The Samba project makes it possible to share directories and even printers across a network. Technically speaking, Samba is a suite of tools, created in 1992, to provide file and print services for clients that use the SMB/CIFS protocol. For any business that needs to give users and even teams access to shared resources on a Linux server, Samba is the way to go. And although the GUI tools available for the configuration of Samba are limited, the command line tools are always there to get you up and running.
In this blog post, we’ll show you how easy it is to share a directory across your Local Area Network (LAN) with the help of Samba and Rocky Linux. This process should be considered a must-know for all Linux system administrators because, at some point, you're going to need to share a directory to users from a Linux server.
To share directories over your network with Samba, you'll need a running instance of Rocky Linux and a user with sudo privileges. That's it. Let's make this happen.
The first thing we must do is install Samba. Fortunately, the required software is all found in the default repositories, so the installation is simple. First, let's run an update with the command:
sudo dnf update
If anything requires upgrading, go ahead and OK that process. Should the kernel be upgraded in the process, you will need to reboot the server so the changes take effect.
Once the update is finished, install the three necessary Samba packages with the command:
sudo dnf install samba samba-common samba-client -y
That's it for the installation.
Create the new share
Let's say you want to create and share the folder /srv/samba/data. First, we'll create that directory with:
sudo mkdir -p /srv/samba/data
Next, we'll give the new directory the proper permissions with:
sudo chmod -R 755 /srv/samba/data
Now, we must change the ownership with the command:
sudo chown -R nobody:nobody /srv/samba/data
Change the SELinux context such that the share is accessible by the system with the command:
sudo chcon -t samba_share_t /srv/samba/data
Finally, open the firewall with the following two commands:
sudo firewall-cmd --add-service=samba --zone=public --permanent sudo firewall-cmd --reload
We can now create a brand new configuration file. Before we do that, let's rename the current file, so there's a backup should something go awry. Rename the current configuration file with:
sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
Create the new file with:
sudo nano /etc/samba/smb.conf
In that file, we'll create two blocks, one for the global and one for the new share. Those blocks look like this:
[global] workgroup = WORKGROUP server string = Samba Server %v netbios name = rocky linux 9 security = user map to guest = bad user dns proxy = no [DATA] path = /srv/samba/data browsable =yes writable = yes guest ok = yes read only = no
You can change WORKGROUP to whatever you like.
Save and close the file with the [Ctrl]+[X] keyboard shortcut. It's now time to start and enable Samba, which can be done with a single command:
sudo systemctl enable --now smb
You can verify Samba is running with the command:
systemctl status smb
You should see a line like this in the output:
Active: active (running) since Wed 2023-02-01 19:17:16 EST; 5s ago
Accessing your share
How you access your Samba share will depend on the client operating system used. For example, a macOS client can access the share via Finder from Go > Connect To Server. In the address field, you'll type something like:
Of course, you'd exchange the IP address of your Samba host server for the one included in the string above.
For a Windows client, you'd open the run dialog by pressing [Windows Key]+[R] and then type \\192.168.1.62 (making sure to use the IP address of your hosting server).
The user conundrum
When prompted for the login credentials, whoever is attempting to access the share must have an account on the Samba server. But it's not quite that simple. Say you have user olivia created on the Samba server and someone attempts to access the share with the credentials for the olivia user. They will very quickly find out that the share isn't accessible, even with a valid user account. Why? Because Samba isn't aware of the user.
To make Samba aware of the user, you must create a Samba password for the user. This is done with two commands, one to add and one to enable. First, we run the add command like so:
sudo smbpasswd -a olivia
You'll be prompted to type and verify a new Samba password for the user. Next, you must enable the user for Samba with:
sudo smbpasswd -e olivia
Now, when your user attempts to access the share, they'll be allowed. You must add and enable every user that needs access to the share.
Congratulations! You've created your first Samba share on Rocky Linux. Next time around, we'll talk about sharing directories to groups for even easier authentication. After that, we'll create a print server with Rocky Linux and Samba.