Create And Configure Samba Shares In CentOS 7
Then enter the hostname and IP address of the server and save the file. (add the line below at the end of the file and save)192.168.0.1 srvr1.domain.com srvr1- Installing Samba in CentOS 7
yum -y install samba samba-client samba-commonAfter running the above commands, go and create a backup of Samba default configuration file. To do that, run the commands below.
mv /etc/samba/smb.conf /etc/samba/smb.conf.bakThen create a new configuration file with the information below.
vi /etc/samba/smb.conf
- Samba global parameters
[global] workgroup = WORKGROUP
server string = Samba Server %v
netbios name = srvr1
security = user
map to guest = bad user
dns proxy = no- First share to allow everyone access
[allaccess]
path = /samba/allaccess
browsable = yes
writable = yes
guest ok = yes
read only = noThe above share definition gives everyone access without prompting for passwords regardless of their group membership.
The entire file should look like this:
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = srvr1
security = user
map to guest = bad user
dns proxy = no
#============================ Share Definitions ==============================
[allaccess]
path = /samba/allaccess
browsable =yes
writable = yes
guest ok = yes
read only = no--------------------------------
[html]
path = /var/www/html
browsable =yes
writable = yes
guest ok = yes
read only = no
Save the file and restart Samba services and continue..
Next, run the commands below to create the allaccess folder that you shared above.
mkdir -p /samba/allaccessThen enable and start Samba services using the commands below
systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service- Open the firewall to allow access
firewall-cmd --permanent --zone=public --add-service=sambaThen reload the firewall by running the commands below.
firewall-cmd --reload Since the share above is allaccess, which means everyone should have access, let’s change the permission on the folder. To do that, run the commands below to give ownership of it to nobody.
cd /sambachmod -R 0755 allaccess/
chown -R nobody:nobody allaccess/Next, we want to allow selinux for the share folder above. To do that, run the commands below from the /samba directory.
chcon -t samba_share_t allaccess/Now go to Windows machine and select Run then type the folder path to access it.
Creating secure folder with member only access.
The above setup allows everyone to access that folder. To allow only a select member to access the secure folder inside the allaccess folder, you’ll want to create another share like the one below.
[secured]
path = /samba/secured
valid users = @scuredgroup
guest ok = no
writable = yes
browsable = yesCreate a the new folder by running the commands below
mkdir -p /samba/securedThen create a group name securedgroup. To create a group in Linux run the commands below.
groupadd securedgroupThen add the user richard as a member of the group
useradd richard -G securedgroupDo the same for all the member you want to access the secured folder. When you’re done, allow selinux for the secure folder.
chcon -t samba_share_t secured/Change the permission to that folder to everyone who has access the read and write to it.
cd /sambachmod -R 0777 secured/Finally, change the owner ship of the secured group to a user and the securedgroup.
chown -R richard:securedgroup secured/Now try to access the secured group.
Finally, add the user to Samba database by running the commands below. Do this for all users who will be accessing the secured folder.
smbpasswd -a richardIf you only want a single user to access a particular share, replace the @securedgroup with the user id, and only that user will access that share.
No comments:
Post a Comment