Install and configure Samba in CentOS 7

Install and configure Samba in CentOS 7

This Guide describes how to configure anonymous and secure Samba servers in CentOS7. Samba is an open-source/free software suite that provides seamless file and print services for SMB/CIFS clients. samba is free of charge. Unlike other SMB/CIFS implementations, Samba allows collaboration between Linux/Unix servers and Windows clients,

• Preliminary description

I have a newly installed CentOS7 server. This is the machine that I want to install the Samba server. Of course, you need a windows machine to check whether the CentOS7 server is accessible.

My CentOS7 server host name: server1.example.com, IP: 192.168.0.100

Note: The Windows machine and CentOS7 must be in the same working group. You can use the following command to check:

netconfigworkstation

To ensure that windows machines can process similar accesses in the window. Add the Server IP address to the terminal:

notepadC:\Windows\System32\drivers\etc\hosts

In my example, it is saved as follows:

[...] 192.168.0.100 server1.example.com centos

• Samba anonymous sharing

First, I will explain how to install Samba and anonymous sharing. Install Samba

yum install sambasamba-clientsamba-common

After installation, back up an original Samba configuration file:

1 mv /etc/samba/smb .conf /etc/samba/smb .conf.bak

Then, create the conf file:

vi /etc/samba/smb .conf [global] workgroup=WORKGROUP serverstring=SambaServer% v netbiosname=centos security=user maptoguest=baduser dnsproxy=no #============================ShareDefinitions============================== [Anonymous] path= /samba/anonymous browsable= yes writable= yes guestok= yes read only=no :wq # Save and exit mkdir -p /samba/anonymous systemctl enable smb.service systemctl enable nmb.service systemctlrestartsmb.service systemctlrestartnmb.service

The following CentOs7 firewall cmd will block Samba access. To get rid of this, we run:

[root@server1~] #firewall-cmd--permanent--zone=public--add-service=samba success [root@server1~] # [root@server1~] #firewall-cmd--reload success [root@server1~] #

Now you can access the shared file CentOS7 in Windows. In the command prompt line, enter:

\\centos

The following is the folder you browse. If you try to create a file, you will get an error message with no permissions,

Check the permission of the Shared Folder:

ls -l

Drwxr-xr-x. 2 root 6 Jul 17 13:41 anonymous
[Root @ server1 samba] #

The following gives anonymous users a permission:

cd /samba chmod -R0755anonymous/ chown -Rnobody:nobodyanonymous/ ls -lanonymous/

Total 0
Drwxr-xr-x. 2 nobody 6 Jul 17 13:41 anonymous
[Root @ server1 samba] #

Further, we need to configure Selinux

chcon-tsamba_share_tanonymous/

Now we can browse and create files.

View on the server:

ls -lanonymous/

Total 0
-Rwxr -- r --. 1 nobody 0 Jul 17 16:05 anonymous.txt
[Root @ server1 samba] #

• Secure Samba Server

For this purpose, I created a group: smbgrp and user srijan to access the Samba server through authentication.

groupaddsmbgrp useradd srijan-Gsmbgrp smbpasswd-asrijan [root@server1samba] #smbpasswd-asrijan NewSMBpassword:<--yoursambapasswordRetypenewSMBpassword:<--yoursambapasswordAddedusersrijan. [root@server1samba] #

Create a folder Secured in the Samba folder and grant the following permissions:

mkdir -p /samba/secured

Similarly, we allow Selinux to listen:

cd /samba chmod -R0777secured/ chcon-tsamba_share_tsecured/

Edit the configuration file again:

vi /etc/samba/smb .conf [...] [secured] path= /samba/secured valid users =@smbgrp guestok=no writable= yes browsable= yes systemctlrestartsmb.service systemctlrestartnmb.service

Test as follows:

testparm [root@server1samba] #testparm Loadsmbconfigfilesfrom /etc/samba/smb .conf rlimit_max:increasingrlimit_max(1024)tominimumWindowslimit(16384) Processingsection "[Anonymous]" Processingsection "[secured]" Loadedservices file OK. Serverrole:ROLE_STANDALONE Pressentertoseeadumpofyourservicedefinitions<--ENTER[global] netbiosname=CENTOS serverstring=SambaServer% v maptoguest=BadUser dnsproxy=No idmapconfig*:backend=tdb [Anonymous] path= /samba/anonymous read only=No guestok=Yes [secured] path= /samba/secured valid users =@smbgrp read only=No [root@server1samba] #

Now, you can use the corresponding creden。 on a windows machine to view folders.

Your User srijan is also facing the write permission issue. Let's give the permission:

cd /samba chown -Rsrijan:smbgrpsecured/

Now Samba users have the write permission in the shared directory.

Note:

If your chcon command fails, try the following method:

chcon-hsystem_u:object_r:forderA /path/to/B