SMB Flashcards
1
Q
Provide network shares to specific clients
A
Provide network shares to specific clients
1. Install the Samba package group: # yum groupinstall -y "CIFS file server"
- Create a new /etc/samba/smb.conf file and add the following lines (for a workgroup named MYGROUP, a server called MYSERVER, a local network with IP addresses in 192.168.1.0/24, a user named user01 and a share called shared):
workgroup = MYGROUP server string = Samba Server Version %v netbios name = MYSERVER interfaces = lo eth0 192.168.1.0/24 hosts allow = 127. 192.168.1. log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [shared] comment = Shared directory browseable = yes path = /shared valid users = user01 writable = yes Note: with “passdb backend = tdbsam“, passwords are stored in the /var/lib/samba/private/passdb.tdb file.
3. Check the syntax of the configuration file: # testparm
4. Create the shared directory: # mkdir /shared
5. Set up the correct SELinux type: # yum install -y setroubleshoot-server # semanage fcontext -a -t samba_share_t "/shared(/.*)?" # restorecon -r /shared
6. Add the following new rules to the firewall: # iptables -I INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT # iptables -I INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT # iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT # iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
7. Save the firewall configuration: # service iptables save
8. Activate Samba services at boot: # chkconfig smb on # chkconfig nmb on # chkconfig winbind on
9. Start Samba services: # service smb start # service nmb start # service winbind start
10. Create the samba user user01 with the password pass: # useradd -s /sbin/nologin user01 # smbpasswd -a user01
11. Check the configuration: # yum install -y samba-client # smbclient //localhost/shared -U user01%pass
2
Q
Provide network shares suitable for group collaboration
A
Provide network shares suitable for group collaboration
1. Install the Samba group package: # yum groupinstall -y "CIFS file server"
2. Create a new /etc/samba/smb.conf file and add the following lines (for a workgroup named MYGROUP, a server called MYSERVER, a local network with IP addresses in 192.168.1.0/24, a user named user01 and a share called shared): workgroup = MYGROUP server string = Samba Server Version %v netbios name = MYSERVER interfaces = lo eth0 192.168.1.0/24 hosts allow = 127. 192.168.1. log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [shared] comment = Shared directory browseable = no path = /shared valid users = @sharedgroup writable = yes
3. Check the syntax of the configuration file: # testparm
4. Create the shared directory: # mkdir /shared
5. Create a dedicated group: # groupadd -g 60000 sharedgroup
6. Assign this group to the new directory: # chgrp sharedgroup /shared
7. Define permissions: # chmod 2770 /shared
8. Set the correct SELinux type: # yum install -y setroubleshoot-server # semanage fcontext -a -t samba_share_t "/shared(/.*)?" # restorecon -R /shared
9. Add the following new rules to the firewall: # iptables -I INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT # iptables -I INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT # iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT # iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
10. Save the firewall configuration: # service iptables save
11. Activate the Samba services at boot: # chkconfig smb on # chkconfig nmb on # chkconfig winbind on
12. Start the Samba services: # service smb start # service nmb start # service winbind start
13. Create the user user01 with the password user01: # useradd user01 -s /sbin/nologin # smbpasswd -a user01
14. Add the new user into the shared group: # usermod -a -G sharedgroup user01
15. Test the connection from a client: # yum install -y cifs-utils # mount.cifs -o rw,username=user01,password=user01 //MYSERVER/shared /mnt
