/system/nmbd.service
      samba /usr/lib/systemd/system/samba.service
      samba /usr/lib/systemd/system/smbd.service
      samba /usr/lib/systemd/system/smbd.socket
      samba /usr/lib/systemd/system/smbd@.service
      samba /usr/lib/systemd/system/swat.socket
      samba /usr/lib/systemd/system/swat@.service
      samba /usr/lib/systemd/system/winbindd.service

  7. Everybody, looks like there have been some changes to samba. Looks like a previously insalled smbclient4 is in conflict with samba. Had to remove both smbclient4 and samba4, and then reinstall samba and smbclient (no 4). Also, looks like the deamon names have been changed from smb and nmb to smbd and nmbd.

  8. Here is my global:
    [global]
    workgroup = HOME
    server string = POGOPLUG
    netbios name = POGOPLUG
    # hosts allow = 192.168.1.
    printcap name = /dev/null
    load printers = no
    disable spoolss = yes
    printing = bsd
    log file = /var/log/samba/log.%m
    max log size = 50
    security = user
    dns proxy = no

    # For public share without login
    map to guest = Bad User

    # Android bugix for reading files (samba4 bug see: https://bugzilla.samba.org/show_bug.cgi?id=9706)
    unix extensions = false

    # Fix for file batch copy issues (see: http://archlinuxarm.org/forum/viewtopic.php?f=18&t=4864)
    oplocks = no

    # Some Tuning (See Optimize Performance)
    socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE
    write cache size = 2097152
    use sendfile = true
    getwd cache = yes

    # Global security
    public = yes

    Many thanks

    1. Now i tested changing the folders permitions setting the group to samba, and giving it write permitions.
      Seems it works now.

      Just wondering if this is the best way of doing it?
      THanks

  9. Hello,
    wonderful guide, i used this alone the other guide in my new pogoplug grey,

    i was able to read my pogoplug attached hd via samba, on my user but unable to write. however settings says it should. hope you can guide me to find the issue, im trying to have read/write permitions to jhon user via samba to the hard drive, sharing the whole hd.

    my share config:
    [All]
    guest ok = no
    writeable = yes
    valid users = jhon
    path = /media/sda1-TOSHIBA

    On the other hand, on the HD Files permitions, root:root 755.

    Thank you

  10. I get a “error: target not found: samba4”

    Is this a repository issue or am I doing something wrong?

  11. Hi,
    thank you Obi, for your great tutorial (the best I found in the web). It was very helpful for me as a linux newbie. Everything worked perfect except of one thing:

    If I copy a big file (about 5 GB) from Win7 on my Pogo-Samba-NAS I get the message that my memory on my mounted HDD is not enough – even though I have over 200GB of free space!

    Do I have to activate lfs like this guys?
    http://blog.stefan-macke.com/2012/04/11/copying-files-larger-than-2gb-to-a-mounted-samba-share-on-linux/
    or
    http://www.cyberciti.biz/faq/howto-access-files-greater-than-2gb-samba/

    How can I implement this on my Pogo-Arch?

    PS: accessing 20GB-files is no problem – only copying files lager than 2GB
    PPS: My Kernel is up to date (was updated yesterday, 10th April 2013),

  12. Thank you for the great How-Tos – I’m really looking forward to reading more from you.
    I am currently trying to reach my pogo V2 from the internet. I already have a domain from http://freedns.afraid.org and the owncloud android client. But I am completely new to Linux so I dont know how to configure my pogo to get Owncloud, ddclient etc up and running. In addition i am a little bit afraid about the security aspects – if my pogo is accessible from the www.
    Do you have a hint where i should continue?

    1. Sorry don’t know anything about owncloud. Didn’t try it myself.

      First of all you should try to install owncloud without dynamic dns stuff and see whether it works fine with direct ip access.
      Your pogoplug needs a static ip address (see my howto) and you have to forward the port (probably port 80 for owncloud) to your pogoplug ip.
      Here is a small tutorial how to install owncloud: https://wiki.archlinux.org/index.php/Owncloud
      This could help you as well: http://blog.rotzoll.net/2013/01/pogoplug-v2-classic-owncloud-installation-auf-einem-frischen-archlinux-mit-nginx/
      You should use sqlite as database because it’s lightweight.
      Another useful link: http://archlinuxarm.org/forum/viewtopic.php?f=18&t=3769

      But you’re right you should be pretty careful!
      I forwarded port 22 (SSH) on my router to my pogoplug and had about 1500 failed login tries per day…
      So many bots out there…

      After I changed the SSH port to some other free port everything was quiet again 🙂 (I know that’s not a good practise. But I don’t want to waste ressources because some stupid bots try to bruteforce my SSH pw)
      For SSH you should use RSA private/public key files and forbid password login.

  13. Sorry to bother again but I think you made a small typo

    This user “fabian” is able to login (-s /sbin/nologin) for security purposes.

    I think that should be

    This user “fabian” is not able to login (-s /sbin/nologin) for security purposes.

  14. Hey this works! Thanks a lot for that. I was ready to give up on my Samba adventure.

    A question though
    I too have share my video on my network but unlike you my video dir in in my user directory
    and I had to add ‘force user = username’ to my smb.conf in order to make it work. like so:


    [Video]
    comment = Videos for all
    read only = yes
    force user = raoul
    path = /home/raoul/videos

    Is this a save, normal way of sharing folders? Maybe there some sercurity problem with a force user? Not sure but force user doesn’t sound save does it?

  15. Ups, forgot to write in english 😉
    Thanks for your reply (and the great howtos in general!).
    I don’t think that I set a global user. This is my global section:
    [global]
    workgroup = WORKGROUP
    server string = MEDIASERVER
    netbios name = MEDIASERVER
    # hosts allow = 192.168.0.
    printcap name = /dev/null
    load printers = no
    disable spoolss = yes
    printing = bsd
    log file = /var/log/samba/log.%m
    max log size = 50
    security = user

    dns proxy = no

    # Some Tuning (See Optimize Performance)
    socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE
    write cache size = 2097152
    use sendfile = yes
    getwd cache = yes

    # Global security
    public = yes

    I can see the share and read files, but I can’t add files.

      1. Now it looks like one of the more obvious mistakes.. sorry.
        The two suggestions did the trick, – thank you!

  16. Hm irgendwie hab ich bei folgendem Share keine Schreibrechte:


    [Dokumente]
    comment = Dokumente
    read only = no
    writable = yes
    path = /shares/Dokumente

    Muss ich beim lokalen Ordner (/shares/Dokumente) noch Rechte setzen oder so was? 🙁

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.