The red part is the key modification. After installing the following configuration, you can create a samba shared directory without a username or password. This directory owner attribute should be set to the nobody user and its corresponding group.
# This is the main Samba configuration file. You shoshould read
# Smb. conf (5) manual page in order to understand the options listed
# Here. Samba has a huge number of retriable options (perhaps too
# Success !) Most of which are not shown in this example
#
# For a step to Step Guide on installing, logging ing and using Samba,
# Read the samba-howto-collection. This may be obtained from:
# Http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# Define working examples of smb. conf files can be found in
# Samba-guide which is generated daily and can be downloaded from:
# Http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# Any line which starts with a; (semi-colon) or a # (hash)
# Is a comment and is ignored. In this example we will use #
# For commentry and a; for parts of the config file that you
# May wish to enable
#
# Note: Whenever you modify this file you should run the command "testparm"
# To check that you have not made any basic syntactic errors.
#
#---------------
# SELinux notes:
#
# If you want to use the useradd/groupadd family of binaries please run:
# Setsebool-P samba_domain_controller on
#
# If you want to share home directories via Samba please run:
# Setsebool-P samba_enable_home_dirs on
#
# If you create a new directory you want to share you shoshould mark it
# "Samba-share_t" so that SELinux will let you write into it.
# Make sure not to do that on System directories as they may already have
# Been marked with othe SELinux labels.
#
# Use LS-LDz/path to see which context a directory has
#
# Set labels only on directories you created!
# To set a label use the following: chcon-T samba_t _t/path
#
# If you need to share a system Created directory you can use one of
# Following (read-only/read-write ):
# Setsebool-P samba_export_all_ro on
# Or
# Setsebool-P samba_export_all_rw on
#
# If you want to run scripts (preexec/root prexec/print command/...) Please
# Put them into the/var/lib/samba/scripts directory so that smbd will be
# Allowed to run them.
# Make sure you copy them and not move them so that the right SELinux Context
# Is applied, to check all is OK use restorecon-r-V/var/lib/samba/scripts
#
#--------------
#
#====================================== Global settings ==================== ======================================
[Global]
# ----------------------- Netwrok related options -------------------------
#
# Workgroup = Nt-Domain-Name or workgroup-name, eg: midearth
#
# Server String is the equivalent of the NT Description field
#
# NetBIOS name can be used to specify a server name not tied to the hostname
#
# Interfaces lets you configure Samba to use multiple interfaces
# If you have multiple network interfaces then you can list the ones
# You want to listen on (never omit localhost)
#
# Hosts allow/hosts deny lets you restrict who can connect, and you can
# Specifiy it as a per share option as well
#
Workgroup = linuxsmb
Server String = Samba server version % v
NetBIOS name = myserver
; Interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
; Hosts allow = 127. 192.168.12. 192.168.13.
