Passa ai contenuti principali

Linux CentOS 7 - Samba server and client

Linux CentOS 7 - Samba server and client 

Share a directory via samba so that all users/clients within the example.com domain can read its content; user smbuser1 must have read access 

On system1  


Install and activate Samba on Server:
# yum install samba samba-common-tools –y
# systemctl enable smb nmb 
# systemctl start smb nmb

Firewall rule for Samba:
# firewall-cmd –permanent –add-service=samba
# firewall-cmd –reload 

 Create the directory
# mkdir /samba-share
# chmod 777 /samba-share


Create Samba User:
# useradd smbuser1 –s /sbin/nologin 


# smbpasswd –a smbuser1


Enable Samba user
# smppasswd -e smbuser1 enable user
 
Test user database
# pdbedit –L

Create your share on the configuration file 

# vim /etc/samba/smb.conf 

You can allow a specific host in the Global Options if required;

[samba]
        comment = samba share
        path = /samba-share
        browseable = yes
        writable = no
        valid users = smbuser1
        hosts allow = 192.168.189.0/24

 


# systemctl restart smb nmb  

Check the configuration

# testparm

Browse the Samba Share on the Server:
# smbclient –L 192.168.189.140 –U smbuser1
 
Install package for semanage command
#yum install policycoreutils-devel -y

Adjust Selinux  context

# semanage fcontext –a –t samba_share_t “/samba-share(/.*)?”
# restorecon –Rv /samba-share
 
Adjust Selinux Boolean settings
# setsebool –P samba_export_all_ro on  ## if you need it read only.
# setsebool –P samba_export_all_rw on  ## if you need it read and write.



Verify that you can create files in the shared directory:

# cd /samba-share
# touch 123.txt
# ls -> 123.txt


On system2

On the Samba Client: 

Install the packages:
# yum install cifs-utils* samba-client* –y

Add firewall rule:
# firewall-cmd –permanent –add-service=samba-client
# firewall-cmd –reload 


Create a mount point for the Samba share
# mkdir /mnt/samba-share

Mount the samba share:
# mount –t cifs //192.168.189.140/samba /mnt/samba-share –o username=smbuser1
 
We can mount it permanently on the /etc/fstab file:
//192.168.189.140/samba /mnt/samba-share cifs username=smbuser1,password=admin 0 0


Verify that the created file can be read:
# cd /mnt/samba-share
# ls  ## should show 123.txt
# touch 456 ## should return an error as the directory is read only


# su – smbuser1
$ cifscreds add system1 ## make sure system1 can be resolved by DNS
(input password for user smbuser1)
Then smbuser1 can read/write on the /mnt directory
$ exit
 
In order for system1 to be resolved to its IP address, it has to be included in the /etc/hosts file.

 If you experience any problem with this configuration, please let me know.

 




Etichette:

Commenti

Posta un commento

Post popolari in questo blog

Linux CentOS 7 - Mounting the iso file as a CD-ROM

Linux CentOS 7 - Mounting the iso file as a CD-ROM in a repo Mount the iso file as a CD-ROM in a repository. Provided your iso file contains the complete operative system, this allows you to disable the default repositories and mirrors and install all required packages without downloading them from the internet. In other words you can work off-line. On system1 and/or system2 Edit the repo file vim /etc/yum.repos.d/CentOS-CD.repo [CentOS-CD] name =  CD ROM baseurl = file:///media/CentOS gpgcheck = 0 enabled = 1 Mount the iso file as a CD-ROM in a repository. Make a mount point mkdir /media/CentOS Edit the fstab file /dev/cdrom     /media/CentOS   iso9660   loop 0 0 mont -a Verify df -Th it must return the /dev/loop0 disk yum repolist it must show the repositories contained in the iso file.
Posta un commento
Continua a leggere

Linux CentOS 7 - Configuring a cache-only DNS

Linux CentOS 7 - Configuring a cache-only DNS Configure a cache only DNS server which forwards requests to the well known Google DNS server. On system1 Install the unbound package # yum install -y unbound Enable and start the service # systemctl enable unbound && systemctl start unbound Adjust the configuration file # vim /etc/unbound/unbound.conf interface: 0.0.0.0                       ## all interfaces access-control: 0.0.0.0/0 allow ## from all networks forward-zone      name: "."                              ## from any domain      forward-addr: 8.8.8.8           ## DNS server towards which all requests will be forwarded Check configuration  # unbound-checkconf Modify the DNS server on the interface configuration # vim /etc/sysconfig/network-scripts/ifc...
Posta un commento
Continua a leggere

Linux CentOS 7 - Basic scripting

Linux CentOS 7 - Basic scripting Configure a bash script called  foo.sh; this script reads an input parameter: if the input is "A", it returns "B"; if the input is "B", it returns "A"; otherwise it shows the message "usage foo.sh A|B" On system1 Edit the file: # vim /root/foo.sh #!/bin/bash if [ "$1" == "A" ]; then echo "B" elif [ "$1" == "B" ]; then echo "A"             e lse echo "/root/foo.sh A|B" fi Change the permissions to make it executable by all; # chmod a+x foo.sh Test it: # ./foo.sh A B Configure a script called makeusers.sh which reads a list of users from a file and creates those users with the /bin/false shell;   On system 1 Edit the script vim makeusers.sh #!/bin/bash if [ $# = 0 ]; then echo "usage makeusers.sh <users file>" exit 1 elif [ -f $1 ]; then for i in `cat $1`; do usera...
Posta un commento
Continua a leggere