Samba is a suite of open source applications that implements the Server Message Block (SMB) protocol. Many operating systems, including Microsoft Windows, use the SMB protocol for client-server networking. Samba enables Linux / Unix machines to communicate with Windows machines in a network. Samba provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member.
Sharing files is an essential part of server administration. It allows sharing of resources across the network which are needed by users to carry out their tasks. Samba server is usually installed on central Linux server where information is stored in variety of media and accessed using windows client or Linux using Samba client.
In this article, we will be learning how to install and configure samba file sharing on Rocky Linux 8. This guide also works on other RHEL 8 based distributions like Alma Linux 8 and Oracle Linux 8.
Rocky Linux 8 will be configured as the Samba server then we can access the files with either Windows or Linux clients.
Table of Content
- Ensuring that the server is up to date
- Install samba Packages
- Configuring Samba shares
- Enable Samba service through firewall
- Start and enable the Samba service
- Access Samba shares with Linux Client
- Access Samba shares with Windows client
- Secure Samba share configuration
1. Ensuring that the server is up to date
Before proceeding, let us ensure that our server is up to date and all the packages are the latest version. Use these commands to achieve this:
sudo dnf -y update
If there are packages to upgrade, the above command may take a couple of minutes.
2. Install Samba packages
The samba packages are available in the default Rocky Linux repos. Install them with this command:
sudo dnf install samba samba-common samba-client
When prompted to confirm the installation process, type y then enter to proceed.
Confirm the installed software package with this command:
$ rpm -qi samba Name : samba Epoch : 0 Version : 4.14.5 Release : 7.el8_5 Architecture: x86_64 Install Date: Sat Jan 15 08:12:25 2022 Group : Unspecified Size : 2653757 License : GPLv3+ and LGPLv3+ Signature : RSA/SHA256, Mon Dec 13 17:12:06 2021, Key ID 15af5dac6d745a60 Source RPM : samba-4.14.5-7.el8_5.src.rpm Build Date : Mon Dec 13 16:51:31 2021 Build Host : ord1-prod-x86build005.svc.aws.rockylinux.org Relocations : (not relocatable) Packager : [email protected] Vendor : Rocky URL : https://www.samba.org Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix.
3. Configuring Samba shares
The samba configuration file is located in this path
/etc/samba/smb.conf. Before doing any modification, let us create a backup of it so if we mess we have a copy. Use this command in the terminal to create a backup file:
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bk
Next, let us create a directory to be shared.
sudo mkdir -p /home/sambashare
Let us update the directory permissions so it can be accessible. White at it, we will also update SELinux permissions:
sudo chmod -R 755 /home/sambashare sudo chown -R nobody:nobody /home/sambashare sudo chcon -t samba_share_t /home/sambashare
Let us now edit the samba config to define the export for the directory we created.
Open the config file:
sudo vim /etc/samba/smb.conf
Update the configuration in the file to reflect the following:
[global] workgroup = WORKGROUP server string = Samba Server %v netbios name = Citizix SmbSvr security = user map to guest = bad user dns proxy = no [Public] path = /home/sambashare browsable =yes writable = yes guest ok = yes read only = no
Save and close the file.
Verify the configuration using this command:
You should see something similar to this if all is well.
$ sudo testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. Weak crypto is allowed Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters ...
4. Enable Samba service through Firewall
If you have firewalld installed and enabled, you need to enable the samba service through firewall. Use this command to achieve that:
sudo firewall-cmd --add-service=samba --zone=public --permanent sudo firewall-cmd --reload
5. Start and enable the Samba service
The service will not be started by default. Start the service using this command:
sudo systemctl start smb
Confirm the service status using this:
$ sudo systemctl status smb ● smb.service - Samba SMB Daemon Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2022-01-15 08:43:41 UTC; 25s ago Docs: man:smbd(8) man:samba(7) man:smb.conf(5) Main PID: 62502 (smbd) Status: "smbd: ready to serve connections..." Tasks: 4 (limit: 23176) Memory: 8.7M CGroup: /system.slice/smb.service ├─62502 /usr/sbin/smbd --foreground --no-process-group ├─62504 /usr/sbin/smbd --foreground --no-process-group ├─62505 /usr/sbin/smbd --foreground --no-process-group └─62506 /usr/sbin/smbd --foreground --no-process-group Jan 15 08:43:41 dev-rockysrv1.inv.re systemd: Starting Samba SMB Daemon... Jan 15 08:43:41 dev-rockysrv1.inv.re smbd: [2022/01/15 08:43:41.212309, 0] ../../lib/util/become_daemon.c:136(daemon_ready) Jan 15 08:43:41 dev-rockysrv1.inv.re systemd: Started Samba SMB Daemon. Jan 15 08:43:41 dev-rockysrv1.inv.re smbd: daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
The above output shows that the service has been started successfully. To enable the service on boot, use this command:
sudo systemctl enable smb
6. Access the Samba shares with Linux client
To access the file system from a linux client, we need to have the Samba client software installed.
On a rocky Linux, install the software using this command:
sudo dnf install -y samba-client
To access the share, this is the format:
In our client:
$ smbclient //10.70.5.170/Public Enter SAMBA\rocky's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Sat Jan 15 08:34:22 2022 .. D 0 Sat Jan 15 08:34:22 2022 52417516 blocks of size 1024. 48494420 blocks available smb: \>
Since we have no password set, just press enter when prompted.
7. Access Samba shares with Windows Client
In Windows Launch run dialogue in windows by pressing Windows Key + R.
Enter hostname or IP-Address of the server then press Enter Key.
\\hostname or \\server-IP-address
In my case
This will open the shares. You can add a file or directory either from samba server or windows client machine to the repository.
8. Secure Samba share Configuration
Samba allows public access without verification and also private share where one has to be authenticated to access shared resources. In this section, we are going to configure a private directory to shared with samba and accessed using username and password.
Let’s create a Samba user group in our server.
sudo groupadd sambagrp
Create a new user and add it to samba group you just created.
sudo useradd -g sambagrp sambausr
Create a secure folder then grant it relative permissions and ownership .
sudo mkdir -p /home/sambaprivateshare sudo chmod -R 770 /home/sambaprivateshare sudo chcon -t samba_share_t /home/sambaprivateshare sudo chown -R root:sambagrp /home/sambaprivateshare
Create password for Samba user we just created that will be used for authentication when accessing the directory.
sudo smbpasswd -a sambausr
Type and retype the password:
$ sudo smbpasswd -a sambausr New SMB password: Retype new SMB password: Added user sambausr.
Edit samba configuration file to add secure share configurations.
sudo vim /etc/samba/smb.conf
Add lines below the command and edit to match your configurations.
[Private] path = /home/sambaprivateshare valid users = @private guest ok = no writable = yes browsable = yes
Restart or reload samba services to apply configurations
sudo systemctl restart smb
Accessing Samba Secure files using Windows Systems
Press Windows Key + R, enter the server hostname or IP address to access the shared folders.
When you open a private folder will prompt for username and password to grant access right to the files.
Access Samba Secure Directory with Linux
To access secure folder, You need to provide a user to the command using this format:
smbclient //server-IP/Private -U user
Enter Samba user password when prompted.
$ smbclient //10.70.5.170/Private -U sambausr Enter SAMBA\sambausr's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Sat Jan 15 09:02:33 2022 .. D 0 Sat Jan 15 09:02:33 2022 52417516 blocks of size 1024. 48489312 blocks available smb: \>
That is it! We have managed to install and set up Samba for Anonymous and Secure file sharing between our Rocky Linux OS and other Linux or Desktop Windows clients.