initial smb instructions
All checks were successful
Podman DDNS Image / build-and-push-ddns (push) Successful in 1m10s
All checks were successful
Podman DDNS Image / build-and-push-ddns (push) Successful in 1m10s
This commit is contained in:
97
active/software_smb/smb.md
Normal file
97
active/software_smb/smb.md
Normal file
@@ -0,0 +1,97 @@
|
|||||||
|
# SMB
|
||||||
|
|
||||||
|
- [SMB](#smb)
|
||||||
|
- [Install SMB](#install-smb)
|
||||||
|
- [Create SMB User](#create-smb-user)
|
||||||
|
- [Create a SMB Share](#create-a-smb-share)
|
||||||
|
- [Create a SMB Share with Many Users](#create-a-smb-share-with-many-users)
|
||||||
|
|
||||||
|
## Install SMB
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo dnf install samba
|
||||||
|
sudo systemctl enable smb --now
|
||||||
|
firewall-cmd --get-active-zones
|
||||||
|
sudo firewall-cmd --permanent --zone=FedoraServer --add-service=samba
|
||||||
|
sudo firewall-cmd --reload
|
||||||
|
```
|
||||||
|
|
||||||
|
## Create SMB User
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo smbpasswd -a ducoterra
|
||||||
|
```
|
||||||
|
|
||||||
|
## Create a SMB Share
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Create share
|
||||||
|
mkdir /btrfs/pool0/smb/ducoterra
|
||||||
|
|
||||||
|
# Set proper selinux labels for samba
|
||||||
|
sudo semanage fcontext --add --type "samba_share_t" "/btrfs/pool0/smb/ducoterra(/.*)?"
|
||||||
|
|
||||||
|
# Run restorecon at the root of the btrfs subvolume
|
||||||
|
sudo restorecon -R /btrfs/pool0
|
||||||
|
```
|
||||||
|
|
||||||
|
Edit /etc/samba/smb.conf
|
||||||
|
|
||||||
|
```conf
|
||||||
|
[ducoterra]
|
||||||
|
comment = My Share
|
||||||
|
path = /btrfs/pool0/smb/ducoterra
|
||||||
|
writeable = yes
|
||||||
|
browseable = yes
|
||||||
|
public = no
|
||||||
|
create mask = 0644
|
||||||
|
directory mask = 0755
|
||||||
|
write list = user
|
||||||
|
```
|
||||||
|
|
||||||
|
Then restart SMB
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo systemctl restart smb
|
||||||
|
```
|
||||||
|
|
||||||
|
## Create a SMB Share with Many Users
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo groupadd myfamily
|
||||||
|
sudo useradd -G myfamily jack
|
||||||
|
sudo useradd -G myfamily maria
|
||||||
|
|
||||||
|
sudo smbpasswd -a jack
|
||||||
|
sudo smbpasswd -a maria
|
||||||
|
|
||||||
|
sudo mkdir /home/share
|
||||||
|
sudo chgrp myfamily /home/share
|
||||||
|
sudo chmod 770 /home/share
|
||||||
|
sudo semanage fcontext --add --type "samba_share_t" "/home/share(/.*)?"
|
||||||
|
sudo restorecon -R /home/share
|
||||||
|
```
|
||||||
|
|
||||||
|
```conf
|
||||||
|
[family]
|
||||||
|
comment = Family Share
|
||||||
|
path = /home/share
|
||||||
|
writeable = yes
|
||||||
|
browseable = yes
|
||||||
|
public = yes
|
||||||
|
valid users = @myfamily
|
||||||
|
create mask = 0660
|
||||||
|
directory mask = 0770
|
||||||
|
force group = +myfamily
|
||||||
|
```
|
||||||
|
|
||||||
|
- valid users: only users of the group family have access rights. The @ denotes a group name.
|
||||||
|
- force group = +myfamily: files and directories are created with this group, instead of the user group.
|
||||||
|
- create mask = 0660: files in the share are created with permissions to allow all group users to read and write files created by other users.
|
||||||
|
- directory mask = 0770: as before, but for directories.
|
||||||
|
|
||||||
|
Don't forget to restart smb
|
||||||
|
|
||||||
|
```bash
|
||||||
|
systemctl restart smb
|
||||||
|
```
|
||||||
Reference in New Issue
Block a user