Friday, September 11, 2009

Setting up Samba server on Linux

Here is a simple step-by-step guide on how to set-up a basic samba server within Red Hat, Fedora or CentOS Linux distribution. So let's begin!


1. Check first if smb (samba) is installed in the system, so in the Terminal type
# chkconfig --list | grep smb


A line containing [smb 0:off 1:off ........] should confirm the existence of smb in the system. If it fails, install first smb through yum or by downloading an rpm, before continuing to step 2.


2. Edit the smb configuration file through smb.conf
# vi /etc/samba/smb.conf


Then add these lines

[global]
workgroup = myWorkgroup
security = user
path = /home
netbios name = mySMB

[public]
writeable = no
path = /home/public
available = yes
public = true
guest account = ok

[private]
writeable = yes
path = /home/private
available = yes


Save smb.conf (press Esc and type :wq then Enter) and restart smb
# /etc/init.d/smb restart


3. By this time, the public folder should now be accessible to any PC on the myWorkgroup network through smb. However, accessibility to the private folder is restricted only to registered users in the smb server. So on terminal, type
# adduser iamuser *create a unix account
# passwd iamuser *set password
# smbpasswd -a iamuser *add iamuser to smb users

Then restart smb
# /etc/init.d/smb restart

*Note that it is not necessary that passwords for unix and smb accounts are different. It is just easier to recall if they are the same :).

SMB access to the private folder should now be available by entering the proper logins we've created. If you want to make the public folder writeable by anyone, just change writeable = yes into writeable = no.

4. If in case neither public nor private folder is accessible after the previous steps, smb access may be restricted by the firewall. To allow smb connections, we should edit the iptables.
# vi /etc/sysconfig/iptables

Then add these 4 lines before the line with the words "-j REJECT"

-A RH-Firewall-1-INPUT -p udp -m udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT

Save and then restart iptables service
# service iptables restart

And thats it! The smb server should now be up and running :). Remember that what we did in the smb.conf file are just basic configurations. There are a lot more options available for modifying the server like restricting accesses to specific users and IP addresses, and printeroptions to name a few. Go and just figure it out for yourselves :D.

5. To access our smb server in Windows, open Windows Explorer and on the address bar, input \\192.xxx.xxx.xxx\ and then public and private folders should appear (192.xxx.xxx.xxx is the server's ip address). Then for other Linux machines, you can type smb://192.xxx.xxx.xxx in Konqueror or Firefox to open the server.

That's the end of the guide and thanks for viewing :).

3 comments:

  1. thanks dude...like to add detail documentation
    #yum search samba
    #rpm -ql samba
    #rpm -qa| grep samba
    #yum intall samba
    #chkconfig --list smb
    #chkconfig --level 35 smb on
    #service smb status
    #ps -ef| grep smb
    #vim /etc/samba/smb.conf
    < Workgroup=should be same
    set the public directory--with specified location
    give all the required permission>
    #chcon -R -t samba_share_t /home/<location> --> if you want to access the location with selinux ON
    #getenforce
    #setenforce 0 --> turn selinux to premissive
    #smbpasswd -a dhan
    #service smb restart
    #ifconfig
    #smbclient -L //192.168.1.188/public -U dhan
    #smbclient //192.168.1.188/homes -U dhan
    #smbclient //server.glowfute.com -U root


    Check firewall
    Check iptables
    Check Selinux

    #man smb.conf ---> to modify and to give permission

    ###with selinux
    Allowing AccessYou can alter the file context by executing chcon -R -t samba_share_t './nfsserver' You must also change the default file context files on the system in order to preserve them even on a full relabel. "semanage fcontext -a -t samba_share_t './nfsserver'" The following command will allow this access:
    #chcon -R -t samba_share_t './nfsserver'
    #chcon -R -t samba_share_t /home/

    ReplyDelete

JS-Kit Comments