Fedora 41
Sponsored Link

Samba : Limited Shared Folder2024/11/12

 

Install Samba to Configure File Server.

For example, Create a shared Folder that users in [smbgroup01] group can only access to shared folder [/home/share01] and also they are required user authentication.

[1] Install and Configure Samba.
[root@smb ~]#
dnf -y install samba
[root@smb ~]#
groupadd smbgroup01

[root@smb ~]#
mkdir /home/share01

[root@smb ~]#
chgrp smbgroup01 /home/share01

[root@smb ~]#
chmod 770 /home/share01

[root@smb ~]#
vi /etc/samba/smb.conf
[global]
        # line 11 : add (set charset)
        unix charset = UTF-8
        workgroup = SAMBA
        security = user
        # add (IP addresses you allow to access)
        hosts allow = 127. 10.0.0. 

.....
.....

# add to last line
# any Share name you like
[Share01]
        # require authentication
        security = user
        # specify shared directory
        path = /home/share01
        # allow writing
        writable = yes
        # not allow guest user (nobody)
        guest ok = no
        # allow only [smbgroup01] group
        valid users = @smbgroup01
        # set group for new files/directories to [smbgroup01]
        force group = smbgroup01
        # set permission [770] when file created
        force create mode = 770
        # set permission [770] when folder created
        force directory mode = 770
        # inherit permissions from parent folder
        inherit permissions = yes 

[root@smb ~]#
systemctl enable --now smb

# add Samba user

[root@smb ~]#
useradd fedora

[root@smb ~]#
smbpasswd -a fedora

New SMB password:    
# set password

Retype new SMB password:
Added user fedora.
[root@smb ~]#
usermod -aG smbgroup01 fedora

[2] If SELinux is enabled and also use [/home] like this example, Change SELinux policy.
[root@smb ~]#
setsebool -P samba_enable_home_dirs on

[root@smb ~]#
restorecon -R /home/share01

[3] If Firewalld is running, allow Samba service.
[root@smb ~]#
firewall-cmd --add-service=samba

success
[root@smb ~]#
firewall-cmd --runtime-to-permanent

success
Matched Content