Install and configure Samba in CentOS 7
This Guide describes how to configure anonymous and secure Samba servers in CentOS7. Samba is an open-source/free software suite that provides seamless file and print services for SMB/CIFS clients. samba is free of charge. Unlike other SMB/CIFS implementations, Samba allows collaboration between Linux/Unix servers and Windows clients,
I have a newly installed CentOS7 server. This is the machine that I want to install the Samba server. Of course, you need a windows machine to check whether the CentOS7 server is accessible.
My CentOS7 server host name: server1.example.com, IP: 192.168.0.100
Note: The Windows machine and CentOS7 must be in the same working group. You can use the following command to check:
netconfigworkstation
To ensure that windows machines can process similar accesses in the window. Add the Server IP address to the terminal:
notepadC:\Windows\System32\drivers\etc\hosts
In my example, it is saved as follows:
[...]
192.168.0.100 server1.example.com centos
First, I will explain how to install Samba and anonymous sharing. Install Samba
yum
install
sambasamba-clientsamba-common
After installation, back up an original Samba configuration file:
1
mv
/etc/samba/smb
.conf
/etc/samba/smb
.conf.bak
Then, create the conf file:
vi
/etc/samba/smb
.conf
[global]
workgroup=WORKGROUP
serverstring=SambaServer%
v
netbiosname=centos
security=user
maptoguest=baduser
dnsproxy=no
#============================ShareDefinitions==============================
[Anonymous]
path=
/samba/anonymous
browsable=
yes
writable=
yes
guestok=
yes
read
only=no
:wq
# Save and exit
mkdir
-p
/samba/anonymous
systemctl
enable
smb.service
systemctl
enable
nmb.service
systemctlrestartsmb.service
systemctlrestartnmb.service
The following CentOs7 firewall cmd will block Samba access. To get rid of this, we run:
[root@server1~]
#firewall-cmd--permanent--zone=public--add-service=samba
success
[root@server1~]
#
[root@server1~]
#firewall-cmd--reload
success
[root@server1~]
#
Now you can access the shared file CentOS7 in Windows. In the command prompt line, enter:
\\centos
The following is the folder you browse. If you try to create a file, you will get an error message with no permissions,
Check the permission of the Shared Folder:
ls
-l
Drwxr-xr-x. 2 root 6 Jul 17 13:41 anonymous
[Root @ server1 samba] #
The following gives anonymous users a permission:
cd
/samba
chmod
-R0755anonymous/
chown
-Rnobody:nobodyanonymous/
ls
-lanonymous/
Total 0
Drwxr-xr-x. 2 nobody 6 Jul 17 13:41 anonymous
[Root @ server1 samba] #
Further, we need to configure Selinux
chcon-tsamba_share_tanonymous/
Now we can browse and create files.
View on the server:
ls
-lanonymous/
Total 0
-Rwxr -- r --. 1 nobody 0 Jul 17 16:05 anonymous.txt
[Root @ server1 samba] #
For this purpose, I created a group: smbgrp and user srijan to access the Samba server through authentication.
groupaddsmbgrp
useradd
srijan-Gsmbgrp
smbpasswd-asrijan
[root@server1samba]
#smbpasswd-asrijan
NewSMBpassword:<--yoursambapasswordRetypenewSMBpassword:<--yoursambapasswordAddedusersrijan.
[root@server1samba]
#
Create a folder Secured in the Samba folder and grant the following permissions:
mkdir
-p
/samba/secured
Similarly, we allow Selinux to listen:
cd
/samba
chmod
-R0777secured/
chcon-tsamba_share_tsecured/
Edit the configuration file again:
vi
/etc/samba/smb
.conf
[...]
[secured]
path=
/samba/secured
valid
users
=@smbgrp
guestok=no
writable=
yes
browsable=
yes
systemctlrestartsmb.service
systemctlrestartnmb.service
Test as follows:
testparm
[root@server1samba]
#testparm
Loadsmbconfigfilesfrom
/etc/samba/smb
.conf
rlimit_max:increasingrlimit_max(1024)tominimumWindowslimit(16384)
Processingsection
"[Anonymous]"
Processingsection
"[secured]"
Loadedservices
file
OK.
Serverrole:ROLE_STANDALONE
Pressentertoseeadumpofyourservicedefinitions<--ENTER[global]
netbiosname=CENTOS
serverstring=SambaServer%
v
maptoguest=BadUser
dnsproxy=No
idmapconfig*:backend=tdb
[Anonymous]
path=
/samba/anonymous
read
only=No
guestok=Yes
[secured]
path=
/samba/secured
valid
users
=@smbgrp
read
only=No
[root@server1samba]
#
Now, you can use the corresponding creden。 on a windows machine to view folders.
Your User srijan is also facing the write permission issue. Let's give the permission:
cd
/samba
chown
-Rsrijan:smbgrpsecured/
Now Samba users have the write permission in the shared directory.
Note:
If your chcon command fails, try the following method:
chcon-hsystem_u:object_r:forderA
/path/to/B