samba

centos-6

  SAMBA Server  (File Server)

  ---------------------------------

   => Linux/UNIX to Windows File share

   => Use CIFS file system

   

    Package Name: samba, nmb

    Daemon: smb, nmbd

    port: 445

    Protocol: TCP

    Configuration File: /etc/samba/smb.conf

    

  Setp 01: (RPM installation)

 ----------

  [root@mail Desktop]# rpm -qa | grep samba

  [root@mail Desktop]# yum install samba* -y

  [root@mail Desktop]# rpm -qa | grep samba

samba-winbind-clients-3.5.10-125.el6.i686

samba-client-3.5.10-125.el6.i686

samba-common-3.5.10-125.el6.i686

samba-winbind-3.5.10-125.el6.i686

samba-3.5.10-125.el6.i686                ;main RPM

samba4-libs-4.0.0-23.alpha11.el6.i686

 Step 02: directory create and content ready

 --------------------------------------------

[root@mail /]# mkdir /backup

[root@mail /]# cd /backup

[root@mail backup]# mkdir resource software project

[root@mail backup]# ll

project  resource  software

[root@mail backup]# cd project/

[root@mail project]# ls                         

[root@mail project]# touch project1 project2 project3

[root@mail project]# cd ..

[root@mail backup]# ls

project  resource  software

[root@mail backup]# cd resource/

[root@mail resource]# ls

[root@mail resource]# touch cv profile documents 

[root@mail resource]# cd ..

[root@mail backup]# ls

project  resource  software

[root@mail backup]# cd software/

[root@mail software]# ls

[root@mail software]# touch abc.doc vlc.exe office.exe

[root@mail resource]# ls

[root@mail resource]# cd /

 step 03: file permission setup

 --------------------------------

 [root@mail /]# cd /

 [root@mail /]# chmod 1777 backup -R        ; here "1" sticky bit

 [root@mail /]# ls -l backup/

 drwxrwxrwt 2 root root 4096 Nov 13 14:09 project 

 drwxrwxrwt 2 root root 4096 Nov 13 14:09 resource

 drwxrwxrwt 2 root root 4096 Nov 13 14:09 software

  note: for 1 added "t" end the permission filed

Note: here "t" (user cannot remove any content, while full permission)

 

 => here -R used for full directory content of "backup"

 step 03: server configure

 -------

 [root@mail /]# vi /etc/samba/smb.conf

 :set nu

     74        workgroup = CSLCBT

     75        server string = Samba server

     77        netbios name = file server     ;remove comment ";"

     80        hosts allow = 127. 192.168.1. ; netowrk ID

     101       security = share          

   

  # write down as following share

    290          [software]                  ; share display name

    291          comment = official software  ; share comment

    292          path = /backup/software      ; share path

    293          writable = yes               ; user write access

    294          printable = no               ; user print access

    295          public = yes               ; access for everyone

    296  

    297         [resource]

    298          comment = official resource

    299          path = /root/backup/resource

    300          writable = yes

    301          printable = no

    302          public = yes

    303  

    304         [project]

    305          comment = project info

    306          path = /backup/project

    307          writable = yes

    308          printable =  no

[root@mail /]# service smb restart

Shutting down SMB services:                       [FAILED]

Starting SMB services:                            [  OK  ]

[root@mail /]# service nmb restart

Shutting down NMB services:                       [FAILED]

Starting NMB services:                            [  OK  ]

[root@mail /]# service iptables stop

[root@mail /]# setenforce 0

[root@mail /]# chkconfig smb on

[root@mail /]# chkconfig nmb on

[root@mail /]# testparm

 Browse from Windows PC:

-----------------------

 => ping 192.168.1.X 

 => Start menu => run => \\192.168.1.x

####################################################################################

Create a Fully accessed Shared Folder

[1]     Configure Samba.

[root@smb ~]# yum -y install samba4 samba4-client

[root@smb ~]# mkdir /home/share

[root@smb ~]# chmod 777 /home/share

[root@smb ~]# vi /etc/samba/smb.conf

# near line 66: add follows

unix charset = UTF-8

# line 87: change (Windows' default)

workgroup = WORKGROUP

# line 93: uncomment and change IP address you allow

hosts allow = 127. 10.0.0.

