Linux Samba Share

Samba is an open source, and free software suite that provides file and print services to the SMB/CIFS clients. It allows us to share files, folders, and printers between Linux server and Windows clients. Using Samba, we can setup a domain controller on Unix/Linux server, and integrate the Windows clients to the Domain controller.

01. Installing Samba :

Install this packages on Server ( I’m using CentOS 7.3 )

yum -y install samba samba-client cifs-utils

Install this packages on Clients

yum -y install samba-client cifs-utils
02. Run samba service :

The services needed is called smb

systemctl enable smb
systemctl start smb
systemctl status smb
03. Open Firewall port :
firewall-cmd --permanent --add-service=samba
firewall-cmd --reload
04. Samba Configuration :

The main configuration file is /etc/samba/smb.conf

The Global section is the global configuration that samba use to provide files and printers sharing, let’s see it.

vim /etc/samba/smb.conf

[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw

The most important option is security = user
It means that a valid user is required to be able to mount the shared files, other security levels like :
security = domain , if samba server is joined a domain.
security = ADS , if samba server is joined microsoft AD.

To create a valid users to be used with samba shares, you must create a user in your system, then use it with samba ,
Let’s add a user named test using normal user-add command with smb password ‘test’ using smbpasswd -a user command , use pdbedit -L to list smb enabled users.

[root@server01 ~]# useradd  test
[root@server01 ~]# smbpasswd -a test
New SMB password:
Retype new SMB password:
Added user test.
[root@server01 ~]# pdbedit -L
test:1001:
[root@server01 ~]#

you can add many users as you need .
To list current samba sharing using user test and provide the password from a client (server IP: 192.168.1.4):

[root@server01 ~]# smbclient -L 192.168.1.4 -U test
Enter test's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

    Sharename       Type      Comment
    ---------       ----      -------
    print$          Disk      Printer Drivers
    IPC$            IPC       IPC Service (Samba 4.4.4)
    test            Disk      Home Directories
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

    Server               Comment
    ---------            -------
    SERVER01             Samba 4.4.4

    Workgroup            Master
    ---------            -------
    SAMBA                
[root@server01 ~]#

Nice , it is listing the default sharing , Now let’s share and mount our own files.

05. Sharing a directory :

Create a directory

mkdir /mysamba

Correcting SELinux type to samba_share_t

semanage fcontext -a -t samba_share_t "/mysamba(/.*)?"
restorecon -Rv /mysamba

Set appropriate permissions for all users

chmod o+rwx /mysamba

Create share configuration in /etc/samba/smb.conf

vim /etc/samba/smb.conf

and append the following

[test]
        comment = My Testing share
        path = /mysamba
        writable = yes

[test] is the share name that we will use to mount.
comment is just a comment message, not required.
path is the path to directory that we want to share.
writable is specifying the ability to write with yes/no value.
writable = yes  is the same as read only = no .

To allow writing to only specific users or groups append this line (change user , group with real names ) :

write list = user  to allow write to one user
write list = @group to allow write to one group
write list = user1,@groupX,user2,user3,@groupY  to specify many users and groups separated by comma .

Test our configuration in smb.conf file for errors using testparam , it will list errors or ask to press ENTER to list current shares

[root@server01 ~]# testparm

No error , nice , let’s test it from a client and mount it.

List allowed shares using: smbclient -L SERVER-IP-OR-Name -U SMB-USER

[root@server02 ~]# smbclient -L 192.168.1.4 -U test
Enter test's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

    Sharename       Type      Comment
    ---------       ----      -------
    print$          Disk      Printer Drivers
    test            Disk      My Testing share
    IPC$            IPC       IPC Service (Samba 4.4.4)
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

    Server               Comment
    ---------            -------
    SERVER01             Samba 4.4.4

    Workgroup            Master
    ---------            -------
    SAMBA                
[root@server02 ~]#
06. Mounting a shared directory :

Now we see our test sharing , let’s mount it

[root@server02 ~]# mount -o user=test //192.168.1.4/test /mnt/
Password for test@//192.168.1.4/test:  ****
[root@server02 ~]# touch /mnt/client
[root@server02 ~]# ls /mnt/
client
[root@server02 ~]#

That is good , let’s mount it automatically using fstab file.

vim /etc/fstab

append this, then save and exit /etc/fstab file:

//192.168.1.4/test      /mnt/   cifs    user=test,password=test 0 0

unmount the old one , and test fstab mounts:

[root@server02 ~]# umount /mnt/
[root@server02 ~]# mount -a
[root@server02 ~]# mount | grep cifs
//192.168.1.4/test on /mnt type cifs (rw,relatime,vers=1.0,cache=strict,username=test,domain=SERVER01,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.4,unix,posixpaths,serverino,mapposix,acl,rsize=1048576,wsize=65536,echo_interval=60,actimeo=1)
[root@server02 ~]# ls /mnt/
client
[root@server02 ~]#

Awesome , now you can add your own shared directories, and you can mount it easily to Microsoft Windows .

That is it, i hope it was simple , thanks for joining me.
Enjoy !.

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s