Introduction of Samba
With arrival of Samba version 3, the definition of Samba server is changed. Now we call samba is a free software suite licensed under GNU General Public License version 3. It is populalry used for file and print services for all clients using the SMB/CIFS protocol.From Samba version 3, we can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member. It can also be part of an Active Directory domain.
We will follow almost same steps as we did in our previous post on “How to install and configure samba server in CentOS 6.3“. In CentOS 7 / RHEL 7 , a few steps are changed because of some introuction of new commands and unavailabilty of packages in minimal installed Operating System but logically everything is same.
Scenario: We will shared a directory called sharedrepo where we will permit user called test and group called staff, can access the shared directory from Samba server and can read write the files or directory.
Details of Samba server on which practical applied
Operating System : CentOS 7
Arch : x86_64
Samba Version : Samba 4.1.1 (Default from CentOS repo)
Kernel Versio : 3.10.0-123.el7.x86_64
IP Address : 192.168.56.102
Network Subnet : 192.168.56.0/24 or can be written also as 192.168.56.0/255.255.255.0
Arch : x86_64
Samba Version : Samba 4.1.1 (Default from CentOS repo)
Kernel Versio : 3.10.0-123.el7.x86_64
IP Address : 192.168.56.102
Network Subnet : 192.168.56.0/24 or can be written also as 192.168.56.0/255.255.255.0
NOTE: CentOS 7 is installed with minimal packages (minimal installed)
Samba Server port numbers
137/tcp
137/udp
138/tcp
138/udp
139/udp
139/udp
445/tcp
445/udp
137/udp
138/tcp
138/udp
139/udp
139/udp
445/tcp
445/udp
Daemon used in Samba server
Samba services are implemented as two daemons:
1. smbd, It provides the file and printer sharing services.
2. nmbd It provides the NetBIOS-to-IP-address name service. NetBIOS over TCP/IP requires some method for mapping NetBIOS computer names to the IP addresses of a TCP/IP network.
1. smbd, It provides the file and printer sharing services.
2. nmbd It provides the NetBIOS-to-IP-address name service. NetBIOS over TCP/IP requires some method for mapping NetBIOS computer names to the IP addresses of a TCP/IP network.
How to install and configure samba server
Step 1 : Use yum command to install samba packages
(a) policycoreutils-python = For semanage command (Read semanage command not found)
(b) samba-client : For smbpasswd (Read smbpasswd command not found)
(b) samba-client : For smbpasswd (Read smbpasswd command not found)
(c) cups-libs : For printer service
(d) samba and samba-commons : For Samba server
yum install -y samba samba-commons cups-libs policycoreutils-python samba-client
Step 2: create a directory
Create a directory called sharedrepo in / (main root) . This directory will be shared with clients.
mkdir /sharedrepo
Step 3: Add a new group or can use existing group
To provide access on shared directory,Here we are adding new group called staff.
groupadd staff
Step 4: Change the group and permission of sharing folder
Here we are using /sharedrepo in samba server, hence group and permission are changing for this directory.
Here we are using /sharedrepo in samba server, hence group and permission are changing for this directory.
chgrp -R staff /sharedrepo chmod -R 777 /sharedrepo
Step 5: Change the selinux security context
Change the selinux security context on sharing directory and set the selinux boolean value for samba.
You can skip this step in case you disable selinux on system.
Change the selinux security context on sharing directory and set the selinux boolean value for samba.
You can skip this step in case you disable selinux on system.
chcon -R -t samba_share_t /sharedrepo/ semanage fcontext -a -t samba_share_t /sharedrepo/ setsebool -P samba_enable_home_dirs on
Step 6: create user, add into group and set samba password
create user and add them in group called staff. And set the samba password for this user.
create user and add them in group called staff. And set the samba password for this user.
useradd test usermod -G staff test smbpasswd -a test
Step 7: Edit /etc/samba/smb.conf file
First take backup of /etc/samba/smb.conf file then edit the smb.conf file.
cd /etc/samba/ cp -p smb.conf smb.conf.orig
And add the below given contents in last line of /etc/samba/smb.conf file.
vi /etc/samba/smb.conf
[sharedrepo] comment = shared-directory path = /sharedrepo public = no valid users = test, @staff writable = yes browseable = yes create mask = 0765
Step 8: Allow network to connect with Samba Server
Edit these lines in /etc/samba/smb.conf . To allow network to reach samba server.
