How to install and configure samba server in CentOS 6.3
Introduction: Samba is a free software re-implementation of the SMB/CIFS networking protocol, originally developed by Andrew Tridgell. As of version 3, Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member. It can also be part of an Active Directory domain.
Samba runs on most Unix and Unix-like systems, such as Linux, Solaris, AIX and the BSD variants, including Apple’s Mac OS X Server (which was added to the Mac OS X client in version 10.2). Samba is standard on nearly all distributions of Linux and is commonly included as a basic system service on other Unix-based operating systems as well. Samba is released under the GNU General Public License. The name Samba comes from SMB (Server Message Block), the name of the standard protocol used by the Microsoft Windows network file system.
Reference from : http://en.wikipedia.org/wiki/Samba_%28software%29
Scenario: We will shared directory where permitted user/group can access the shared directory and read write the files or dir.
Practical Applied on:
Operating System: CentOS release 6.3 (Final)
Packages: On Samba Version 3.5
Kernel information: Linux 2.6.32-279.el6.i686 #1 SMP / i686 i686 i386 GNU/Linux
Samba Server uses the following port no. :
Daemon name : smb and nmb
Samba services are implemented as two daemons:
smbd, which provides the file and printer sharing services, and
nmbd, which provides the NetBIOS-to-IP-address name service. NetBIOS over TCP/IP requires some method for mapping NetBIOS computer names to the IP addresses of a TCP/IP network.
How to install and configure samba server:
Step 1: Install through yum command. cups-libs is for printer.
yum install -y samba samba-commons cups-libs
Step 2: create a directory which you would like to share
Step 3: Add a new group or you can use existing group to provide access on shared directory,Here I am adding new group called staff.
Step 4: Change the group and permission of sharing folder
chgrp -R staff /sharedrepo chmod -R 777 /sharedrepo
Step 5: Change the selinux security context on sharing directory and set the selinux boolean value for samba .
You can skip this step if selinux has permissive or disabled status. (use sestatus command to check selinux status)
chcon -R -t samba_share_t /sharedrepo/ semanage fcontext -a -t samba_share_t /sharedrepo/ setsebool -P samba_enable_home_dirs on
Step 6: create user and add them in group called staff. And set the samba password for this user.
useradd test usermod -G staff test smbpasswd -a test
Step 7: Take backup of /etc/samba/smb.conf file then edit the smb.conf file. And add the given parameter in last line of /etc/samba/smb.conf file
cd /etc/samba/ cp -p smb.conf smb.conf.orig
vi /etc/samba/smb.conf [sharedrepo] comment = shared-directory path = /sharedrepo public = no valid users = test, @staff writable = yes browseable = yes create mask = 0765
Step 8: Edit these lines in /etc/samba/smb.conf . To allow network to reach samba server.
Change the value of 192.168.56.0/24 with your subnet. And change the ethernet value which is in used by your system and which you want to allow for traffic.
In second line ,192.168.56. is for subnet .Same rule applied to 127. which is for loopback.
interfaces = lo eth0 eth1 192.168.56.0/24 hosts allow = 127. 192.168.56.
Note: Mainly for windows users,if your all PC in your network are using different WORKGROUP name edit the given below line in smb.conf with your workgroup name. Windows system bydefault uses the WORKGROUP as WORKGROUP. Try first without changing the WORKGROUP name,if required do the change.
workgroup = MYGROUP
Step 9 : Add services in /etc/services files
vi /etc/services netbios-ns 137/tcp # netbios name service netbios-ns 137/udp # netbios name service netbios-dgm 138/tcp # netbios datagram service netbios-dgm 138/udp # netbios datagram service netbios-ssn 139/udp # netbios session service netbios-ssn 139/udp # netbios session service
Step 10: Add iptables rule in samba server for port no. 137,138.139 and 445. Edit /etc/sysconfig/iptables file
Note: If in your network iptables service is stopped or there is no rule set up.Kindly skip this step.
Change the 192.168.56.0/24 value with you network subnet.
[[email protected] ~]# vi /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Sun Feb 17 19:36:23 2013 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [199:25862] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 137 -j ACCEPT -A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 138 -j ACCEPT -A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 139 -j ACCEPT -A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 445 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A INPUT -j REJECT --reject-with icmp-port-unreachable -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Sun Feb 17 19:36:23 2013 [[email protected] ~]# Now restart the iptable [[email protected] ~]# /etc/init.d/iptables restart Check the iptable is it implemented or not [[email protected] ~]#iptables -nL
Step 11: Now start the smb and nmb services.
/etc/init.d/smb start /etc/init.d/nmb start
To smb and nmb services should be started at the time of boot or reboot.Use chkconfig command
# chkconfig smb on # chkconfig nmb on chkconfig --list | egrep "smb|nmb" nmb 0:off 1:off 2:on 3:on 4:on 5:on 6:off smb 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Step 12: Now we will test samba from linux and windows machine
Open the Run and type \ip-address-of-samba-servershared-Direcory-name for eg. \192.168.56.101sharedrepo. Give username and password. (password which you set with the help of smbpasswd command)
Linux Users: smbclient must be installed in system .
To check the list of shared objects in samba server.Use the command
smbclient -L \ipaddress-samba-server -U username (press enter, and give samba password of the user)
To access through smb console : Use the command
smbclient //ip-samba-server/sharedDirectory -U username
After getting console you can use get and put command to get the data and put the data in shared dir.
Like the given below eg,
[email protected]:~$ smbclient //192.168.56.101/sharedrepo -U redtest Enter redtest's password: Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6] smb: > ls . D 0 Sun Feb 17 10:50:01 2013 .. DR 0 Sun Feb 17 22:38:55 2013 Untitled Folder D 0 Sun Feb 17 19:45:51 2013 50553 blocks of size 262144. 44708 blocks available smb: > help ? allinfo altname archive blocksize cancel case_sensitive cd chmod chown close del dir du echo exit get getfacl geteas hardlink help history iosize lcd link lock lowercase ls l mask md mget mkdir more mput newer open posix posix_encrypt posix_open posix_mkdir posix_rmdir posix_unlink print prompt put pwd q queue quit readlink rd recurse reget rename reput rm rmdir showacls setea setmode stat symlink tar tarmode translate unlock volume vuid wdel logon listconnect showconnect .. ! smb: >
To mount the samba shared directory in machine your system must support cifs file system.
mount -t cifs //samba-server-ipaddress/shared-directory-name -o username=USERNAME /mnt/
From Dash home write the command smb://ipaddr-samba-server/shared-directory
Or take reference from https://help.ubuntu.com/community/Samba/SambaClientGuide