Installation
$ yum -y install samba samba-client
$ service smb restart
Configuration
The default configuration works just fine.
$ cat /etc/samba/smb.conf
...
[global]
workgroup = MYGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
load printers = yes
cups options = raw
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
...
Security
Having 'security = user' means we need a UNIX account. Lets create one.
$ useradd -s /sbin/nologin winuser1
And set samba password for account.
$ smbpasswd -a winuser1
Firewall
$ iptables -I INPUT 5 -m state --state new -p tcp --dport 445 -j ACCEPT
$ iptables -I INPUT 6 -m state --state new -p udp --dport 137 -j ACCEPT
$ iptables -I INPUT 7 -m state --state new -p udp --dport 138 -j ACCEPT
$ iptables -I INPUT 8 -m state --state new -p tcp --dport 139 -j ACCEPT
Test
Now lets test it from a remote client. First lets list all shares on host.
$ smbclient -L 127.0.0.1 -U winuser1
Enter winuser1's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-168.el6_5]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 3.6.9-168.el6_5)
winuser1 Disk Home Directories
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-168.el6_5]
Server Comment
--------- -------
Workgroup Master
--------- -------
And to mount it.
$ mount -t cifs -o user=winuser1 //192.168.1.16/winuser1 /remote
Finally lets test to write to winuser1 home directory.
$ echo "Hello" >> /remote/foo
-bash: /remote/foo: Permission denied
This did not go well. The missing configuration is SELinux.
SELinux
On the SAMBA server, run the following command, if you want to share home directories via samba.
$ setsebool -P samba_enable_home_dirs on
Now lets get back to client and un mount and the remount and write and read and that should be successful.
No comments:
Post a Comment