Linux: Samba Configuration - Please Guide Which Setting Should I Avoid

[Pritpal Bedi]

Hello All

Below is the content of smb.conf

#softnas_file: /etc/samba/smb.conf

#softnas_file_version: 2.2

[global]

shadow: localtime = yes 

veto files = /Thumbs.db/

shadow: format = hourly-%Y%m%d-%H%M%S

idmap config * : schema_mode = sfu

cups options = raw 

netbios name = SoftNAS

min receivefile size = 16384

shadow: sort = desc

idmap config workgroup: backend = autorid

shadow: snapdir = .zfs/snapshot

aio write size = 1

hide files = /desktop.ini/$RECYCLE.BIN/

idmap config * : backend = rid

workgroup = WORKGROUP

os level = 20

winbind refresh tickets = Yes

security = AUTO

winbind separator = \

max log size = 50

log file = /var/log/samba/log.%m

load printers = yes 

guest account = nobody

aio read size = 1

delete veto files = yes

auth methods = winbind

kerberos method = secrets only

follow symlinks = yes

map to guest = Bad User

domain master = No

encrypt passwords = yes 

idmap config workgroup: schema_mode = rfc2307

idmap config * : range = 3000000-4000000

realm = WORKGROUP.INT

winbind use default domain = Yes

template shell = /bin/false

vfs objects = shadow_copy2

wide links = yes

server string = Samba Server Version %v

winbind enum users = Yes

template homedir = /profiles/%U.home

idmap config workgroup: range = 3000000-4000000

use sendfile = true

winbind enum groups = Yes

pam password change = Yes

# dedicated keytab file = /etc/krb5.keytab

        oplocks = no

[vouch]

  writable = yes

  browseable = yes

  public = yes

  guest ok = yes

  path = /vouch/vouch

  directory mask = 0777

  create mask = 0777

  # This is application volume and data is always read, never written

  #

  oplocks = yes

[vouch-data]

  writable = yes

  browseable = yes

  public = yes

  guest ok = yes

  path = /vouch/vouch-data

  directory mask = 0777

  create mask = 0777

A backdrop:

Amazon EC2 (A):  Linux Server 14.04 LTS  Running Samba Server

Amazon EC2 (B):  Linux Server(s) Application Instances . Mounting volumes off A with -o cache=none attribute.

Windows Clients C only connected to Application Instances via AWS Load Balancer. They never connect to A directly.

Data is always accessed via B instances, which can be many. 

So the main question is : "oplocks = no" is still required under above scenario ?

Rest whatever you think is appropriate to know for a Linux beginner.

Pritpal Bedi

a student of software analysis & concepts

[Alexandre Cavalcante Alencar]

Hi,

For data sharing with write, if you need to disable Opportunistic Locking, you have to set at least in affected share:

oplocks = no

level2 oplocks = no

strict locking = no

Reference: https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/locking.html

Best Regards

[Pritpal Bedi]

Thanks Alexandre

For data sharing with write, if you need to disable Opportunistic Locking, you have to set at least in affected share:

oplocks = no

level2 oplocks = no

strict locking = no

Reference: https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/locking.html

This link seems to give me a broader understanding 

of the problem I am facing right now. Seems a well written document.