100% Uninhibited LAN file sharing & collaboration?

As I've mentioned elsewhere here - I am helping a retirement aged friend to modernize his tiny office & it now has 4 PCs all running U/M 18.04.3 .

I've been having an awful time making file sharing work for him, his young assistant and his office lady.

Samba itself is a bit of a nightmare & gave me fits until I discovered how to make Nautilus do the initial heavy lifting & all 3 of them now have 'Public' dirs as well as the sort of rudimentary faux server that is where they store & retrieve documents as they need them.

Just tonight is the very 1st I've heard of caja-share in a thread here from 2015 - woof !!

What is desired is the ability to use & move documents - mostly PDFs & DOCX files, freely & without ANY concerns for permissions AT ALL via their tiny LAN.

After reading a skazillion guides & trying everything under the sun that I could find, I cleaned off all that I tried that did not work.

The Nautilus method did finally work - but there STILL are strangely creeping permission changes that tie Libre Writer into tangled knots when they occur - as well as oddities just trying to attach files to emails that cause app crashes for no apparent reasons.

If it could be as simple as shown in that thread from 2015 it would be very appreciated indeed !!

Thanks in advance for any helpful replies here !!

You could change the default file permissions to 0666 with uname's set for each user. But that, especially with free access across the LAN has serious security issues. One compromised account on one machine compromises every single file on every machine. Linux is designed from the ground up to prevent exactly what you ask for from happening. Modernization needs to include understanding that a 1990s concept of security is not enough. I monitor my (standalone) firewall. I see port scans go by every few seconds. I think of nearly every one as an attempted intrusion, because there is no legitimate reason to scan every port on an IP address, ever, except intrusion, or intrusion prevention checking. And I'm on a dynamic IP, not static. You will be doing your friend a favor if you don't do what he asks--sooner or later.

A solution to file sharing that I use is a single central machine running a file server on nfs v.4. That disk partition is mounted noexec and nosuid (and probably some other restrictions as well). All users have an account of type nologin on that machine. All users belong to the "users" group on that machine. All other machines have that partition mounted locally via nfs on /home/share. You also have to be sure that all numerical userIDs and groupIDs are identical on all machines for this to work.

The end result is that anyone can read/write to the same /home/share partition. The files there will show their userID, but be in the "users" group. Default file permissions are 0664, so anyone can also read/edit other's files. Directories are owned by root:root or another group "higher" than users so that some directories can be privately shared only for owners, bookkeeper, etc.

All work that is not personal is done directly into the nfs share, across the network. We see no noticeable latency on read or write above when a file is read/written locally. And our server is still spinning rust, and the network only 100 Mbps

We've used this system for years. Loss of connection to the nfs is rare, and takes only a remote ssh and mount command to restore. (or a local reboot, but that's overkill) It is necessary when power is lost that the server boot up first. A formal backup procedure is required, but that should be the case anyway.

Just my 2 cents.

PS: don't let the backup comment slide. I use a triple mirror disk array on the share, for performance and redundancy. It is snapshotted every night, and duplicated offsite every week. Another advantage of a file server setup is the same disk array also receives nightly rsync copies of every home directory on the network. When I do once a week offsite backups, I only have one machine and one drive array to backup--so that is much easier, and guaranteed complete. I do provide each user with a subdirectory in their home called NoBackup, which the backup script ignores. They can put large easily replaced, disk-eating media files there. Or you could make the script ignore certain file extensions.

1 Like

Thank You for such an amazing reply to my query Charles-nix !!!

Addressing your points now=>
His entire small LAN is behind a dedicated firewall which has done a great job 'till now, and given that it is all on cable internet without a static IP may be a very good thing as well.

I do not (yet ??) know how to set default file permissions to 0666 for all, nor how to add unames for each user - but frankly if that would produce uninhibited access with just a couple of steps it may be what gives him back what he so dearly misses.
(Does 'uname' translate to 'usernames' as in just adding users, or ??)
((And in searching default file permissions I see many articles, so I will learn more about this now, thanks.))

The app crashes being caused by wandering file permissions ARE a serious nuisance - upon this I agree with him.

As to NFS, when investigating file sharing options I read a whole bunch of write-ups about it - and didn't dare to try making it happen as it was not only quite complicated (to my eyes...), but also in examining 10 different user's methods (for example) they had common steps woven in between very different steps - which worried me greatly.

No restrictions are needed in this small place as the man himself has his private files sequestered to his liking & the other 2 users are not any problem with regards to those files.

