Nowadays, sharing folders between different computers at home or in the office is nothing new. Under this trend, modern operating systems use network file systems to make data exchange between computers simple and transparent. If you work in both Windows and Linux environments, you can share files and directories through a cross-platform network file sharing protocol: SMB/CIFS. Windows native supports SMB/CIFS. Linux also implements the SMB/CIFS protocol through the open-source software Samba.
In this article, we will show you how to use Samba to share folders. The Linux platform we use is Fedora or CentOS. This article is divided into four parts. First, install Samba in the Fedora/CentOS environment. Next, we will discuss how to adjust SELinux and firewall configurations to allow Samba file sharing. Finally, we will introduce how to use Samba to share folders.
Step 1: install Samba on Fedora and CentOS
First, install Samba and perform some basic configurations.
Check whether Samba is installed on your system:
$ Rpm-q samba-common samba-client
If the preceding command has no output, this means Samba is not installed. In this case, use the following command to install Samba.
$ Sudo yum install samba-common samba-client
Next, create a local folder for sharing in the network. This folder should be exported to a remote user using Samba sharing. In this guide, we will create this folder in the top-level folder '/'. Therefore, make sure you have the relevant permissions.
$ Sudo mkdir/shared
If you want to create a shared folder (for example ,~ /Shared), you must activate the Samba home folder sharing option in SELinux, as described later.
After creating a/shared folder, set the folder permission to ensure that other users can access it.
$ Sudo chmod o + rw/shared
If you do not want other users to have write permission on the folder, you need to remove the 'W' option in the command.
$ Sudo chmod o + r/shared
Next, create an empty file for testing. This file can be used to verify that Samba shares have been mounted.
$ Sudo touch/shared/file1
Step 2: configure SELinux for Samba
Next, we need to configure SELinux again. SELinux is enabled by default in Fedora and CentOS releases. SELinux only allows Samba to read and modify files or folders under correct security configurations. (For example, add the 'sambasharet 'attribute tag ).
The following command adds the necessary labels for the file configuration:
$ Sudo semanage fcontext-a-t samba_t _t "(/.*)? "
Replace it with the local folder we previously created for Samba sharing (for example,/shared ):
$ Sudo semanage fcontext-a-t samba_assist_t "/shared (/.*)? "
We must execute the restorecon command to activate the modified tag. The command is as follows:
$ Sudo restorecon-R-v/shared
To share folders in our home folder through Samba, you must enable the shared home folder option in SELinux. This option is disabled by default. The following command can achieve this effect. If you do not share your home folder, skip this step.
$ Sudo setsebool-P samba_enable_home_dirs 1
Step 3: configure a firewall for Samba
The following command is used to open the TCP/UDP port required for Samba sharing in the firewall.
If you are using firewalld (for example, under Fedora and CentOS7), the following command will permanently modify Samba-related firewall rules.
$ Sudo firewall-cmd -- permanent -- add-service = samba
If you use iptables (for example, CentOS6 or earlier) in the firewall, you can use the following command to open the necessary external port of Samba.
$ Sudo vi/etc/sysconfig/iptables
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 445-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m udp-p udp -- dport 445-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m udp-p udp -- dport 137-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m udp-p udp -- dport 138-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 139-j ACCEPT
Restart the iptables service:
$ Sudo service iptables restart
Step 4: change Samba configuration
The subsequent steps are used to configure Samba to export local folders as Samba shared folders.
Use the file editor to open the Samba configuration file and add the following lines to the end of the file.
$ Sudo nano/etc/samba/smb. conf
[Myshare]
Comment = my shared files
Path =/shared
Public = yes
Writeable = yes
The text (for example, "myshare") in the brackets above is the name of the Samba shared resource, which is used to access Samba sharing from a remote host.
Create a Samba user account, which is required to mount and export the Samba file system. We can use the smbpasswd tool to create a Samba user. Note that the Samba user account must be an existing Linux user. If you try to use smbpasswd to add a user that does not exist, it will return an error message.
If you do not want to use any existing Linux users as Samba users, you can create a new user in your system. To ensure security, set the logon script of a new user to/sbin/nologin without creating the home folder of the user.
In this example, we create a user named "sambaguest", as follows:
$ Sudo useradd-M-s/sbin/nologin sambaguest
$ Sudo passwd sambaguest
After creating a new user, run the smbpasswd command to add the Samba user. When you ask for a password, you can enter a password different from your password.
$ Sudo smbpasswd-a sambaguest
Activate the Samba service and check whether the Samba service is running.
$ Sudo systemctl enable smb. service
$ Sudo systemctl start smb. service
$ Sudo systemctl is-active smb
Use the following command to view the list of shared folders in Samba.
$ Smbclient-U sambaguest-L localhost
Next, access the Samba shared folder in the Thunar file manager and take a screenshot of copying and copying file1. Note that the shared content of Samba can be accessed through the smb: // myshare address in Thunar.