How to Install and Configure Samba File Sharing on Rocky Linux/Alma Linux 8

Samba is a suite of open source applications that implements the Server Message Block (SMB) protocol. Many operating systems, including Microsoft Windows, use the SMB protocol for client-server networking. Samba enables Linux / Unix machines to communicate with Windows machines in a network. Samba provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member.

Sharing files is an essential part of server administration. It allows sharing of resources across the network which are needed by users to carry out their tasks. Samba server is usually installed on central Linux server where information is stored in variety of media and accessed using windows client or Linux using Samba client.

In this article, we will be learning how to install and configure samba file sharing on Rocky Linux 8. This guide also works on other RHEL 8 based distributions like Alma Linux 8 and Oracle Linux 8.

Rocky Linux 8 will be configured as the Samba server then we can access the files with either Windows or Linux clients.

Related content

Ensuring that the server is up to date

Before proceeding, let us ensure that our server is up to date and all the packages are the latest version. Use these commands to achieve this:

1
sudo dnf -y update

If there are packages to upgrade, the above command may take a couple of minutes.

Install Samba packages

The samba packages are available in the default Rocky Linux repos. Install them with this command:

1
sudo dnf install samba samba-common samba-client

When prompted to confirm the installation process, type y then enter to proceed.

Confirm the installed software package with this command:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
$ rpm -qi samba
Name        : samba
Epoch       : 0
Version     : 4.14.5
Release     : 7.el8_5
Architecture: x86_64
Install Date: Sat Jan 15 08:12:25 2022
Group       : Unspecified
Size        : 2653757
License     : GPLv3+ and LGPLv3+
Signature   : RSA/SHA256, Mon Dec 13 17:12:06 2021, Key ID 15af5dac6d745a60
Source RPM  : samba-4.14.5-7.el8_5.src.rpm
Build Date  : Mon Dec 13 16:51:31 2021
Build Host  : ord1-prod-x86build005.svc.aws.rockylinux.org
Relocations : (not relocatable)
Packager    : infrastructure@rockylinux.org
Vendor      : Rocky
URL         : https://www.samba.org
Summary     : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.

Configuring Samba shares

The samba configuration file is located in this path /etc/samba/smb.conf. Before doing any modification, let us create a backup of it so if we mess we have a copy. Use this command in the terminal to create a backup file:

1
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bk

Next, let us create a directory to be shared.

1
sudo mkdir -p /home/sambashare

Let us update the directory permissions so it can be accessible. White at it, we will also update SELinux permissions:

1
2
3
sudo chmod -R 755 /home/sambashare
sudo chown -R nobody:nobody /home/sambashare
sudo chcon -t samba_share_t /home/sambashare

Let us now edit the samba config to define the export for the directory we created.

Open the config file:

1
sudo vim /etc/samba/smb.conf

Update the configuration in the file to reflect the following:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = Citizix SmbSvr
security = user
map to guest = bad user
dns proxy = no

[Public]
path = /home/sambashare
browsable =yes
writable = yes
guest ok = yes
read only = no

Save and close the file.

Verify the configuration using this command:

1
sudo testparm

You should see something similar to this if all is well.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
$ sudo testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed

Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
...

Enable Samba service through Firewall

If you have firewalld installed and enabled, you need to enable the samba service through firewall. Use this command to achieve that:

1
2
sudo firewall-cmd --add-service=samba --zone=public --permanent
sudo firewall-cmd --reload

Start and enable the Samba service

The service will not be started by default. Start the service using this command:

1
sudo systemctl start smb

Confirm the service status using this:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
$ sudo systemctl status smb
● smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2022-01-15 08:43:41 UTC; 25s ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 62502 (smbd)
   Status: "smbd: ready to serve connections..."
    Tasks: 4 (limit: 23176)
   Memory: 8.7M
   CGroup: /system.slice/smb.service
           ├─62502 /usr/sbin/smbd --foreground --no-process-group
           ├─62504 /usr/sbin/smbd --foreground --no-process-group
           ├─62505 /usr/sbin/smbd --foreground --no-process-group
           └─62506 /usr/sbin/smbd --foreground --no-process-group

