|
Create a Limited Shared Folder
2014/08/19 |
|
Install Samba to configure File Server.
This example shows to create a shared Folder which requires user authentication.
|
|
| [1] | Configure Samba. |
|
[root@smb ~]#
[root@smb ~]# yum -y install samba4 samba4-client groupadd security [root@smb ~]# mkdir /home/security [root@smb ~]# chgrp security /home/security [root@smb ~]# chmod 770 /home/security
[root@smb ~]#
vi /etc/samba/smb.conf # near line 66: add follows unix charset = UTF-8
# line 87: change (Windows' default) workgroup = WORKGROUP
# line 93: uncomment and change IP address you allow hosts allow = 127. 10.0.0.
# add follows to the end [Security]
# any name you like path = /home/security writable = yes create mode = 0770 directory mode = 0770 guest ok = no # guest not allowed valid users = @security # allow only security group
[root@smb ~]#
/etc/rc.d/init.d/smb start [root@smb ~]# /etc/rc.d/init.d/nmb start [root@smb ~]# chkconfig smb on [root@smb ~]# chkconfig nmb on
# add a user for Samba [root@smb ~]# smbpasswd -a cent New SMB password: # set password Retype new SMB password: Added user cent. [root@smb ~]# usermod -G security cent |
| [2] | If IPTables is running, allow Samba ports. For "-I INPUT 5" section below, Replace it to your own environment. |
|
[root@smb ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m multiport --dports 139,445 -j ACCEPT [root@smb ~]# iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT |
| [3] | If SELinux is enabled, change SELinux context. |
|
[root@smb ~]# setsebool -P samba_enable_home_dirs on [root@smb ~]# restorecon -R /home/security |
| [4] | It's the way to access to the shared directory from Windows clients. This example is on Windows 10. Select [My Computer] - [Map Network Drive]. |
|
| [5] | Specify the shared folder's place in Folder section like example and Click 'Finish' button to enter. |
|
| [6] | Authentication is required. Input the one set in [1]. |
|
| [7] | Just accessed. |
|