This guide is one section of a larger guide to installing a cent 6.x server in virtual box for development purposes with different applications. The top level guide with links to all of the sections is here: https://gist.github.com/ryanguill/5149058 Some instructions in this guide may assume a configuration from other parts of the guide.
#Set up Samba
Following instructions from
http://www.howtoforge.com/centos-6.3-samba-standalone-server-with-tdbsam-backend
http://wiki.centos.org/HowTos/SetUpSamba
We want to share out the root of /data
First thing, disable SELinux, according to these instructions (http://www.howtoforge.com/perfect-server-centos-6.3-x86_64-apache2-dovecot-ispconfig-3-p3) see Item 6
Note: you may not want to do this on a production box! but for a development machine, it just makes things easier.
Make sure you are root, if not
# su -
Then edit the selinux config
# vi /etc/selinux/config
change SELINUX=enforcing to SELINUX=disabled
hit escape then :x to save
Note: you must reboot the machine when changing from enabled to disabled or vice versa before it will take effect.
You can use this command to check the status of selinux:
# sestatus
Use this setting from here: http://www.it-digest.info/2012/11/19/samba-start-restart-error-smbd_open_once_socket-open_socket_in-address-already-in-use/ this will keep you from having problems in a few minutes (smbd_open_once_socket: open_socket_in: Address already in use)
# sysctl net.ipv6.bindv6only=1
If you still have problems, you can try this
# echo " " >> /etc/sysctl.conf
# echo " # Disable IPv6 Globally" >> /etc/sysctl.conf
# echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
# sysctl -p
Install Samba
# yum install cups-libs samba samba-common
Add firewall holes
# vi /etc/sysconfig/iptables
Add the following lines before the first line that says REJECT - CHANGE THE IPADDRESS MASK as necessary for your network Use this calculator if you need to http://www.skullbox.net/subnetcalculator.php, its called CIDR notation. 192.168.0.0/24 will allow all ip addresses that match 192.168.0.x -- 0.0.0.0/0 will match all ip addresses.
Also useful: http://wiki.samat.org/CheatSheet/IPv4CIDRNotation
-A INPUT -s 192.168.0.0/24 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
restart iptables
# service iptables restart
Edit smb.conf
# vi /etc/samba/smb.conf
Ensure that you see the following:
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
security = user
passdb backend = tdbsam
Save and exit vi
Create the system startup links for Samba and start it
# chkconfig --levels 235 smb on
# service smb start
set up appropriate permissions on /data
# chown -R root:users /data
# chmod -R ug+rwx,o+rx-w /data
go back to edit smb.conf
# vi /etc/samba/smb.conf
add the following to the bottom of smb.conf - this will enable anyone to read and write to this directory
[data]
comment = data drive
path = /data
force group = users
create mask = 0660
directory mask = 0771
writable = yes
save and exit vi, escape, :x
restart samba
# service smb restart
Add the user "user" and "root" to the group "users"
# usermod -a -G users user
# usermod -a -G users root
set a samba user and password
# smbpasswd -a user
enter in the password for the user "user"
You must reboot the system to apply the changes
# reboot
validate selinux is disabled
# sestatus
Now you should be able to hit the IP address as \192.168.0.x\ and see a folder for data that anyone can write to, and a user folder that should require you to log in. It may take a while to connect the first time.
If not, first reboot, then if it still doesn't work, check for errors in the samba log file for hints
# cd /var/log/samba/
# tail -n 50 log.smbd
If there is nothing in the logs, check your iptables restrictions. If you think it may be your iptables not being right, you can turn off iptables using service iptables stop - if it works then, you have something wrong there.