All the PCs have UPSes - and off-site backups have been made & kept for years already - and there are no large media (or other) such files since it is all about documents at his place.

Should there be a very clear, step-by-step guide to NFS sharing which my small brain can make use of, I may try it, but given that my time on-site is very limited and that Samba is already (mostly ??) working there - such a change may cause more troubles than trying to remedy the ills of the existing configuration...and how would I know this beforehand ??

Thanks Again !!

Update...after all these months and much wrangling with the tangles.

His office now has only 2 users & the 'server' on the LAN anymore and in case it wasn't clear in either of my prior entries here:
Permissions help EXACTLY nothing in using local-only file shares for documents.

Until today Samba was in use and it can be stated as factual (IMO) that Libreoffice cannot correctly handle files shared via Samba.

Collabora Office is better by a goodly margin, but still trips over the strange permission problems - though it does so less than its ancestor, L.O.

NFS was never attempted after the hour or 2 that I wasted in trying to test it out brought me zero good results - all I got out of that attempt was a headache.

I since got a suggestion to use SSHFS for file sharing over the LAN and did my usual sorts of widespread checking into it so as to compile the most consistent & pertinent info I could find before trying to impliment it.

So now I'm back again after spending almost my entire weekend doing computer fix-it stuff...including the part of that time used in setting up SSHFS as suggested.

It -IS- way better than Samba - but can also be much worse & I'll try to 'splain a little.

Getting it up & ready on the LAN's 'server' was indeed quite trivial.

Getting connected to it manually & testing it for ease of use at the 2 'client' ends also went very smoothly & was quite impressive, BUT:

There is the same lack of succinct & complete info (as Samba...) when it comes to automating it to reconnect at boot time, and I learned the hard way that this can result in the dreaded & inescapable emergency mode.

How did I get so lost ??

Out of the ~2 dozen sites I compiled connection info from - not even ONE mentioned that to add the mount points into fstab - you must FIRST have set up the proper key pairs so that it can authenticate - OR ELSE !!!!

Thank goodness for the Ventoy made USB tools stick that I have with Parted Magic which allowed me to comment out the offending lines & remove the dirty bit markings & then to have GParted make sure the partitions were indeed error free.

Then silly old me tried making a bash script to do the mounting...nope, that didn't work either, but at least it also didn't harm anything.

So - for the moment the needed connections are right, tight & do indeed function just like local file sharing & will just require manual reconnections after each reboot.

In the meantime I will try to work out the EXACT & needed details for correctly installing the key pairs - whilst I still really wish there was some other even simpler way to make it work...
Like maybe just from a single script with desktop icon to make it remount after a restart.

Thanks Again for any Helpful replies here !!

1 Like

@computerguy, if the usage is just sharing few files on local network, then you may consider Warpinator from LinuxMint project. I use it myself and it is sufficient for my needs.

I don't think we have a .deb package for Ubuntu but they have flatpak version which works on all distros. If you are interested, please see flatpak setup guide for Ubuntu and then install warpinator flatpak.

Thanks for your reply Saivinoba !!
I found Warpinator many months ago and as it ONLY sends and receives files across the network - it is not what is needed at all.

What my efforts ARE about is to enable many thousands of existing document files on a central LAN connected PC to be opened and/or edited right from that 'server' as if they are local files and NOT transferred.

Frankly - the poor comparison is that with windows PCs on a LAN this is child's play - utterly simple vs. with Linux it really IS the monster beneath the bed !!

Also - now that I've gotten SSHFS working, I have no desire to change it again - just a desire to make it as simple to initiate & maintain as possible.

Thanks Again !!

1 Like

This may be my last entry about this, as it has been in use for weeks already and there have been no hiccups, thankfully.

All it takes to restore these nice, tight, fully available connections post-reboot is executing one command per share, so after about 1 minute all is back as desired & functioning smoothly.

I have decided NOT to bother making this fully automatic via the keypairs.

Here are the reasons for that choice:
1 - Apparently adding that brings encryption into play, which can slow down these connections;
2 - In this situation with local-only file sharing there is zero benefit in adding encryption;
3 - The minute it takes to restore them is trivial.

So now I have a small text file of those lines to just copy/paste and it appears that all is truly well.

Of course...
If some truly wise & talented coder types would make and share a way to add SSHFS resources via a context menu entry or as a file manager action (at both ends...) then=>
Local, LAN file sharing in Linux could be just as simple as it was in 'other' OSes before they got dumbed down in some ways & over-complicated in others !!