linux_wiki:smb_provide_network_shares_to_specific_clients

This is an old revision of the document!

SMB Provide Network Shares To Specific Clients

General Information

Installing and configuring SMB (Samba) shares.


Access in general

  • A Linux user account must exist for each user that needs to access a samba share
    • The Linux user will need proper access permissions to files/directories
  • A Samba user also must exist.
    • Samba users are mapped to Linux users
    • The Samba user will be given access at the samba share level
  • Typically, this is done by giving directories permissions at the group level, and adding the Linux users to the group.
    • Then, give that group access at the samba share level.

Server Install and Config

Install required packages 

yum install samba samba-client


Enable and start the service 

systemctl enable smb
systemctl start smb


Firewall: Open for the service 

firewall-cmd --permanent --add-service=samba
firewall-cmd --reload


Create directory to share 

mkdir /sambashare


SELinux: Set file context on the samba share directory 

semanage fcontext -at samba_share_t "/sambashare(/.*)?"
restorecon -Rv /sambashare


SELinux: Find samba boolean settings 

getsebool -a | grep samba_export
getsebool -a | grep samba_share_nfs


SELinux: Turn boolean samba settings on 

setsebool -P samba_export_all_ro=1 samba_export_all_rw=1 samba_share_nfs=1
  • -P → permanent


Edit samba configuration file 

vim /etc/samba/smb.conf
 
[global]
Workgroup = MYLABSERVER
server string = 192.168.1.200
hosts allow = 127.  192.168.1.10
interfaces = lo eth0 192.168.1
passdb backend = smbpasswd
security = user
log file = /var/log/samba/%m.log
max log size = 5000
 
[sambashare]
comment = /sambashare
browsable = yes
path = /sambashare
public = yes
valid users = user1
write list = user1
writable = yes
  • [global] → global samba settings
    • Workgroup → Can be domain or should match Windows workgroup if needing to share with Windows systems
    • server string → IP of the samba server itself
    • hosts allow → Hosts that are allowed to access
    • interfaces → samba binds to these interfaces or IPs
    • passdb backend → password to backend database (for users enabled)
    • security → user security set
  • [sambashare] → Share name
    • comment → Can be anything descriptive
    • browsable → Can browse shares
    • path → file system path
    • public → publicly available
    • valid users → users that can access
    • write list → users that can write to the share
    • writable → enable write to the share


Test samba config syntax 

testparm


Set samba password for user1 (different from system password) 

smbpasswd -a user1


Display information from SAM (samba) database 

pdbedit -Lv


Restart the samba service 

systemctl restart smb


Test the samba share 

smbclient -L //localhost -U user1
  • Enter samba password (not system) when prompted

Client Install and Config

Install required packages 

yum install samba samba-client cifs-utils


List samba server's shares 

smbclient -L //192.168.1.200/sambashare -U user1


Create a local location to mount the remote samba share 

mkdir /sharedrive


Mount temporarily 

mount //192.168.1.200/sambashare /sharedrive -t cifs -o username=user1,uid=1004,gid=1004


Mount persistently: Create credentials file 

vim /etc/samba/.sharedcreds
 
username=user1
password=password


Mount persistently: Edit fstab 

vim /etc/fstab
 
//192.168.1.200/sambashare  /sharedrive  cifs rw,credentials=/etc/samba/.sharedcreds,uid=1004,gid=1004  0 0
  • linux_wiki/smb_provide_network_shares_to_specific_clients.1475459448.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)