Fedora 18 Samba Standalone Server With tdbsam Backend
Author: Falko Timme
Follow me on Twitter
This tutorial explains the installation of a Samba fileserver on Fedora 18 and how to configure it to share files over the SMB protocol as well as how to add users. Samba is configured as a standalone server, not as a domain controller. In the resulting setup, every user has his own home directory accessible via the SMB protocol and all users have a shared directory with read-/write access.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using a Fedora 18 system here with the hostname server1.example.com and the IP address 192.168.0.100.
Please make sure that SELinux is disabled:
Edit /etc/selinux/config and set SELINUX=disabled:
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
Afterwards we must reboot the system:
2 Installing Samba
Connect to your server on the shell and install the Samba packages:
yum install cups-libs samba samba-common samba-client
Edit the smb.conf file:
Make sure you see the following lines in the [global] section:
[...] # ----------------------- Standalone Server Options ------------------------ # # security = the mode Samba runs in. This can be set to user, share # (deprecated), or server (deprecated). # # passdb backend = the backend used to store user information in. New # installations should use either tdbsam or ldapsam. No additional configuration # is required for tdbsam. The "smbpasswd" utility is available for backwards # compatibility. # security = user passdb backend = tdbsam [...]
This enables Linux system users to log in to the Samba server.
Then create the system startup links for Samba and start it:
systemctl enable smb.service
systemctl start smb.service
3 Adding Samba Shares
Now I will add a share that is accessible by all users.
Create the directory for sharing the files and change the group to the users group:
mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/
At the end of the file /etc/samba/smb.conf add the following lines:
[...] [allusers] comment = All Users path = /home/shares/allusers valid users = @users force group = users create mask = 0660 directory mask = 0771 writable = yes
If you want all users to be able to read and write to their home directories via Samba, add the following lines to /etc/samba/smb.conf (make sure you comment out or remove the other [homes] section in the smb.conf file!):
[...] [homes] comment = Home Directories browseable = no valid users = %S writable = yes create mask = 0700 directory mask = 0700
Now we restart Samba:
systemctl restart smb.service
4 Adding And Managing Users
In this example, I will add a user named tom. You can add as many users as you need in the same way, just replace the username tom with the desired username in the commands.
useradd tom -m -G users
Set a password for tom in the Linux system user database. If the user tom should not be able to log into the Linux system, skip this step.
-> Enter the password for the new user.
Now add the user to the Samba user database:
smbpasswd -a tom
-> Enter the password for the new user.
Now you should be able to log in from your Windows workstation with the file explorer (address is \\192.168.0.100 or \\192.168.0.100\tom for tom's home directory) using the username tom and the chosen password and store files on the Linux server either in tom's home directory or in the public shared directory.