Friday, 20 May 2016

imple way to create and manage samba shares in RHEL 7 OR Any LINUX

Simple way to create and manage samba shares in RHEL 7

We can also call this as CIFS (Common Internet File System) shares, Sharing the directories / Folders across the corporate network. Sharing the Directories / Folders from Linux to Windows and Windows to Linux wise versa we have to use SMB (samba) protocol. Samba is not only used for sharing directories, we can also use it for sharing printing services (printing server). I will explain you in detailed simple way to create and manage samba shares in RHEL 7.

Server Profile

  • Packages Required: samba*
  • Port Number: 445
  • Daemon Name: smb
  • Config File Location: /etc/samba/smb.conf

Advantages

  • Accessing CIFS shares across the multiple environments
  • Sharing Printer using SMB
  • Mount windows CIFS shares to Linux
  • Fully Secured shares using user authentication

Steps to Configure samba server

Install required Packages, Start & Enable Service, Create users and convert them as samba users, Create New Directory and Share the directory using SMB Service, Apply SELinux context and Open Firewall Ports.

Installation of Samba Server in RHEL 7

[root@ArkIT ~]# yum install samba*
Dependencies Resolved
===============================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================
Installing:
samba x86_64 4.1.12-21.el7_1 arkit 555 k
samba-client x86_64 4.1.12-21.el7_1 arkit 515 k
samba-python x86_64 4.1.12-21.el7_1 arkit 1.9 M
samba-winbind x86_64 4.1.12-21.el7_1 arkit 438 k
samba-winbind-clients x86_64 4.1.12-21.el7_1 arkit 120 k
samba-winbind-modules x86_64 4.1.12-21.el7_1 arkit 100 k
Installing for dependencies:
iniparser x86_64 3.1-5.el7 arkit 14 k
pyldb x86_64 1.1.17-2.el7 arkit 36 k
python-tdb x86_64 1.3.0-1.el7 arkit 15 k
python-tevent x86_64 0.9.21-3.el7 arkit 16 k
Transaction Summary
===============================================================================================================================
Install 6 Packages (+4 Dependent packages)

Enabling and Starting SMB services

To Enable the SMB and its dependant service NMB, we have to use below command
[root@desktop ~]# systemctl enable smb
ln -s '/usr/lib/systemd/system/smb.service' '/etc/systemd/system/multi-user.target.wants/smb.service'
[root@desktop ~]# systemctl enable nmb
ln -s '/usr/lib/systemd/system/nmb.service' '/etc/systemd/system/multi-user.target.wants/nmb.service'
Starting SMB and NMB services, use below mentioned commands to start required services
[root@desktop ~]# systemctl start nmb
[root@desktop ~]# systemctl start smb
[root@desktop ~]# systemctl status smb
smb.service - Samba SMB Daemon
Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled)
Active: active (running) since Thu 2016-05-19 23:13:06 IST; 6s ago
Main PID: 3721 (smbd)

Create Directory and apply SELinux Policy

If your SELinux is in enforcing mode then in RHEL 7 SELinux will allow any content to be access from other servers / clients. We have to apply SELinux context or keep SELinux in disabled / permissive mode.
before applying SELinux context
[root@desktop ~]# ls -ldZ /arkit_share
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /arkit_share
After Applied SELinux context
[root@desktop ~]# mkdir /arkit_share
[root@desktop ~]# semanage fcontext -a -t samba_share_t "/arkit_share(/.*)?"
[root@desktop ~]# restorecon -vRF /arkit_share
restorecon reset /arkit_share context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
[root@desktop ~]# ls -ldZ /arkit_share
drwxr-xr-x. root root system_u:object_r:samba_share_t:s0 /arkit_share
As shown above when you applied an SELinux context to particular directory you can see using ls -ldZcommand. Change directory permissions for user
[root@desktop ~]# ls -ld /arkit_share/
drwxr-xr-x. 2 root root 6 May 19 23:18 /arkit_share/
[root@desktop ~]# chown arkit:root /arkit_share/
[root@desktop ~]# ls -ld /arkit_share/
drwxr-xr-x. 2 arkit root 6 May 19 23:18 /arkit_share/

Create users and convert them as Samba Users

[root@desktop ~]# useradd arkit -s /sbin/noshell
[root@desktop ~]# smbpasswd -a arkit
New SMB password:
Retype new SMB password:
Added user arkit.
Create an normal user with restricted shell access then convert the same user as samba user. Below is the command to verify samba user is correctly created or Not
[root@desktop ~]# pdbedit -L -v
---------------
Unix username: arkit
NT username:
Account Flags: [U ]
User SID: S-1-5-21-515224089-2640601760-3815168181-1000
Primary Group SID: S-1-5-21-515224089-2640601760-3815168181-513
Full Name:
Home Directory: \\desktop\arkit
HomeDir Drive:
Logon Script:
Profile Path: \\desktop\arkit\profile
Domain: DESKTOP
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 20:36:39 IST
Kickoff time: Wed, 06 Feb 2036 20:36:39 IST
Password last set: Thu, 19 May 2016 23:25:04 IST
Password can change: Thu, 19 May 2016 23:25:04 IST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Configuring samba / CIFS shares

Edit the configuration file to share directory using SMB / SAMBA server. /etc/samba/smb.conf
[root@desktop ~]# vim /etc/samba/smb.conf
[CIFS_Share]
comment = CIFS share for windows clients
path = /arkit_share
browseable = yes
valid users = arkit
writable = yes
Save the file and Exit
[CIFS_Share] – Share Name
Path – Directory path which directory you would like to share
Valid Users – User Name which user we are providing the access
writable – Providing Write permissions to share ( this permission will be over written by Actual Directory permissions)

Enabling Firewall to access from Client

[root@desktop ~]# firewall-cmd --permanent --add-service=samba
success
[root@desktop ~]# firewall-cmd --reload
success
Restart the Samba service to reflect changes
[root@desktop ~]# systemctl restart smb.service
[root@desktop ~]# systemctl restart nmb.service
[root@desktop ~]# systemctl status smb.service
smb.service - Samba SMB Daemon
Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled)
Active: active (running) since Thu 2016-05-19 23:42:28 IST; 17s ago
Main PID: 4612 (smbd)

Accessing from Client Side SMB /CIFS Share

Install required packages to access SMB share from Linux client
[root@ArkIT ~]# yum install cifs-utils
Loaded plugins: langpacks
ARKIT.CO.IN | 4.1 kB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package cifs-utils.x86_64 0:6.2-7.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================================================
Package Arch Version Repository Size
===================================================================================================================
Installing:
cifs-utils x86_64 6.2-7.el7 ARKIT.CO.IN 84 k
Transaction Summary
===================================================================================================================
Install 1 Package
Total download size: 84 k
Installed size: 174 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : cifs-utils-6.2-7.el7.x86_64 1/1
Verifying : cifs-utils-6.2-7.el7.x86_64 1/1
Installed:
cifs-utils.x86_64 0:6.2-7.el7
Complete!
Create directory for mount point
# mkdir /cifs
[root@ArkIT ~]# mount -t cifs -o username=arkit //192.168.4.21/CIFS_Share /cifs/
Password for arkit@//192.168.4.21/CIFS_Share: ******
That’s it about simple way to create and manage samba shares in RHEL 7. We will in next article how to auto mount CIFS /SMB share and adding entry into /etc/fstab file. Simp
Posted by at No comments:
Subscribe to: Posts (Atom)