# --------------------------- Logging options -----------------------------
#
# Log file let you specify where to put logs and how to split them up.
#
# Max Log Size let you specify the max size log files shocould reach
# Logs split per machine
; Log file =/var/log/samba/% m. Log
# Max 50kb per log file, then rotate
; Max log size = 50
# ----------------------- Standalone server options ------------------------
#
# Scurity can be set to user, share (Deprecated) or server (Deprecated)
#
# Backend to store user information in. New Installations shold
# Use either tdbsam or ldapsam. smbpasswd is available for backwards
# Compatibility. tdbsam requires no further configuration.
Security = Share
# SECURITY = user
# Passdb backend = tdbsam
# ----------------------- domain members options --------------------
#< br> # security must be set to domain or ads
#< br> # Use the realm option only with security = ads
# specifies the Active Directory realm the host is part of
# backend to store user information in. new Installations shocould
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
# use password server option only with security = server or if you can't
# Use the DNS to locate domain controllers
# the argument list may include:
# password Server = my_pdc_name [my_bdc_name] [my_next_bdc_name]
# Or to auto-locate the domain controller/S
# password Server = *
; security = domain
; passdb backend = tdbsam
; realm = my_realm
; Password Server = <NT-server-Name>
# ----------------------- Domain Controller options ------------------------
#
# Security must be set to user for Domain Controllers
#
# Backend to store user information in. New Installations shold
# Use either tdbsam or ldapsam. smbpasswd is available for backwards
# Compatibility. tdbsam requires no further configuration.
#
# Domain Master specifies Samba to be the domain master browser. This
# Allows Samba to collate browse lists between subnets. Don't use this
# If you already have a Windows NT domain controller doing this job
#
# Domain logons let Samba be a domain logon server for Windows workstations.
#
# Logon scrpit let yuou specify a script to be run at login time on the client
# You need to provide it in a share called netlogon
#
# Logon path let you specify where user profiles are stored (UNC path)
#
# Various scripts can be used on a domain controller or stand-alone
# Machine to add or delete corresponding UNIX accounts
#
; Security = user
; Passdb backend = tdbsam
; Domain Master = Yes
; Domain logons = Yes
# The login script name depends on the machine name
; Logon script = % m. bat
# The login script name depends on the Unix user used
; Logon script = % u. bat
; Logon path =\\ % L \ profiles \ % u
# Disables profiles support by specifing an empty path
; Logon Path =
; Add User script =/usr/sbin/useradd "% u"-n-g users
; Add group script =/usr/sbin/groupadd "% G"
; Add machine script =/usr/sbin/useradd-n-C "workstation (% u)"-m-D/nohome-S/bin/false "% u"
; Delete user script =/usr/sbin/userdel "% u"
; Delete user from group script =/usr/sbin/userdel "% u" "% G"
; Delete Group script =/usr/sbin/groupdel "% G"
# ----------------------- Browser control options ----------------------------
#
# Set local master to no if you don't want Samba to become a master
# Browser on your network. Otherwise the normal election rules apply
#
# OS level determines the precedence of this server in master browser
# Elections. The default value shocould be reasonable
#
# Preferred master causes Samba to force a local browser election on startup
# And gives it a slightly higher chance of winning the election
; Local Master = No
; OS level = 33
; Preferred master = Yes
# ----------------------------- Name resolution -------------------------------
# Windows Internet name serving Support Section:
# Note: Samba can be either a WINS server, or a WINS client, but not both
#
#-Wins support: tells the nmbd component of Samba to enable it's WINS Server
#
#-WINS server: tells the nmbd components of Samba to be a wins Client
#
#-Wins Proxy: tells Samba to answer name resolution queries on
# Behalf Of a non wins capable client, for this to work there must be
# At least one WINS server on the network. The default is no.
#
# DNS proxy-tells Samba whether or not to try to resolve NetBIOS names
# Via DNS nslookups.
; Wins support = Yes
; WINS Server = W. x. y. Z
; Wins proxy = Yes
; DNS proxy = Yes
# --------------------------- Printing options -----------------------------
#
# Load printers let you load automatically the list of printers rather
# Than setting them up individually
#
# Cups options let you pass the cups libs custom options, setting it to raw
# For example will let you use drivers on your Windows clients
#
# Printcap name let you specify an alternative printcap File
#
# You can choose a non default printing system using the printing option
Load printers = Yes
Cups Options = raw
; Printcap name =/etc/printcap
# Obtain list of printers automatically on systemv
; Printcap name = lpstat
; Printing = cups
# --------------------------- Filesystem options ---------------------------
#
# The following options can be uncommented if the filesystem supports
# Extended attributes and they are enabled (usually by the Mount Option
# User_xattr). thess options will let the admin store the DOS attributes
# In An EA and make Samba not mess with the permission bits.
#
# Note: These options can also be set just per share, setting them in global
# Makes them the default for all shares
; Map Archive = No
; Map hidden = No
; Map read only = No
; Map System = No
; Store dos attributes = Yes
#============================ Share definitions ========== ==================================
[Homes]
Comment = Home Directories
Browseable = No
Writable = Yes
; Valid users = % s
; Valid users = mydomain \ % s
[Printers]
Comment = all printers
Path =/var/spool/samba
Browseable = No
Guest OK = No
Writable = No
Printable = Yes
# Un-comment the following and create the netlogon directory for domain logons
; [Netlogon]
; Comment = network logon service
; Path =/var/lib/samba/netlogon
; Guest OK = Yes
; Writable = No
; Share modes = No
# Un-comment the following to provide a specific roving profile share
# The default is to use the user's home directory
; [Profiles]
; Path =/var/lib/samba/profiles
; Browseable = No
; Guest OK = Yes
# A publicly accessible directory, but read only, cannot t for people in
# The "staff" group
; [Public]
; Comment = Public stuff
; Path =/home/samba
; Public = Yes
; Writable = Yes
; Printable = No
; Write list = + staff
[Pub]
Path =/pub
Browseable = Yes
Writeable = Yes
Guest OK = Yes