Skip to content

Install Samba on RHEL/CentOS/Fedora

Samba is the standard Windows interoperability suite of programs for Linux and Unix, we are going to configuration it on RHEL/CentOS Linux system.

Commands use root as default, for other user, sudo needed.

1. Install Samba

dnf install samba -y

For older releae like RHEL7.x and CentOS7.x, replace dnf with yum.

2. Add User

useradd -s /sbin/nologin -d /PATH/TO/HOME/USERNAME

Add user USERNAME with home directory in /PATH/TO/HOME, unable to login.

passwd USERNAME

Change USERNAME's password.

3. Change smb user's access password

smbpasswd -a USERNAME

4. Config samba's configuration file

Change file /etc/samba/smb.conf.

(1). Change [global] section

    workgroup = SAMBA
    security = user

    log file = /var/log/samba/%m.log
    log level = 1

    min protocol = SMB3
    passdb backend = tdbsam

    hosts allow = 192.168.0.0/16

    follow symlinks = yes
    wide links = yes
    unix extensions = no

Set security to user

Set minimum samba version to SMB3

(2). Change [homes] section

[homes]
    comment = Home Directories
    valid users = %S, %D%w%S
    create mask = 2640
    directory mask = 2750
    browseable = No
    read only = No
    inherit acls = Yes
    inherit permissions = yes

Op1. Share Other Directories

Add a new section in /etc/samba/smb.conf 

[Data]
    comment = Data
    path = /PATH/TO/DATA
    # valid users = 
    # write list = 
    valid users = USERNAME
    create mask = 2660
    directory mask = 2770
    browseable = No
    read only = No
    inherit acls = Yes
    inherit permissions = yes
    # force user = GROUP
    # force group = GROUP
If the directory is not under home directory, it's unaccessable due to SELinux by default.

Set boolean to access it:

setsebool -P samba_export_all_rw 1

Op2. Set SELinux Booleans

After operations above, it's able to access home directory with samba, if SELinux is set to diabled, otherwise, SELinux should configured.

setsebool -P use_samba_home_dirs 1

setsebool -P samba_enable_home_dirs 1

Op3. Set Firewall

If firewalld enabled in your system, you have to add samba to firewall:

firewall-cmd --add-server=samba --permanent And then reload firewall: firewall-cmd --reload

5. Restart samba

systemctl restart smbd

REF

[1]. https://wiki.samba.org/index.php/Main_Page

[2]. https://linux.die.net/man/8/samba_selinux