Setup File Server on CentOS7

Setup File Server on CentOS7


Samba is an opensource and most popular package that provides file and print service using SMB/CIFS protocol. This step by step article explains how to setup file server on centos 7 using samba . Before starting please make sure you have assigned static IP for the server and have internet connectivity for installing packages.

Package installation and pre config

Step 1 » Install necessary samba package and dependencies using below command .
[root@krizna ~]# yum install -y samba samba-client samba-commonand enable the smb and nmb service .
[root@krizna ~]# systemctl enable smb.service
[root@krizna ~]# systemctl enable nmb.service
Step 2 » Choose or Create a directory for shares and allow in SELINUX .
[root@krizna ~]# mkdir /shares
[root@krizna ~]# chcon -R -t samba_share_t /sharesand check the selinux policy status using ls -Z.
[root@krizna ~]# ls -Z /
......
drwxr-xr-x. root root unconfined_u:object_r:samba_share_t:s0 shares
Step 3 » Allow samba service in the firewall and reload service.
[root@krizna ~]# firewall-cmd --permanent --zone=public --add-service=samba
[root@krizna ~]# firewall-cmd --reload
Step 4 » Make a copy of default conf file for backup.
[root@krizna ~]# cp /etc/samba/smb.conf /etc/samba/smb.conf.bkp
Step 5 » Edit /etc/samba/smb.conf file, Find “security = user” line and add “map to guest” line like below.
security = user
map to guest = Bad User
Step 6 » Home directories and printer shares are enabled by default. You can stop those shares by commenting [homes] and [printers] sections in /etc/samba/smb.conf file like below ( optional ).

Setup file server on centos 7

There are different types of samba shares. Here we can see about common types
1. Anonymous Share
2. Secured Shares
3. Home directory

Anonymous Share

Anonymous share allow everyone to access the share without username & password.
Step 1 » Create a directory for anonymous share and change the ownership to nobody to allow anonymous access.
[root@krizna ~]# mkdir /shares/anonymous
[root@krizna ~]# chown -R nobody:nobody /shares/anonymous
Step 2 » Edit /etc/samba/smb.conf file and add these lines at the end of the file .

For read-only access use below code
Step 3 » Restart smb service .
[root@krizna ~]# systemctl restart smb.service
Step 4 » Now try to access this share in windows machine using \\IPaddress in Run prompt[ Eg: \\192.168.25.15 ]. You will see the share directory like below.
Setup file server on centos 7

Secured shares

Secured shares are accessible only by valid users with username and password .
Here i have explained with below scenario.
Larry has access to share google and Mark has access to share facebook .
John has access to both shares
We can have a samba group if we want to give access for multiple users.So here we have to create samba group for each share and assign users in that group for access.
Step 1 » Create directory and group for the share name google.
[root@krizna ~]# mkdir /shares/google
[root@krizna ~]# groupadd smbgg
Step 2 » Change ownership and permission for the directory.
[root@krizna ~]# chown -R root:smbgg /shares/google
[root@krizna ~]# chmod -R 0770 /shares/google
Step 3 » Create user larry by adding to the group smbgg in a single command .
[root@krizna ~]# useradd larry -s /usr/sbin/nologin -G smbggCreate samba password using the below command .
[root@krizna ~]# smbpasswd -a larry
Step 4 » Now edit /etc/samba/smb.conf file and add the below lines at the end for Share “google”.
Now after restarting the smb service, You can access Google share using larry credentials.
setup file server on centos 7 Secured
Step 5 » You can create “facebook” share and user Mark in the same way. But make sure you create different group like “smbfb” for Facebook share and add user mark to that group.
Step 6 » For multiple share access create user by adding both the groups to access both shares.
[root@krizna ~]# useradd john -s /usr/sbin/nologin -G smbgg,smbfb

Home Directory share

You can share users home directory by just enabling home section in smb.conf.
Step 1 » You can add or enable home section in /etc/samba/smb.conf file that should looks like below .
Step 2 » Selinux may prevent write access to home directories. Enable access using below command.
[root@krizna ~]# setsebool -P samba_enable_home_dirs 1
Step 3 » Now restart service.
[root@krizna ~]# systemctl restart smb.service
Now you could access users home directories.
Setup file server centos 7 home share
That’s it . Thanks

 

 

Comments

Post a Comment

Popular posts from this blog

How to Set Up IP and Port-Based Virtual Hosting (Vhosts) With Apache Web Server on CentOS 7

Image
How to Set Up IP and Port-Based Virtual Hosting (Vhosts) With Apache Web Server on CentOS 7 Table of Contents Introduction Requirements Set up multiple IP addresses on a single network interface Set up multiple instances of Apache Create the directory structure Create test web pages for each virtual host Set up ownership and permissions Create virtual host files Allow Apache through the firewall Test the virtual hosts Introduction Virtual hosting is a method for hosting multiple websites on a single machine. There are two types of virtual hosting:  Name-based virtual hosting  and  IP-based virtual hosting . IP-based virtual hosting is a technique to apply different directives based on the IP address and port a request is received on. You can assign a separate IP for each website on a single server using IP-based virtual hosting. This is mainly used to host different websites on different ports or IP addresses. In this article we will be creating: ...
Read more

Gateway to Gateway - Intro to Configure IPsec VPN (Gateway-to-Gateway ) using Strongswan

Image
Intro to Configure IPsec VPN (Gateway-to-Gateway ) using Strongswan Strongswan supports Gateway-to-Gateway (site-to-site) and Road warrior  types of VPN. In first type, network traffic is encrypted/decrypted on the gateway (entrance/exit) of an organization. However in Road warrior case, traffic encrypted from the end client (machine) to remote end gateway. In this article, we will explain creation of  tunnel between two sites of an organization to secure the communication. Strongswan based VPN server/gateway placement is shown in the following figure. We want to secure communication between 10.1.0.0/16 and 11.1.0.0/16 networks of organization. As shown in the above figure, we are interested to secure the communication from A to B and vice versa. It is important to make sure the routing of Strongswan based VPN Gateways in the organization network. We assume that machine from  office A can ping a machine in the network of B office . This will ensure th...
Read more

File Size ??? 6 Ways to Find Largest Top Files and Directory in Linux

Image
File Size --:????????????????? 6 Ways to Find Largest Top Files and Directory in Linux Finding the size of large file and directories in Linux servers is one of the most important tasks that every system administrator came across in his daily tasks. So, every system administrator must know about multiple ways to find out the size of larger disks and files consuming the hard disks. Sometimes, it becomes more important, when your system's disk are getting filled so rapidly and you have to discover which files or directories are are ingesting up, all of your disk area on a Linux. In this case, we should be able to find a particular directory location where the data is being filled up. As there is no such shortcut command which is available to discover the largest documents or directories on a Linux or UNIX file system but there is some possibility by using some command line utilities that can help us reaching to the source location. So, this article will help you to...
Read more