Bootstrap FreeKB - Samba (File Server) - Connect to a Samba share on Linux or Windows
Samba (File Server) - Connect to a Samba share on Linux or Windows

Updated:   |  Samba (File Server) articles

Use apt-get on a Debian distribution (Debian, Ubuntu, Mint) or dnf or yum on a Red Hat distribution (CentOS, Fedora, Red Hat) to install the Samba and CIFS Utilities packages.

dnf install samba cifs-utils

 

Firewall

Allow Samba in iptables or firewalld. Do not forget to restart iptables or reload firewalld.

firewall-cmd --add-port=137/udp --permanent
firewall-cmd --add-port=138/udp --permanent
firewall-cmd --add-port=139/tcp --permanent
firewall-cmd --add-port=445/tcp --permanent
firewall-cmd --reload

 

If the share is running on Amazon Web Services (AWS), you may need to add inbound rules to the Security Group to allow UDP ports 137 and 138 and TCP ports 139 and 587.

 

 

Configuration

By default, Samba is not configured to share a network drive. Attempting to connect to the share will produce an error.

 

Add the following to your /etc/samba/smb.conf file. In this example, the tdbsam (trivial database sam) backend is being used. If a CUPS print server is not being used, the printing directives prevent a massive number of records in the log with this message: failed to retrieve printer list nt_status_unsuccessful

[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = bsd
printcap name = /dev/null

[share]
path = /usr/local/share
browsable = yes
public = yes
writeable = yes

 

If you were not to have writeable = yes, an error would appear when attemtping to create a new file or modify an existing file.

 

Notice in the above example, path is /usr/local/share. If this directory does not exist, create it.

mkdir --parents /usr/local/share

 

Change the permission to read, write, execute for all users to the share.

chmod 0777 /usr/local/share

 

Set the owner and group to nobody.

chown nobody.nobody /usr/local/share

 

Add a file.

touch /usr/local/share/foo.txt

 

The ps command can be used to determine if your system is using init or systemd. If PID 1 is init, then you will use the service command. If PID 1 is systemd, then you will use the systemctl command.

If your system is using systemd, use the systemctl command to start and enable smb.

systemctl enable smb
systemctl start smb
systemctl status smb

 

If your system is using init, use the chkconfig and service commands to start and enable smb.

chkconfig smb on
service smb start
service smb status

 

SELinux

SELinux may be configured to refuse Samba connections. Use the sestatus command to determine if SELinux is enforcing.

~]# sestatus
. . .
Current mode: enforcing

 

In this example, the SELinux type of the /usr/local/share directory is var_t.

~]# ls -dZ /srv/samba/share
drwxrwxrwx.  root  root  unconfined_u:object_r:var_t:s0  /srv/samba/share

 

Turn on Samba home directories and export read/write.

setsebool -P samba_enable_home_dirs on
setsebool -P samba_export_all_rw on

 

Ensure Samba home directories and export read/write are on.

~]# /usr/sbin/getsebool -a | grep samba_enable_home_dirs.
samba_enable_home_dirs --> on

~]# /usr/sbin/getsebool -a | grep samba_export_all_rw.
samba_export_all_rw --> on

 

Use apt-getdnf or yum to install the policycoreutils-python package. This package contains semanage.

dnf install policycoreutils-python

 

Use the semanage command to configure SELinux to remain intact if the system is rebooted.

semanage fcontext -a -t samba_share_t "/usr/local/share(./*)?"

 

Updates SELinux with these changes.

restorecon -R -v /usr/local/share

 

View the SELinux label of /usr/local/share. In this example, the output should now be samba_share_t instead of var_t.

~]# ls -dZ /usr/local/share
drwxrwxrwx.  root  root  unconfined_u:object_r:samba_share_t:s0  /usr/local/share

 

You can now mount the share (Linux) or map the network drive (Windows).

 

Noperm

If using a Linux client, such as Ubuntu, add the noperm option to the mount command. The noperm option disables permissions check. If noperm is not used, permission denied will likely appear when attempting to write or save files to the share.




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


November 21 2020 by oliver
Finally! I have been browsing the web for 2 days trying to find out how to set up a samba server without a password. None of the countless and often overly complicated supposed solutions I found on other blogs or forum discussions ultimately worked. So, thank you!

November 22 2020 by Jeremy (moderator)
Hey, thanks Oliver. It took a lot of trial and error and banging of head against wall to write this article.

Add a Comment


Please enter 231bc3 in the box below so that we can be sure you are a human.