A CentOS7 Linux server was used to create Samba shares so that Windows clients of a home network may back up their stuff, resulting in one share with read write access. The ultimate goal was to create a Samba share that would act as if it were one of those off-the-shelf “solutions” like a Buffalo Linkstation, where no user password is required. Just map to the share and start backing up files.
yum install -y samba* mkdir /backup chmod 777 /backup # Not a perminant SELinux solution chcon -t samba_share_t /backup # Setup the firewall firewall-cmd --permanent --add-service=samba # Start and enable the services systemctl enable smb.service systemctl enable nmb.service systemctl restart smb.service systemctl restart nmb.service systemctl restart firewalld # Create a Samba user called nobody, one already exists for the OS smbpasswd -an nobody # Verify that nobody exists pdbedit -L -v nobody # Set or use to later fix permissions chown -R nobody:nobody /backup
After Samba is installed and assuming that your share is at path /backup, edit the /etc/samba/smb.conf file to look something like this.
[global] workgroup = HOME server string = Backup Server Version %v map to guest = Bad User log file = /var/log/samba/log.%m max log size = 50 idmap config * : backend = tdb hosts allow = 127., 192.168.1. [backup] comment = My backup path = /backup read only = No guest ok = Yes
A quick note about the workgroup. For this server to be seen in the Windows network neighborhood, the workgroup should be the same as the rest of the network.
Use the testparam command to verify your settings. It may produce an odd message like:
rlimit_max: rlimit_max (8192) below minimum Windows limit (16384)
Using the ulimit command will verify this.
To correct this, edit and append the following to the /etc/security/limits.conffile.
* - nofile 16385
For this to take effect, close your active session windows, or if your root, this can take effect immediately with the following command.
ulimit -n 16385
For those willing to use SELinux, here are the appropriate commands to make this a more perminant solution that will survive a relabel..
yum install -y policycoreutils* semanage fcontext -a -t samba_share_t '/nas(/.*)?' restorecon -RFvv /nas
Use ls -Z to verifiy that the settings had taken.
ls -Z /backup