Note: This is a RHCE 7 exam objective.
Install the Samba packages:
# yum groupinstall -y "file-server" # yum install -y samba-client samba-winbind
Create a new /etc/samba/smb.conf file and add the following lines (for a workgroup named MYGROUP, a server called MYSERVER, a local network with IP addresses in 192.168.1.0/24, a user named user01 and a share called shared):
workgroup = MYGROUP server string = Samba Server Version %v netbios name = MYSERVER interfaces = lo eth0 192.168.1.0/24 hosts allow = 127. 192.168.1. log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [shared] comment = Shared directory browseable = yes path = /shared valid users = user01 writable = yes
Note: with “passdb backend = tdbsam“, passwords are stored in the /var/lib/samba/private/passdb.tdb file.
Check the syntax of the configuration file:
# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[shared]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] workgroup = MYGROUP netbios name = MYSERVER server string = Samba Server Version %v interfaces = lo, eth0, 192.168.1.0/24 log file = /var/log/samba/log.%m max log size = 50 idmap config * : backend = tdb hosts allow = 127., 192.168.1. [shared] comment = Shared directory path = /shared valid users = user01 read only = No
Create the shared directory:
# mkdir /shared
Give full access rights to the new directory:
# chmod 777 /shared
Create a file inside called test:
# echo "This is a test." > /shared/test
Set up the correct SELinux context:
# yum install -y setroubleshoot-server # semanage fcontext -a -t samba_share_t "/shared(/.*)?" # restorecon -R /shared
Add the new service to the firewall:
# firewall-cmd --permanent --add-service=samba
Reload the firewall configuration:
# firewall-cmd --reload
Activate the Samba services at boot:
# systemctl enable smb # systemctl enable nmb # systemctl enable winbind
Start the Samba services:
# systemctl start smb # systemctl start nmb # systemctl start winbind
Create the samba user user01 with the password pass:
# useradd -s /sbin/nologin user01 # smbpasswd -a user01 New SMB password:
passRetype new SMB password: passAdded user user01.
Check the configuration:
# smbclient //localhost/shared -U user01%pass Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> ls . D 0 Sun Aug 3 00:19:00 2014 .. D 0 Sat Aug 2 23:16:27 2014 test N 0 Sun Aug 3 00:15:20 2014 47356 blocks of size 65536. 26414 blocks available
Useful information about SELinux and Samba is available in the RHEL 7 SELinux User’s and Administrator’s Guide.
Fedora documentation‘s got a chapter about Configuring Samba.
You can also read the Samba Howto.
The learnitguide website provides a tutorial about Configuring a Samba server on RHEL 7.
The Lisenet website offers a tutorial about Setting up a Samba Server with SELinux on RHEL 7.