samba
centos-6
SAMBA Server (File Server)
---------------------------------
=> Linux/UNIX to Windows File share
=> Use CIFS file system
Package Name: samba, nmb
Daemon: smb, nmbd
port: 445
Protocol: TCP
Configuration File: /etc/samba/smb.conf
Setp 01: (RPM installation)
----------
[root@mail Desktop]# rpm -qa | grep samba
[root@mail Desktop]# yum install samba* -y
[root@mail Desktop]# rpm -qa | grep samba
samba-winbind-clients-3.5.10-125.el6.i686
samba-client-3.5.10-125.el6.i686
samba-common-3.5.10-125.el6.i686
samba-winbind-3.5.10-125.el6.i686
samba-3.5.10-125.el6.i686 ;main RPM
samba4-libs-4.0.0-23.alpha11.el6.i686
Step 02: directory create and content ready
--------------------------------------------
[root@mail /]# mkdir /backup
[root@mail /]# cd /backup
[root@mail backup]# mkdir resource software project
[root@mail backup]# ll
project resource software
[root@mail backup]# cd project/
[root@mail project]# ls
[root@mail project]# touch project1 project2 project3
[root@mail project]# cd ..
[root@mail backup]# ls
project resource software
[root@mail backup]# cd resource/
[root@mail resource]# ls
[root@mail resource]# touch cv profile documents
[root@mail resource]# cd ..
[root@mail backup]# ls
project resource software
[root@mail backup]# cd software/
[root@mail software]# ls
[root@mail software]# touch abc.doc vlc.exe office.exe
[root@mail resource]# ls
[root@mail resource]# cd /
step 03: file permission setup
--------------------------------
[root@mail /]# cd /
[root@mail /]# chmod 1777 backup -R ; here "1" sticky bit
[root@mail /]# ls -l backup/
drwxrwxrwt 2 root root 4096 Nov 13 14:09 project
drwxrwxrwt 2 root root 4096 Nov 13 14:09 resource
drwxrwxrwt 2 root root 4096 Nov 13 14:09 software
note: for 1 added "t" end the permission filed
Note: here "t" (user cannot remove any content, while full permission)
=> here -R used for full directory content of "backup"
step 03: server configure
-------
[root@mail /]# vi /etc/samba/smb.conf
:set nu
74 workgroup = CSLCBT
75 server string = Samba server
77 netbios name = file server ;remove comment ";"
80 hosts allow = 127. 192.168.1. ; netowrk ID
101 security = share
# write down as following share
290 [software] ; share display name
291 comment = official software ; share comment
292 path = /backup/software ; share path
293 writable = yes ; user write access
294 printable = no ; user print access
295 public = yes ; access for everyone
296
297 [resource]
298 comment = official resource
299 path = /root/backup/resource
300 writable = yes
301 printable = no
302 public = yes
303
304 [project]
305 comment = project info
306 path = /backup/project
307 writable = yes
308 printable = no
[root@mail /]# service smb restart
Shutting down SMB services: [FAILED]
Starting SMB services: [ OK ]
[root@mail /]# service nmb restart
Shutting down NMB services: [FAILED]
Starting NMB services: [ OK ]
[root@mail /]# service iptables stop
[root@mail /]# setenforce 0
[root@mail /]# chkconfig smb on
[root@mail /]# chkconfig nmb on
[root@mail /]# testparm
Browse from Windows PC:
-----------------------
=> ping 192.168.1.X
=> Start menu => run => \\192.168.1.x
####################################################################################
Create a Fully accessed Shared Folder
[1] Configure Samba.
[root@smb ~]# yum -y install samba4 samba4-client
[root@smb ~]# mkdir /home/share
[root@smb ~]# chmod 777 /home/share
[root@smb ~]# vi /etc/samba/smb.conf
# near line 66: add follows
unix charset = UTF-8
# line 87: change (Windows' default)
workgroup = WORKGROUP
# line 93: uncomment and change IP address you allow
hosts allow = 127. 10.0.0.
