Installation environment: centos6.5 iptables to enselinux: enforcing
1. Installation
Yum-y install samba
2. configuration document
Vim/etc/samba/smb. conf
[Global] # global variable settings
Workgroup = workgroup
Server String = Samba server version % v
Security = share # security level: anonymous sharing, user authentication, Domain)
Log File =/var/log/samba/log. % m
Max log size = 50
Load printers = No
Idmap config *: backend = TDB
Hosts allow = 127. 192.168.1. # Set the allowed access range
Cups Options = raw
Browseable = No # list shared directories (no indicates not to list, Yes indicates to list)
[Share] # Set Environment Variables
Comment = public share
Path =/share # Set the shared directory
Guest OK = Yes
Browseable = Yes
If the security level set in the global variables above is user, you need to set network users. The following lists the simplest verification methods:
Add a new
Useradd pop # Add User pop
Su pop # Switch to pop user
Smbpasswd # Set the pop SMB access password. This password is not your boarding password and is only used for Samba access verification.
Add an item to the environment variable.
Invalid users = pop
3. Configure the security environment
3.1 set the firewall. Samba uses ports 445 and 139.
Iptables-A input-s 0/0-I eth0-P TCP -- destination-port 445-J acept #0/0 can be modified to the desired network segment, for example: 192.168.1.1/24
Iptables-A input-s 0/0-I eth0-P TCP -- destination-port 139-J acept
3.2 set SELinux
Chcon-T samba_share_t-r/share # parameter description:-T is used to add rules and-R is recursively modified. In addition, it should be noted that-R must be kept in front of the directory.
install centos samba