# line 120: change (no auth)

security = user

passdb backend = tdbsam

map to guest = Bad User

# add follows to the end

[Share]

# any name you like

path = /home/share         # shared directory

writable = yes                    # writable

guest ok = yes                   # guest OK

guest only = yes                 # guest only

create mode = 0777            # fully accessed

directory mode = 0777       # fully accessed

[root@smb ~]# /etc/rc.d/init.d/smb start

[root@smb ~]# /etc/rc.d/init.d/nmb start

[root@smb ~]# chkconfig smb on

[root@smb ~]# chkconfig nmb on

[2]     If IPTables is running, allow Samba ports.

For "-I INPUT 5" section below, Replace it to your own environment.

[root@smb ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m multiport --dports 139,445 -j ACCEPT

[root@smb ~]# iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT

[3]     If SELinux is enabled, change SELinux context.

[root@smb ~]# setsebool -P samba_enable_home_dirs on

[root@smb ~]# restorecon -R /home/share

[4]     It's the way to access to the shared directory from Windows clients. This example is on Windows 10.

Select [My Computer] - [Map Network Drive].

                                      -------------------------------------------

Create a Limited Shared Folder

 [root@smb ~]# yum -y install samba4 samba4-client

[root@smb ~]# groupadd security

[root@smb ~]# mkdir /home/security

[root@smb ~]# chgrp security /home/security

[root@smb ~]# chmod 770 /home/security

[root@smb ~]# vi /etc/samba/smb.conf

# near line 66: add follows

unix charset = UTF-8

# line 87: change (Windows' default)

workgroup = WORKGROUP

# line 93: uncomment and change IP address you allow

hosts allow = 127. 10.0.0.

# add follows to the end

[Security]

# any name you like

    path = /home/security

    writable = yes

    create mode = 0770

    directory mode = 0770

    guest ok = no

# guest not allowed

    valid users = @security

# allow only security group

[root@smb ~]# /etc/rc.d/init.d/smb start

[root@smb ~]# /etc/rc.d/init.d/nmb start

[root@smb ~]# chkconfig smb on

[root@smb ~]# chkconfig nmb on

# add a user for Samba

[root@smb ~]# smbpasswd -a cent

New SMB password:     # set password

Retype new SMB password:

Added user cent.

[root@smb ~]# usermod -G security cent

 ---------------------------------------------------------x---------------------------------------------------------

Install Samba on CentOS 6.5                                                                          http://lintut.com/easy-samba-server-installation-on-centos-6-5/

To install the samba package,enter the following command:

# yum install samba samba-client samba-common

Check the version of installed samba software by using this command:

# smbd --version

Check Samba version

Configure the samba service, so that, it will start automatically at boot time:

# chkconfig smb on # chkconfig nmb on

Add these Iptables rules, so that samba will work perfectly:

# iptables -I INPUT 4 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT # iptables -I INPUT 5 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT # iptables -I INPUT 6 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT # service iptables save

Backup the smb.conf file, then delete it and create the new one:

# cp /etc/samba/smb.conf /etc/samba/smb.conf.bak # rm /etc/samba/smb.conf # touch /etc/samba/smb.conf # nano /etc/samba/smb.conf

Add these lines, in your smb.conf file (or change it according to your requirement):

#======================= Global Settings ===================================== [global] workgroup = WORKGROUP security = share map to guest = bad user #============================ Share Definitions ============================== [MyShare] path = /home/samba/share browsable =yes writable = yes guest ok = yes read only = no

Save the smb.conf file and restart the service:

# service smb restart # service nmb restart

Change permission for samba share:

# chmod -R 0777 /home/samba/share

Access the samba share from windows (where 192.168.1.15 ip address of my samba server):

Access to Samba share

Add and manage Samba users and groups

Add a group in your CentOS server:

# useradd smbuser # groupadd smbgrp # usermod -a -G smbgrp smbuser # smbpasswd -a smbuser

Create a new share, set the permission on the share:

# cd /home/samba/ # mkdir secure # chown -R smbuser:smbgrp secure/ # chmod -R 0770 secure/

Edit the smb.conf file:

# vi /etc/samba/smb.conf

Add the newly created samba share in smb.conf file:

[Secure] path = /home/samba/secure valid users = @smbgrp guest ok = no writable = yes browsable = yes

Create new samba share

Restart the samba service:

# service smb restart # service nmb restart

Check the syntax error with testparm:

# testparm

Testing from Windows Machine:

Test samba sharing

------------------

tututut