# line 120: change (no auth)
security = user
passdb backend = tdbsam
map to guest = Bad User
# add follows to the end
[Share]
# any name you like
path = /home/share # shared directory
writable = yes # writable
guest ok = yes # guest OK
guest only = yes # guest only
create mode = 0777 # fully accessed
directory mode = 0777 # fully accessed
[root@smb ~]# /etc/rc.d/init.d/smb start
[root@smb ~]# /etc/rc.d/init.d/nmb start
[root@smb ~]# chkconfig smb on
[root@smb ~]# chkconfig nmb on
[2] If IPTables is running, allow Samba ports.
For "-I INPUT 5" section below, Replace it to your own environment.
[root@smb ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m multiport --dports 139,445 -j ACCEPT
[root@smb ~]# iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT
[3] If SELinux is enabled, change SELinux context.
[root@smb ~]# setsebool -P samba_enable_home_dirs on
[root@smb ~]# restorecon -R /home/share
[4] It's the way to access to the shared directory from Windows clients. This example is on Windows 10.
Select [My Computer] - [Map Network Drive].
-------------------------------------------
Create a Limited Shared Folder
[root@smb ~]# yum -y install samba4 samba4-client
[root@smb ~]# groupadd security
[root@smb ~]# mkdir /home/security
[root@smb ~]# chgrp security /home/security
[root@smb ~]# chmod 770 /home/security
[root@smb ~]# vi /etc/samba/smb.conf
# near line 66: add follows
unix charset = UTF-8
# line 87: change (Windows' default)
workgroup = WORKGROUP
# line 93: uncomment and change IP address you allow
hosts allow = 127. 10.0.0.
# add follows to the end
[Security]
# any name you like
path = /home/security
writable = yes
create mode = 0770
directory mode = 0770
guest ok = no
# guest not allowed
valid users = @security
# allow only security group
[root@smb ~]# /etc/rc.d/init.d/smb start
[root@smb ~]# /etc/rc.d/init.d/nmb start
[root@smb ~]# chkconfig smb on
[root@smb ~]# chkconfig nmb on
# add a user for Samba
[root@smb ~]# smbpasswd -a cent
New SMB password: # set password
Retype new SMB password:
Added user cent.
[root@smb ~]# usermod -G security cent
---------------------------------------------------------x---------------------------------------------------------
Install Samba on CentOS 6.5 http://lintut.com/easy-samba-server-installation-on-centos-6-5/
To install the samba package,enter the following command:
# yum install samba samba-client samba-common
Check the version of installed samba software by using this command:
# smbd --version
Check Samba version
Configure the samba service, so that, it will start automatically at boot time:
# chkconfig smb on # chkconfig nmb on
Add these Iptables rules, so that samba will work perfectly:
# iptables -I INPUT 4 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT # iptables -I INPUT 5 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT # iptables -I INPUT 6 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT # service iptables save
Backup the smb.conf file, then delete it and create the new one:
# cp /etc/samba/smb.conf /etc/samba/smb.conf.bak # rm /etc/samba/smb.conf # touch /etc/samba/smb.conf # nano /etc/samba/smb.conf
Add these lines, in your smb.conf file (or change it according to your requirement):
#======================= Global Settings ===================================== [global] workgroup = WORKGROUP security = share map to guest = bad user #============================ Share Definitions ============================== [MyShare] path = /home/samba/share browsable =yes writable = yes guest ok = yes read only = no
Save the smb.conf file and restart the service:
# service smb restart # service nmb restart
Change permission for samba share:
# chmod -R 0777 /home/samba/share
Access the samba share from windows (where 192.168.1.15 ip address of my samba server):
Access to Samba share
Add and manage Samba users and groups
Add a group in your CentOS server:
# useradd smbuser # groupadd smbgrp # usermod -a -G smbgrp smbuser # smbpasswd -a smbuser
Create a new share, set the permission on the share:
# cd /home/samba/ # mkdir secure # chown -R smbuser:smbgrp secure/ # chmod -R 0770 secure/
Edit the smb.conf file:
# vi /etc/samba/smb.conf
Add the newly created samba share in smb.conf file:
[Secure] path = /home/samba/secure valid users = @smbgrp guest ok = no writable = yes browsable = yes
Create new samba share
Restart the samba service:
# service smb restart # service nmb restart
Check the syntax error with testparm:
# testparm
Testing from Windows Machine:
Test samba sharing
------------------
tututut