Samba: Setup for Windows Previous Versions Support


Hi,

this post describes how to setup samba to provide filesystem snapshots to Windows in its “Previous Versions” tab.

Install your prefered Linux Distribution. In this tutorial debian 9 stretch.

Let us assume /dev/sda is the disk for the operating system and /dev/sdb the disk for data. 2 Types of shares should exist. Home shares and project shares. All homes are inclued if a snapshot is triggered (Should demonstrate multiple shares in one subvolume). While each project can have its own snapshots (One share per subvolume).

The previous version feature requieres a filesystem with snapshot support. Linux just support one natively: btrfs. Install btrfs tools/support and gdisk

root@debdev ~ # apt-get install btrfs-progs gdisk samba attr

Prepare your disk. Partition 1 (/dev/sdb1) should hold the homes (mount point /mnt-home) and partition 2 the projects (mount point /mnt-projects). create and format the partitions. I use gpart for partitioning. It creates a GPT based layout but if you have a disk <2TB a MBR layout is also possible.

root@debdev ~ # gdisk /dev/sdb
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-16777182, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-16777182, default = 16777182) or {+-}size{KMGTP}: 1600G
Partition number (1-128, default 2):
...
root@debdev ~ # mkfs.btrfs /dev/sdb1
root@debdev ~ # mkfs.btrfs /dev/sdb2

Create Mountpoints

root@debdev ~ # mkdir /mnt-home
root@debdev ~ # mkdir /mnt-projects

Mount the partitions at boot time. Append the following lines to /etc/fstab

/dev/sdb1 /mnt-home btrfs defaults,noatime,rw 0 0
/dev/sdb2 /mnt-projects btrfs defaults,noatime,rw 0 0

Reboot and check if the partitions are mounted correctly

root@debdev ~ # mount | grep sdb
/dev/sdb1 on /mnt-home type btrfs (rw,noatime,space_cache,subvolid=5,subvol=/)
/dev/sdb2 on /mnt-projects type btrfs (rw,noatime,space_cache,subvolid=5,subvol=/)

Create subvolumes. subvolumes are the basis for snapshots. The root folders of the partitions are already subvolumes but we need additional ones for the snapshots.

root@debdev ~ # btrfs subvolume create /mnt-home/homes 
root@debdev ~ # btrfs subvolume create /mnt-home/.snapshots
root@debdev ~ # btrfs subvolume create /mnt-projects/projects 
root@debdev ~ # btrfs subvolume create /mnt-projects/.snapshots

Additionally I will here describe all steps (for a standalone windows workgroup server) including the creation of user and groups. 2 Users which its own Windows Samba Share and access to one project.

root@debdev ~ # groupadd project1
root@debdev ~ # useradd  -s /bin/false -G users,project1 user1
root@debdev ~ # useradd  -s /bin/false -G users,project1 user2

Add Windows/Samba Users and passwords

root@debdev ~ # smbpasswd -a user1
root@debdev ~ # smbpasswd -a user2

Create folders and set permissions

root@debdev ~ # mkdir /mnt-home/homes/user1
root@debdev ~ # chown user1:user1 /mnt-home/homes/user1
root@debdev ~ # chmod 770 /mnt-home/homes/user1
root@debdev ~ # mkdir /mnt-home/homes/user2
root@debdev ~ # chown user2:user2 /mnt-home/homes/user2
root@debdev ~ # chmod 770 /mnt-home/homes/user2
root@debdev ~ # btrfs subvolume create /mnt-projects/projects/project1
root@debdev ~ # btrfs subvolume create /mnt-projects/.snapshots/project1
root@debdev ~ # chown root:project1 /mnt-projects/projects/project1
root@debdev ~ # chmod 770 /mnt-projects/projects/project1

Move old config

root@debdev ~ # mv /etc/samba/smb.conf /etc/samba/smb.conf.org

Samba example config /etc/samba/smb.conf


[global]
        workgroup = YOURWORKGROUP
        netbios name = yourserver
        server string = Samba Server
        # interfaces = 127.0.0.1, eth0
        # bind interfaces only = Yes
        security = USER
        map to guest = Bad User
        os level = 1
        preferred master = No
        local master = No
        domain master = No
        guest account = nobody
        unix charset = UTF8
        directory mask = 0770
        create mask = 0640
        # inherit permissions = yes
        inherit owner = yes
        client ntlmv2 auth = yes
        client lanman auth = no
        client plaintext auth = no
        # Only ntlmv2
        ntlm auth = yes
        lanman auth = no
        encrypt passwords = yes
        access based share enum = yes
        server signing = auto
        client signing = auto
        vfs objects = acl_xattr
        map acl inherit = yes
        store dos attributes = yes

[project1$]
        path = /mnt-projects/projects/project1
        # Group project1
        valid users = @project1
        # admin users = root, michael
        write list = @project1
        force group = project1
        read only = No
        guest ok = no
        vfs objects = shadow_copy2
        # /mnt-projects/.snapshots/projects/@GMT_2018.10.16-21.31.48
        # shadow:basedir => subvolume
        shadow:basedir = /mnt-projects/projects/project1
        shadow:snapdir = /mnt-projects/.snapshots/project1
        shadow:format = @GMT_%Y.%m.%d-%H.%M.%S
        shadow:sort = desc
        shadow:localtime = no
        directory mask = 0770
        create mask = 0660

[user1$]
        comment = Home User1
        browsable = no
        path = /mnt-home/homes/user1
        writable = yes
        write list = user1
        guest ok = no
        vfs objects = shadow_copy2
        # /mnt-home/.snapshots/@GMT_2018.10.16-21.31.48/user1
        shadow:basedir = /mnt-home/homes
        shadow:share_root = user1
        shadow:snapdir = /mnt-home/.snapshots
        shadow:format = @GMT_%Y.%m.%d-%H.%M.%S
        shadow:sort = desc
        shadow:localtime = no

[user2$]
        comment = Home User2
        browsable = no
        path = /mnt-home/homes/user2
        writable = yes
        write list = user2
        guest ok = no
        vfs objects = shadow_copy2
        # /mnt-home/.snapshots/@GMT_2018.10.16-21.31.48/user2
        # shadow:basedir => subvolume
        shadow:basedir = /mnt-home/homes
        shadow:share_root = user2
        shadow:snapdir = /mnt-home/.snapshots
        shadow:format = @GMT_%Y.%m.%d-%H.%M.%S
        shadow:sort = desc
        shadow:localtime = no

Ok, time to start samba

root@debdev ~ # systemctl enable smbd.service
root@debdev ~ # systemctl start smbd.service

Try to connect to the shares and copy some data

Creating snapshots. Of all homes:

root@debdev ~ # btrfs subvolume snapshot -r /mnt-home/homes /mnt-home/.snapshots/@GMT_`date -u +%Y.%m.%d-%H.%M.%S`

Note: date -u creates a snapshot with UTC Timestamp. Also in smb.conf shadow:localtime has to configure to no

And a Snapshot of project1

root@debdev ~ # btrfs subvolume snapshot -r /mnt-projects/projects/project1 /mnt-projects/.snapshots/project1/@GMT_`date -u +%Y.%m.%d-%H.%M.%S`

Copy more data to the share….and try to access the Previous Version tab.

Some further helpful commands
List all snapshots of a subvolume

root@debdev ~ # btrfs subvolume list /mnt-home/homes

Delete a snapshot

root@debdev ~ # btrfs subvolume delete /mnt-home/.snapshots/@GMT_2018.10.16-21.31.48

Michael

Leave a Reply Cancel reply