yum install samba samba-client systemctl enable smb systemctl enable nmb firewall-cmd --permanent --add-service=samba firewall-cmd --reload
CONFIGURATION - [GLOBAL] SECTION
Make all changes to /etc/samba/smb.conf unless otherwise stated.
The line numbers are roughly where the existing parameter should be found. Not necessarily a guarantee for cross EL platforms to be exact, as Red Hat and Oracle do tweak things to suit their customer service departments' ease.
- line 66 : add
unix charset = UTF-8 dos charset = CP932
- There was a zero-day that forced the Samba team to disable UNIX symlinks from being followed properly. To enable them, add right under the above entries, the following:
follow symlinks = yes wide links = yes unix extensions = no
* line 90 : change this to be your workgroup or homegroup and your server netbios name respectively.
workgroup = SCHOTTY netbios name = schotty
* line 96 : uncomment and change IP address to be your appropriate subnet. This would be appropriate for 192.168.0.0/16
hosts allow = 192.168.0.0/16
- Line 126: add ( no auth )
security = user passdb backend = tdbsam map to guest = Bad User
Jump to end of file and add this if you wish to have a free for all folder. This is where you will put all your share directives. You can, of course,disable the existing ones or modify them appropriately too. For the following example there is also the need for a guest linux account that needs to be made. Edit the commands as needed, including adding any groups that the user needs to be in.
- Samba guest account creation:
useradd -c "Samba Guest User" -d /dev/null -s /bin/false sambaguest passwd sambaguest usermod -G smb_share_groups sambaguest
CONFIGURATION - [SHARE] SECTION
- Sample share section:
[Public] # any name you like path = /path/to/share # Path to the shared directory writable = yes # Is writable guest ok = yes # Enable guest (smbuser not needed) guest only = yes # guest only create mode = 0777 # Default file permissions directory mode = 0777 # Default directory permissions guest account = sambaguest # Our linux system guest acct available = yes # Is available browsable = yes # Is browseable public = yes # Is public
- Now, if you are using SELinux, there will be issues if you are using a share that hasn't had the permissions set correctly. Exectute the last two commands for each successive share that you have.
setsebool -P samba_export_all_ro=1 samba_export_all_rw=1 getsebool -a | grep samba_export semanage fcontext -a -t samba_share_t "/SHARENAME(/.*)?" restorecon /SHARENAME
- Reload services:
systemctl restart smb systemctl restart nmb