services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ba66c4771918dd715973604de1183cd3ecceaba6
homelab/active/software_smb/smb.md

124 lines
2.8 KiB
Markdown
Raw Blame History

# SMB
- [SMB](#smb)
- [Install SMB](#install-smb)
- [Create SMB User](#create-smb-user)
- [Create a SMB Share](#create-a-smb-share)
- [Create a SMB Share with Many Users](#create-a-smb-share-with-many-users)
- [Mount SMB Share at Boot](#mount-smb-share-at-boot)
## Install SMB
```bash
sudo dnf install samba
sudo systemctl enable smb --now
firewall-cmd --get-active-zones
sudo firewall-cmd --permanent --zone=FedoraServer --add-service=samba
sudo firewall-cmd --reload
```
## Create SMB User
```bash
# Add a linux user
sudo adduser --no-create-home --disabled-password --disabled-login sambauser
# Add the samba user with password
sudo smbpasswd -a sambauser
```
## Create a SMB Share
```bash
# Create share
mkdir /srv/smb/sambauser
# Set proper selinux labels for samba
sudo semanage fcontext --add --type "samba_share_t" "/srv/smb(/.*)?"
# Run restorecon at the root of the btrfs subvolume
sudo restorecon -R /srv
```
Edit /etc/samba/smb.conf
```conf
[smb_sambauser]
comment = My Share
path = /srv/smb/sambauser
writeable = yes
browseable = yes
public = no
create mask = 0644
directory mask = 0755
write list = user
```
Then restart SMB
```bash
sudo systemctl restart smb
```
## Create a SMB Share with Many Users
```bash
sudo groupadd myfamily
sudo useradd -G myfamily jack
sudo useradd -G myfamily maria
sudo smbpasswd -a jack
sudo smbpasswd -a maria
sudo mkdir /home/share
sudo chgrp myfamily /home/share
sudo chmod 770 /home/share
sudo semanage fcontext --add --type "samba_share_t" "/home/share(/.*)?"
sudo restorecon -R /home/share
```
```conf
[family]
comment = Family Share
path = /home/share
writeable = yes
browseable = yes
public = yes
valid users = @myfamily
create mask = 0660
directory mask = 0770
force group = +myfamily
```
- valid users: only users of the group family have access rights. The @ denotes a group name.
- force group = +myfamily: files and directories are created with this group, instead of the user group.
- create mask = 0660: files in the share are created with permissions to allow all group users to read and write files created by other users.
- directory mask = 0770: as before, but for directories.
Don't forget to restart smb
```bash
systemctl restart smb
```
## Mount SMB Share at Boot
Make sure your install cifs-utils: `dnf install cifs-utils`
Create a password file at `/etc/samba/credentials` with contents like
```text
username=USERNAME
password=PASSWORD
```
Then edit `/etc/fstab` to mount the share
```conf
# With login
//server_name/share_name /local_mount_point cifs _netdev,nofail,uid=1001,gid=1001,credentials=/etc/samba/credentials 0 0
# As guest
//server_name/share_name /local_mount_point cifs _netdev,nofail,guest 0 0
```
Reference in New Issue View Git Blame Copy Permalink