1.interfaces = Change the value of 192.168.56.0/24 with your subnet. And change the ethernet value which is in used by your system and which you want to allow for traffic.
2. hosts allow = 192.168.56. is for subnet .Same rule applied to 127. which is for loopback.
2. hosts allow = 192.168.56. is for subnet .Same rule applied to 127. which is for loopback.
interfaces = lo enp0s8 192.168.56.00/24 hosts allow = 127. 192.168.56.
Note: For windows users,if your all PC in your network are using different WORKGROUP name edit the given below line in smb.conf with your workgroup name. Windows system bydefault uses the WORKGROUP as WORKGROUP. Try first without changing the WORKGROUP name,if required do the changes.
workgroup = MYGROUP
Step 9 : Add services in /etc/services files
vi /etc/services netbios-ns 137/tcp # netbios name service netbios-ns 137/udp # netbios name service netbios-dgm 138/tcp # netbios datagram service netbios-dgm 138/udp # netbios datagram service netbios-ssn 139/udp # netbios session service netbios-ssn 139/udp # netbios session service
Step 11: Now start the smb and nmb services.
systemctl start smb.service systemctl start nmb.service
Step 11 : Enable smb and nmb service at booting of system
systemctl enable smb.service systemctl enable nmb.service
Below given section is referece:
[root@localhost ~]# systemctl enable nmb.service ln -s '/usr/lib/systemd/system/nmb.service' '/etc/systemd/system/multi-user.target.wants/nmb.service' [root@localhost ~]# [root@localhost ~]# systemctl enable smb.service ln -s '/usr/lib/systemd/system/smb.service' '/etc/systemd/system/multi-user.target.wants/smb.service' [root@localhost ~]#
Step 12 : Add firewalld rule to allow samba
In RHEL 7/ CentOS 7, firewalld is shipped by default. Now onwards we recommend you to use firewalld instead of iptables.
Here, we are allowing source network 192.168.56.0/24 to connect to samba service, whereas in logging samba prefix is used.
Adding permanent firewalld rule
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.56.0/24" service name="samba" log prefix="samba" level="info" limit value="1/m" accept'
Now reload firewalld
firewall-cmd --reload
Note: firewalld service must be runnig for above procedure. To start firewalld use systemd command i.e
systemctl start firewalld.serviceHow to connect to Samba Server
1. Windows :
In Windows Operatig System, open the run by pressing in combination of
Start key + r. Then type in this format \\ip-address-of-samba-server\shared-Direcory-name\\192.168.56.102\sharedrepo
Give username and password when it will ask.
2. Linux :
smbclient must be installed on system .
(A) List the shared files or directory available in samba server
smbclient -L \\192.168.56.102 -U test
In above command,
-L = For listing shared objects.
Samba Server IP Address = 192.168.56.102
User Name = test
-L = For listing shared objects.
Samba Server IP Address = 192.168.56.102
User Name = test
Below given is sample output
sharad@linuxworld:~$ smbclient -L \\192.168.56.102 -U test Enter test's password: Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.1.1) sharedrepo Disk shared-directory test Disk Home Directories Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Server Comment --------- ------- LOCALHOST Samba Server Version 4.1.1 Workgroup Master --------- ------- MYGROUP LOCALHOST sharad@linuxworld:~$
(B) Access using smb console
smbclient //192.168.56.102/sharedrepo -U test
After login, you will get smb console. You can use get and put command for getting/putting the file. There are other commands you can use also.
Sample output
sharad@linuxworld:~$ smbclient //192.168.56.102/sharedrepo -U test Enter test's password: Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> smb: \> help ? allinfo altname archive backup blocksize cancel case_sensitive cd chmod chown close del dir du echo exit get getfacl geteas hardlink help history iosize lcd link lock lowercase ls l mask md mget mkdir more mput newer notify open posix posix_encrypt posix_open posix_mkdir posix_rmdir posix_unlink print prompt put pwd q queue quit readlink rd recurse reget rename reput rm rmdir showacls setea setmode stat symlink tar tarmode timeout translate unlock volume vuid wdel logon listconnect showconnect tcon tdis tid logoff .. ! smb: \>
(C) Mount the samba shared directory
Mount the samba shared directory in machine , your system must support cifs file system
Mount the samba shared directory in machine , your system must support cifs file system
mount -t cifs //192.168.56.102/sharedrepo -o username=test /mnt/
In Ubuntu, Click on dash home and simply access the samba server
smb://192.168.56.102/
Comentarios
Publicar un comentario