Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- install samba:
- sudo apt-get install samba samba-common
- create directory to share:
- sudo mkdir /srv/share
- sudo chown nobody:nogroup /srv/share
- sudo chmod 777 /srv/share
- sudo mkdir /srv/public
- sudo chown nobody:nogroup /srv/public
- sudo chmod 777 /srv/public
- create new user and assigned to group users:
- sudo useradd linuxuser1 -m -G users
- set unix password:
- sudo passwd linuxuser1
- set samba user password:
- sudo smbpasswd -a linuxuser1
- edit samba config file /etc/samba/smb.conf:
- sudo vi /etc/samba/smb.conf
- [global] security = USER
- [homes]
- comment = Home Directories
- browseable = no
- valid users = %S
- writable = yes
- create mask = 0755
- directory mask = 0755
- [shared]
- comment = shared folder for all users group
- path = /srv/share
- browseable = yes
- writable = yes
- create mask = 0755
- directory mask = 0755
- valid users = @users
- [public]
- comment = public folder available to anyone without authentication but readonly
- path = /public/public
- browseable = yes
- guest ok = yes
- read only = yes
- restart service:
- sudo service smbd restart
- sudo service nmbd restart
- --------------------------------------------------------------------------------------------------------------------
- read only: This parameter controls whether an user has the ability to create or modify files within a share. This is default.
- guest ok: Uf this parameter is set to yes, the users will have access to the share without having to enter a password. This can pose security risk.
- writeable: Specifies users should have write access to the share.
- read list: This option accepts a list of usernames or a group as its value. Users will be given read-only access to the share.
- valid users: You can make a share available to specific users. Usernames or group names can be passed on as its value.
- invalid users: Users or groups listed will be denied access to this share.
- write list: create a list of users to give write access to the share.
- create mask: This option is set using an octal value when setting permissions for files.
- directory mask: Directories must have the execute bit for proper access. Default parameter is 0755.
- available: specifies that the file share is available to clients on the network.
- --------------------------------------------------------------------------------------------------------------------
- NOTE: if your samba server has a firewall then add the iptables rules below:
- #allow samba share
- /sbin/iptables -A INPUT -p udp -m udp -s 192.168.0.0/24 --dport 137 -j ACCEPT
- /sbin/iptables -A INPUT -p udp -m udp -s 192.168.0.0/24 --dport 138 -j ACCEPT
- /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/24 --dport 139 -j ACCEPT
- /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/24 --dport 445 -j ACCEPT
- NOTE: if your samba server is a NAT server then edit /etc/samba/smb.conf:
- interfaces = 192.168.0.0/24 127.0.0.0/8 eth1
- bind interfaces only = yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement