Linux Samba Notes
Table of Contents
1. Purpose
This document describes the process for setting up File Sharing via Samba on a Linux host.
Files shared via Samba can then be accessed remotely from Windows, Linux, and macOS devices.
Original document is here
3. Open the FW Port
-
Add the
sambaservice to the FW configFedorasudo firewall-cmd --add-service=samba --permanent -
Restart the FW
Fedorasudo firewall-cmd --reload
4. Install Samba
-
Install Samba
Ubuntusudo apt-get install samba -yFedorasudo dnf install -y samba samba-common samba-client -
Start Samba
Ubuntusudo systemctl enable --now smbdFedorasudo systemctl enable --now smb nmb -
Set SELinux to allow
Sambato share directories with both read and write permissions across the network.Fedorasudo setsebool -P samba_export_all_rw 1
5. Create Samba Group
-
Create new Group for Samba
Ubuntusudo addgroup sambagroupFedorasudo groupadd sambagroup
6. Add User
-
Add User into new Group for Samba
-
Add user to group
Ubuntusudo usermod -aG sambagroup mattosdFedorasudo usermod -g sambagroup mattosd -
Confirm User added to new group
id mattosdExampleuid=1000(mattosd) gid=1000(mattosd) groups=1000(mattosd),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),122(lpadmin),134(lxd),135(sambashare),1001(sambagroup)
-
-
Configure username & password
sudo smbpasswd -a mattosd (1)(2)1 Must be an actual local account name 2 This password is for Samba use only - it can be different from the account’s password but if it is the same as the network password, then credentials will not need to be provided for the connection. -
Enable User
sudo smbpasswd -e mattosd
7. Update Samba Conf file
-
Edit file
sudo vi /etc/samba/smb.conf -
Change line that contains workgroup = SAMBA to the name of the workgroup or NT-domain your Samba server will exist within.
Most likely it should be workgroup = WORKGROUP. -
Add additional entries
Example Contents[repos] comment = Contains a repo for pod container compose files path = /mnt/MirroredDisk/repo-pod-master browsable = yes read only = no guest ok = no writable = yes valid users = @sambagroup create mask = 0660 directory mask = 0770 force group = +sambagroup -
Confirm config
testparmExpand for Sample output
Load smb config files from /etc/samba/smb.conf Loaded services file OK. Weak crypto is allowed Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] log file = /var/log/samba/log.%m logging = file map to guest = Bad User max log size = 1000 obey pam restrictions = Yes pam password change = Yes panic action = /usr/share/samba/panic-action %d passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . passwd program = /usr/bin/passwd %u server role = standalone server server string = %h server (Samba, Ubuntu) unix password sync = Yes usershare allow guests = Yes idmap config * : backend = tdb [printers] browseable = No comment = All Printers create mask = 0700 path = /var/spool/samba printable = Yes [print$] comment = Printer Drivers path = /var/lib/samba/printers [RAIDZStoragePool] comment = A ZFS Mirror drive force create mode = 0666 force directory mode = 0777 path = /mnt/RAIDZStoragePool read only = No valid users = mattosd write list = @sambagroup [repo-docker-master] comment = Contains a repo for docker container compose files force create mode = 0666 force directory mode = 0777 path = /home/mattosd/repo-docker-master read only = No valid users = mattosd write list = @sambagroup -
Restart Samba
Ubuntusudo systemctl restart smbdFedorasudo systemctl restart smb nmb
8. Test
-
Test with the
smbclientsmbclient -L localhostSample outputPassword for [SAMBA\mattosd]: (1) Anonymous login successful Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers repos Disk Contains a repo for docker container compose files (2) IPC$ IPC IPC Service (Samba 4.22.1)1 Provide the user’s Samba password 2 This is the new Samba share