Friday, December 16, 2011

Setting up samba with Iptables and Selinux

  1. Install samba on the server
    • # yum install samba
  2. Create the group that all the samba users will be contained in, for example 'samba'
    • # groupadd samba
  3. Create samba users and add it to the above group, which is in this example is 'samba'. Below is the example to create a user named 'user1' and add it to group 'samba'. Set the password for user1
    • # useradd user1 -g samba
    • # passwd user1
  4. Create the directory to be shared. In this example, i will use /home/shared. Change the ownership to root and group ownership to the 'samba' group. Change permission so that only user and group can read write and execute
    • # mkdir /home/shared
    • # chown -R root.samba /home/shared
    • # chmod -R 775 /home/shared
    5.  Add the Port Numbers in the Ip tables
           [root@localhost ~]# iptables -I INPUT -p tcp -m tcp --dport 137 -j ACCEPT
           [root@localhost ~]# iptables -I INPUT -p tcp -m tcp --dport 138 -j ACCEPT
           [root@localhost ~]# iptables -I INPUT -p tcp -m tcp --dport 139 -j ACCEPT
           [root@localhost ~]# iptables -I INPUT -p tcp -m tcp --dport 445 -j ACCEPT
    6.  Save and Restart the Iptables
           [root@localhost ~]# service iptables save
           iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
           [root@localhost ~]# service iptables restart
    7. Add SELinux Settings
          # setsebool -P samba_export_all_rw on
    8.  Change the Setting in /etc/samba/smb.conf
         [Share]
         path = /var/share
         browseble = yes
         writable = yes
         valid users = nttf
      9.Add user/users to samba
        # smbpasswd -a user1
     10. Start smb service, restart if it has already been started
        [root@localhost ~]# service smb restart
        Shutting down SMB services:                                [  OK  ]
        Starting SMB services:                                     [  OK  ]
How to Open Samba Client in terminal
smbclient //<hostname>/<sharename> -U <username>
[root@localhost ~]# smbclient //192.168.0.212/share -U nttf
Enter nttf's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.4-68.el6]
smb: \> ls
  .                                   D        0  Fri Dec 16 14:00:21 2011
  ..                                  D        0  Fri Dec 16 12:00:26 2011

        53566 blocks of size 524288. 48561 blocks available
smb: \>
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)