Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
linux_wiki:network_services_overview_smb [2016/10/02 15:55] billdozor [Network Services Overview SMB] |
linux_wiki:network_services_overview_smb [2019/05/25 23:50] (current) |
||
|---|---|---|---|
| Line 12: | Line 12: | ||
| * Configure the service for basic operation | * Configure the service for basic operation | ||
| * Configure host-based and user-based security for the service | * Configure host-based and user-based security for the service | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ====== Lab Setup ====== | ||
| + | |||
| + | The following virtual machines will be used: | ||
| + | * server1.example.com (192.168.1.150) -> Perform all SMB client tests from here | ||
| + | * server2.example.com (192.168.1.151) -> Install the Samba Server here | ||
| ---- | ---- | ||
| Line 17: | Line 25: | ||
| ====== Install the packages needed to provide the service ====== | ====== Install the packages needed to provide the service ====== | ||
| - | Install the service | + | Install the service |
| + | <code bash> | ||
| + | yum install samba samba-client | ||
| + | </ | ||
| + | * samba -> samba server | ||
| + | * samba-client -> samba client utilities | ||
| + | |||
| + | Install the service (client) | ||
| <code bash> | <code bash> | ||
| - | yum install | + | yum install |
| </ | </ | ||
| + | * samba-client -> samba client utilities | ||
| + | * cifs-utils -> includes command needed to mount remote SMB shares | ||
| ---- | ---- | ||
| Line 27: | Line 44: | ||
| * Service agnostic -> [[linux_wiki: | * Service agnostic -> [[linux_wiki: | ||
| + | * **IMPORTANT**: | ||
| + | yum install setools-console | ||
| + | |||
| + | # View all label types | ||
| + | seinfo -t | ||
| + | |||
| + | # Find Samba/SMB types | ||
| + | seinfo -t | grep samba | ||
| + | seinfo -t | grep smb | ||
| + | </ | ||
| ---- | ---- | ||
| Line 42: | Line 69: | ||
| Check Current Service Status | Check Current Service Status | ||
| <code bash> | <code bash> | ||
| - | systemctl status | + | systemctl status |
| </ | </ | ||
| * Also displays if the service is enabled or disabled | * Also displays if the service is enabled or disabled | ||
| Line 49: | Line 76: | ||
| Enabling a service to start on boot | Enabling a service to start on boot | ||
| <code bash> | <code bash> | ||
| - | systemctl enable | + | systemctl enable |
| </ | </ | ||
| Line 58: | Line 85: | ||
| Enable and Start the service | Enable and Start the service | ||
| <code bash> | <code bash> | ||
| - | systemctl enable | + | systemctl enable |
| - | systemctl start < | + | systemctl start smb |
| </ | </ | ||
| Line 70: | Line 97: | ||
| Allow access through the firewall | Allow access through the firewall | ||
| <code bash> | <code bash> | ||
| - | firewall-cmd --permanent --add-service=< | + | firewall-cmd --permanent --add-service=samba |
| firewall-cmd --reload | firewall-cmd --reload | ||
| </ | </ | ||
| Line 76: | Line 103: | ||
| ===== Host Based ===== | ===== Host Based ===== | ||
| + | Main samba config | ||
| + | <code bash> | ||
| + | vim / | ||
| + | [global] | ||
| + | hosts allow = 192.168.1. | ||
| + | </ | ||
| + | * Allows all hosts in the 192.168.1.x network | ||
| + | * Allow list over rides deny lists (if any and they conflict) | ||
| ===== User Based ===== | ===== User Based ===== | ||
| + | |||
| + | Main samba config | ||
| + | <code bash> | ||
| + | vim / | ||
| + | |||
| + | [share] | ||
| + | valid users = dvader, yoda | ||
| + | write list = dvader | ||
| + | read list = yoda | ||
| + | </ | ||
| + | * valid users -> allowed to login to the service | ||
| + | * write list -> users that can write, even if the share is set to read only | ||
| + | * read list -> users that can read | ||
| ---- | ---- | ||