General Information
Installing and configuring SMB (Samba) shares.
Access in general
The following virtual machines will be used:
Install required packages
yum install samba samba-client
Enable and start the service
systemctl enable smb
systemctl start smb
Firewall: Open for the service
firewall-cmd --permanent --add-service=samba firewall-cmd --reload
Create directory to share
mkdir /sambashare_public
Directory permissions
chmod 777 /sambashare_public
SELinux: Set file context on the samba share directory
semanage fcontext -at samba_share_t "/sambashare_public(/.*)?" restorecon -Rv /sambashare_public
Create a Linux user that will be used for samba only (so no login shell needed)
useradd -s /sbin/nologin user1
Set samba password for user1 (different from system password)
smbpasswd -a user1
SELinux: Find samba boolean settings
getsebool -a | grep samba
SELinux: Turn boolean samba settings on
setsebool -P samba_export_all_ro=1 samba_export_all_rw=1 samba_share_nfs=1
Edit samba configuration file (Example)
vim /etc/samba/smb.conf # Only listing items to change/add [global] # add hosts allow if needing to limit host access by IP hosts allow = 127. 192.168.1.10 # add interfaces to limit where it is listening interfaces = lo eth0 192.168.1 # create new share; base off of other default entries [sambashare_public] comment = /sambashare_public browsable = yes path = /sambashare_public public = yes valid users = user1 write list = user1 writable = yes
Config File Help
vim /etc/samba/smb.conf.example And man smb.conf
[Optional] Test samba config syntax
testparm
[Optional] Display information from SAM (samba) database
pdbedit -Lv
Restart the samba service
systemctl restart smb
Test the samba share
smbclient -L //localhost -U user1
Install required packages
yum install samba-client cifs-utils
Create the same user on the client that will own the share
useradd -s /sbin/nologin user1
List samba server's shares
smbclient -L //192.168.1.200/sambashare -U user1
Create a local location to mount the remote samba share
mkdir /sharedrive
Mount persistently: Create credentials file
vim /root/.sharedcreds username=user1 password=password
Mount persistently: Ensure restrictive permissions
chown root:root /root/.sharedcreds chmod 400 /root/.sharedcreds
Mount persistently: Edit fstab
vim /etc/fstab //192.168.1.200/sambashare /sharedrive cifs _netdev,rw,credentials=/root/.sharedcreds,uid=1004,gid=1004 0 0
Mount persistently: mount all
mount -a