Tutorial on using Samba shared folder on Fedora or CentOS

Source: Internet
Author: User
Tags chmod centos iptables firewall

Nowadays, sharing folders between different computers at home or in the office is nothing new. Under this trend, modern operating systems use network file systems to make data exchange between computers simple and transparent. If you work in both Windows and Linux environments, you can share files and directories through a cross-platform network file sharing protocol: SMB/CIFS. Windows native supports SMB/CIFS. Linux also implements the SMB/CIFS protocol through the open-source software Samba.

In this article, we will show you how to use Samba to share folders. The Linux platform we use is Fedora or CentOS. This article is divided into four parts. First, install Samba in the Fedora/CentOS environment. Next, we will discuss how to adjust SELinux and firewall configurations to allow Samba file sharing. Finally, we will introduce how to use Samba to share folders.

Step 1: install Samba on Fedora and CentOS

First, install Samba and perform some basic configurations.

Check whether Samba is installed on your system:

$ Rpm-q samba-common samba-client

If the preceding command has no output, this means Samba is not installed. In this case, use the following command to install Samba.

$ Sudo yum install samba-common samba-client

Next, create a local folder for sharing in the network. This folder should be exported to a remote user using Samba sharing. In this guide, we will create this folder in the top-level folder '/'. Therefore, make sure you have the relevant permissions.

$ Sudo mkdir/shared

If you want to create a shared folder (for example ,~ /Shared), you must activate the Samba home folder sharing option in SELinux, as described later.

After creating a/shared folder, set the folder permission to ensure that other users can access it.

$ Sudo chmod o + rw/shared

If you do not want other users to have write permission on the folder, you need to remove the 'W' option in the command.

$ Sudo chmod o + r/shared

Next, create an empty file for testing. This file can be used to verify that Samba shares have been mounted.

$ Sudo touch/shared/file1

Step 2: configure SELinux for Samba

Next, we need to configure SELinux again. SELinux is enabled by default in Fedora and CentOS releases. SELinux only allows Samba to read and modify files or folders under correct security configurations. (For example, add the 'sambasharet 'attribute tag ).

The following command adds the necessary labels for the file configuration:

$ Sudo semanage fcontext-a-t samba_t _t "(/.*)? "

Replace it with the local folder we previously created for Samba sharing (for example,/shared ):

$ Sudo semanage fcontext-a-t samba_assist_t "/shared (/.*)? "

We must execute the restorecon command to activate the modified tag. The command is as follows:

$ Sudo restorecon-R-v/shared


To share folders in our home folder through Samba, you must enable the shared home folder option in SELinux. This option is disabled by default. The following command can achieve this effect. If you do not share your home folder, skip this step.

$ Sudo setsebool-P samba_enable_home_dirs 1

Step 3: configure a firewall for Samba

The following command is used to open the TCP/UDP port required for Samba sharing in the firewall.

If you are using firewalld (for example, under Fedora and CentOS7), the following command will permanently modify Samba-related firewall rules.

$ Sudo firewall-cmd -- permanent -- add-service = samba

If you use iptables (for example, CentOS6 or earlier) in the firewall, you can use the following command to open the necessary external port of Samba.

$ Sudo vi/etc/sysconfig/iptables

-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 445-j ACCEPT

-A RH-Firewall-1-INPUT-m state -- state NEW-m udp-p udp -- dport 445-j ACCEPT

-A RH-Firewall-1-INPUT-m state -- state NEW-m udp-p udp -- dport 137-j ACCEPT

-A RH-Firewall-1-INPUT-m state -- state NEW-m udp-p udp -- dport 138-j ACCEPT

-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 139-j ACCEPT

Restart the iptables service:

$ Sudo service iptables restart

Step 4: change Samba configuration

The subsequent steps are used to configure Samba to export local folders as Samba shared folders.

Use the file editor to open the Samba configuration file and add the following lines to the end of the file.

$ Sudo nano/etc/samba/smb. conf

[Myshare]

Comment = my shared files

Path =/shared

Public = yes

Writeable = yes

The text (for example, "myshare") in the brackets above is the name of the Samba shared resource, which is used to access Samba sharing from a remote host.

Create a Samba user account, which is required to mount and export the Samba file system. We can use the smbpasswd tool to create a Samba user. Note that the Samba user account must be an existing Linux user. If you try to use smbpasswd to add a user that does not exist, it will return an error message.

If you do not want to use any existing Linux users as Samba users, you can create a new user in your system. To ensure security, set the logon script of a new user to/sbin/nologin without creating the home folder of the user.

In this example, we create a user named "sambaguest", as follows:

$ Sudo useradd-M-s/sbin/nologin sambaguest

$ Sudo passwd sambaguest


After creating a new user, run the smbpasswd command to add the Samba user. When you ask for a password, you can enter a password different from your password.

$ Sudo smbpasswd-a sambaguest

Activate the Samba service and check whether the Samba service is running.

$ Sudo systemctl enable smb. service

$ Sudo systemctl start smb. service

$ Sudo systemctl is-active smb


Use the following command to view the list of shared folders in Samba.

$ Smbclient-U sambaguest-L localhost


Next, access the Samba shared folder in the Thunar file manager and take a screenshot of copying and copying file1. Note that the shared content of Samba can be accessed through the smb: // myshare address in Thunar.



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.