search
top

Install and Setup Samba on CentOS / RHEL

It is a fact of life,, there are Windows clients that need to access shared data and as admins we like to have control and secure way to deliver the data from Linux to Windows and this is where Samba comes into play.

A basic Samba share on a Linux server is not very hard to implement and in this post we will be using CentOS to deliver the goods.

Install Samba package

$ sudo yum install samba samba-client samba-common

Next configure the samba service, so that, it will start automatically at boot.

$ sudo chkconfig smb on
$ sudo chkconfig nmb on
$ sudo service smb start
$ sudo service nmb start

Disable the SELinux, or put in exceptions

$ sudo vi /etc/selinux/config

Change SELinux from enforcing to disabled:

SELINUX=disabled

If you want to use SELinux complete the following.

a. disable the samba domain transition
$ sudo setsebool -P smbd_disable_trans on
$ sudo setsebool -P winbind_disable_trans on
$ sudo setsebool -P nmbd_disable_trans on

This is the preferred option, besides the possibility of some labelling and denial problem if some other confined domain need to talk with samba (example squid)

b. Label /etc/init.d/ so that init transition it to the unconfined_t domain

$ sudo chcon -t unconfined_exec_t /etc/init.d/winbind chcon -t unconfined_exec_t /etc/init.d/smb

c. use semanage fscontext if you want to survive to a autorelabel two survive an rpm update

Next lets add these Iptables rules, for samba to work

$ sudo iptables -I INPUT 4 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
$ sudo iptables -I INPUT 5 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
$ sudo iptables -I INPUT 6 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
$ sudo service iptables save

Edit samba config file

$ sudo vi/etc/samba/smb.conf

Add these lines, in your smb.conf file (or change it according to your requirement):

#======================= Global Settings ===========
[global]
workgroup = WORKGROUP
security = share
map to guest = bad user
#================ Share Definitions ========================
[share]
path = /smb/share
browsable =yes
writable = yes
guest ok = yes
read only = no

Save the smb.conf file and restart the service:

$ sudo service smb restart
$ sudo service nmb restart

Change it, in such a way that everyone can read and write it(Check if it is allowed in your environment or not):

$ sudo chmod -R 0777 /smb/share

Add and manage users and groups

Add a group to your server (example: samba).

$ sudo groupadd samba

Add winusers id

$ sudo useradd winusers

Create a new share, set the permission on the share:

cd /smb/
$ sudo mkdir files
$ sudo chown -R winusers:samba files/
ls -l
$ sudo chmod -R 0770 files/
ls -l

Add the user to the samba group and create samba password:

$ sudo usermod -a -G samba winusers
$ sudo smbpasswd -a winusers

Edit the smb.conf file:

$ sudo vi /etc/samba/smb.conf

Add the newly created samba share in smb.conf file:

[Files]
path = /samba/files
valid users = @samba
guest ok = no
writable = yes
browsable = yes

Restart the samba service:
$ sudo service smb restart
$ sudo service nmb restart

Now you have a basic Samba share that you can connect your Windows systems to. There is alot more you can do and with Samba, but this is a start.

One Response to “Install and Setup Samba on CentOS / RHEL”

  1. Sumit says:

    Hi,

    I have a Linux Machine with Centos 5.5 and 2 Windows 8+ machines, right now one of the Windows Machine contains XAMPP and other machine is using that machine as Server to change the code of the files.

    I want to use my Centos based machine as a server where ‘n’ number of windows machine can access PHP programming files for editing, they can create new file and edit the copy of the files. I also want that anyone can access Linux Machine to test website using an IP.

    Can you help me in doing this please?

    Thanks in Advance,
    Sumit

Trackbacks/Pingbacks

  1. Install and Setup Samba on CentOS / RHEL | saravananvs75 - […] Install and Setup Samba on CentOS / RHEL […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

top