Jan 15 08:43:41 dev-rockysrv1.inv.re systemd[1]: Starting Samba SMB Daemon...
Jan 15 08:43:41 dev-rockysrv1.inv.re smbd[62502]: [2022/01/15 08:43:41.212309,  0] ../../lib/util/become_daemon.c:136(daemon_ready)
Jan 15 08:43:41 dev-rockysrv1.inv.re systemd[1]: Started Samba SMB Daemon.
Jan 15 08:43:41 dev-rockysrv1.inv.re smbd[62502]:   daemon_ready: daemon 'smbd' finished starting up and ready to serve connections

The above output shows that the service has been started successfully. To enable the service on boot, use this command:

1
sudo systemctl enable smb

Access the Samba shares with Linux client

To access the file system from a linux client, we need to have the Samba client software installed.

On a rocky Linux, install the software using this command:

1
sudo dnf install -y samba-client

To access the share, this is the format:

1
smbclient //server-IP/Public

In our client:

1
2
3
4
5
6
7
8
9
$ smbclient //10.70.5.170/Public
Enter SAMBA\rocky's password:
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Sat Jan 15 08:34:22 2022
  ..                                  D        0  Sat Jan 15 08:34:22 2022

		52417516 blocks of size 1024. 48494420 blocks available
smb: \>

Since we have no password set, just press enter when prompted.

Access Samba shares with Windows Client

In Windows Launch run dialogue in windows by pressing Windows Key + R.

Enter hostname or IP-Address of the server then press** Enter** Key.

1
2
3
\\hostname
      or
\\server-IP-address

In my case

1
\\35.180.123.111

This will open the shares. You can add a file or directory either from samba server or windows client machine to the repository.

Secure Samba share Configuration

Samba allows public access without verification and also private share where one has to be authenticated to access shared resources. In this section, we are going to configure a private directory to shared with samba and accessed using username and password.

Let’s create a Samba user group in our server.

1
sudo groupadd sambagrp

Create a new user and add it to samba group you just created.

1
sudo useradd -g sambagrp sambausr

Create a secure folder then grant it relative permissions and ownership .

1
2
3
4
sudo mkdir -p /home/sambaprivateshare
sudo chmod -R 770 /home/sambaprivateshare
sudo chcon -t samba_share_t /home/sambaprivateshare
sudo chown -R root:sambagrp /home/sambaprivateshare

Create password for Samba user we just created that will be used for authentication when accessing the directory.

1
sudo smbpasswd -a sambausr

Type and retype the password:

1
2
3
4
$ sudo smbpasswd -a sambausr
New SMB password:
Retype new SMB password:
Added user sambausr.

Edit samba configuration file to add secure share configurations.

1
sudo vim /etc/samba/smb.conf

Add lines below the command and edit to match your configurations.

1
2
3
4
5
6
[Private]
    path = /home/sambaprivateshare
    valid users = @private
    guest ok = no
    writable = yes
    browsable = yes

Restart or reload samba services to apply configurations

1
sudo systemctl restart smb

Accessing Samba Secure files using Windows Systems

Press** Windows Key** + R, enter the server hostname or IP address to access the shared folders.

When you open a private folder will prompt for username and password to grant access right to the files.

Access Samba Secure Directory with Linux

To access secure folder, You need to provide a user to the command using this format:

1
smbclient //server-IP/Private -U user

Enter Samba user password when prompted.

1
2
3
4
5
6
7
8
9
$ smbclient //10.70.5.170/Private -U sambausr
Enter SAMBA\sambausr's password:
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Sat Jan 15 09:02:33 2022
  ..                                  D        0  Sat Jan 15 09:02:33 2022

		52417516 blocks of size 1024. 48489312 blocks available
smb: \>

That is it! We have managed to install and set up Samba for Anonymous and Secure file sharing between our Rocky Linux OS and other Linux or Desktop Windows clients.

Last updated on Oct 14, 2024 11:46 +0300
comments powered by Disqus
Citizix Ltd
Built with Hugo
Theme Stack designed by Jimmy