Samba 4, simple directory sharing · uwot.eu
another meaningless subtitle

Samba 4, simple directory sharing

· by fabio · Read in about 3 min · (488 Words)
CentOS linux samba SELinux

With Samba being the clusterfuck it is, every time a new version is released you have to expect something to be messed up.
This time they added a bunch of new features like MS Active Directory support, too bad that now the simple directory sharing is broken/not working like it did before.
Something like 1 year ago I wrote a small guide about how to setup a Samba share on Centos 6 and I used the same smb.conf file on more than 10 machines without any problem since yesterday, when I tried it on my fresh installed Fedora 18 (which uses Samba 4.0.0). First of all, in the “Standalone Server Options” is reported that “security” options “share and server” are deprecated; too bad I just used “share” to save me the hassle of setting up a new user and stuff even if I would like the directory to be fully accessible by everyone without any restriction.
I tried it anyway with “security = share” but there was no way to make the folder accessible, when trying to access the Samba share I always got a popup in which I had to login.
So, at the end of the story, like it or not, I had to setup a new user, create a samba user and edit the “smb.conf” file.

Create a new samba user - “smbuser” in this example - and set a password.

smbpasswd -a smbuser

Leaving the password field blank will result in a fully accessible share like the one that was possible to setup with samba version 3.* using “security = share”.
If SELinux is installed, change the security context of the shared folder.

chcon -t samba_share_t /home/user/Public

In case the directory to share is placed somewhere else (e.g. /mnt/) use sealert command and follow the instructions.

sealert -a /var/log/audit/audit.log

Then, edit the smb.conf file as follow.

[global]
	workgroup = WORKGROUP
	security = user

	netbios name = hostname

	wins support = yes
	client lanman auth = yes

	security = user
	passdb backend = tdbsam

	#printing = cups
	#printcap name = cups
	#load printers = no
	#cups options = raw

[Public]
	path = /home/user/Public
	valid users = user
	writable  = yes
	browsable = yes
	read only = no
	guest ok = yes
	public = yes
	create mask = 0666
	directory mask = 0777

Restart samba service and voilĂ .
Everything else should be like it was before, chkconfig *** to set automatic service loading at system startup, service *** to manage services status.
Other usefull commands are: “smbclient -L 127.0.0.1” to print the share/s list and other usefull informations, while “smbclient //127.0.0.1/_sharename” can be used to check if the share is working without needing another machine.
In case SELinux is enabled and the folder to be shared is not the usual “~/Public” other than setting the proper context (chcon) is also required to issue the following command: “sudo setsebool -P samba_export_all_rw on” (parameter “-P” stands for permanent).