I have a Fedora 18 system here with the hostname snape.greshamhs.org and the IP address 192.168.92.249.
I always make sure that SELinux is disabled:
Edit /etc/selinux/config and set SELINUX=disabled:
vi /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
Installing Samba
Install Samba packages:
yum install cups-libs samba samba-common samba-client
Edit the smb.conf file:
vi /etc/samba/smb.conf
Make sure you see the following lines in the [global] section:
[...] # ----------------------- Standalone Server Options ------------------------ # # security = the mode Samba runs in. This can be set to user, share # (deprecated), or server (deprecated). # # passdb backend = the backend used to store user information in. New # installations should use either tdbsam or ldapsam. No additional configuration # is required for tdbsam. The "smbpasswd" utility is available for backwards # compatibility. # security = user passdb backend = tdbsam [...]
This enables Linux system users to log in to the Samba server.
Then create the system startup links for Samba and start it:
systemctl enable smb.service
systemctl start smb.service
Adding Samba Shares
Create the directory for sharing the files and change the group to the users group:
mkdir -p /home/public
chown -R root:users /home/public/
chmod -R ug+rwx,o+rx-w /home/public
At the end of the file /etc/samba/smb.conf add the following lines:
vi /etc/samba/smb.conf
[...] [allusers] comment = All Users path = /home/public valid users = @users force group = users create mask = 0660 directory mask = 0771 writable = yes
If you want all users to be able to read and write to their home directories via Samba, add the following lines to /etc/samba/smb.conf (make sure you comment out or remove the other [homes] section in the smb.conf file!):
[...] [homes] comment = Home Directories browseable = no valid users = %S writable = yes create mask = 0700 directory mask = 0700
Now we restart Samba:
systemctl restart smb.service
Adding And Managing Users
In this example, I will add a user named john.
useradd john -m -G users
Set a password for john in the Linux system user database. If the user john should not be able to log into the Linux system, skip this step.
passwd john
-> Enter the password for the new user.
Now add the user to the Samba user database:
smbpasswd -a john
-> Enter the password for the new user.
Now you should be able to log in from your Windows workstation with the file explorer (address is \\192.168.92.249 or \\192.168.92.249\john for john’s home directory) using the username john and the chosen password and store files on the Linux server either in john’s home directory or in the public shared directory.