Differences
This shows you the differences between two versions of the page.
|
linux_wiki:network_services_overview_smb [2016/10/02 21:38] billdozor [Host Based] |
linux_wiki:network_services_overview_smb [2019/05/25 23:50] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Network Services Overview SMB ====== | ||
| - | |||
| - | **General Information** | ||
| - | |||
| - | This page covers the Network Services objectives, specifically for samba (which uses the server message block protocol, or SMB). | ||
| - | |||
| - | **Network Services Objectives** | ||
| - | * Install the packages needed to provide the service | ||
| - | * Configure SELinux to support the service | ||
| - | * Use SELinux port labeling to allow services to use non-standard ports | ||
| - | * Configure the service to start when the system is booted | ||
| - | * Configure the service for basic operation | ||
| - | * Configure host-based and user-based security for the service | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Install the packages needed to provide the service ====== | ||
| - | |||
| - | Install the service (server) | ||
| - | <code bash> | ||
| - | yum install samba samba-client | ||
| - | </ | ||
| - | * samba -> samba server | ||
| - | * samba-client -> samba client utilities | ||
| - | |||
| - | Install the service (client) | ||
| - | <code bash> | ||
| - | yum install samba-client cifs-utils | ||
| - | </ | ||
| - | * samba-client -> samba client utilities | ||
| - | * cifs-utils -> includes command needed to mount remote SMB shares | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Configure SELinux to support the service ====== | ||
| - | |||
| - | * Service agnostic -> [[linux_wiki: | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Use SELinux port labeling to allow services to use non-standard ports ====== | ||
| - | |||
| - | Configuring the < | ||
| - | |||
| - | **NOTE**: "man semanage-port" | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Configure the service to start when the system is booted ====== | ||
| - | |||
| - | Check Current Service Status | ||
| - | <code bash> | ||
| - | systemctl status smb | ||
| - | </ | ||
| - | * Also displays if the service is enabled or disabled | ||
| - | |||
| - | \\ | ||
| - | Enabling a service to start on boot | ||
| - | <code bash> | ||
| - | systemctl enable smb | ||
| - | </ | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Configure the service for basic operation ====== | ||
| - | |||
| - | Enable and Start the service | ||
| - | <code bash> | ||
| - | systemctl enable smb | ||
| - | systemctl start smb | ||
| - | </ | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Configure host-based and user-based security for the service ====== | ||
| - | |||
| - | ===== Firewall ===== | ||
| - | |||
| - | Allow access through the firewall | ||
| - | <code bash> | ||
| - | firewall-cmd --permanent --add-service=samba | ||
| - | firewall-cmd --reload | ||
| - | </ | ||
| - | |||
| - | ===== Host Based ===== | ||
| - | |||
| - | Main samba config | ||
| - | <code bash> | ||
| - | vim / | ||
| - | |||
| - | hosts allow = 192.168.1. | ||
| - | </ | ||
| - | * Allows all hosts in the 192.168.1.x network | ||
| - | * Allow list over rides deny lists (if any and they conflict) | ||
| - | ===== User Based ===== | ||
| - | |||
| - | ---- | ||