BestHub
Sign in
Operations 7 min read

How to Install, Configure, and Secure Samba on Linux for File Sharing

This step‑by‑step guide shows how to install Samba on a Linux server, configure shared directories with proper permissions, set up client access, restrict mounts to specific users, persist mounts via /etc/fstab, and isolate departmental shares for secure file sharing.

Raymond Ops
Raymond Ops
Raymond Ops
How to Install, Configure, and Secure Samba on Linux for File Sharing

1. Install Samba

# yum install -y samba
# The TCP ports used by Samba are handled by the smbd service, which provides shared access to files and printers.
# The UDP ports are handled by the nmbd service, which resolves NetBIOS host names.
TCP  UDP
139  137
445  138

# Restart services
systemctl restart nmb
systemctl restart smb

# Verify services are listening
netstat -tunpl | grep smb
netstat -tunpl | grep nmb

2. Modify the configuration file

# cat /etc/samba/smb.conf
[cloud]
comment = cloud
path = /it
writeable = No
write list = admin11
hosts allow = 127. 192.168.12. 192.168.13.

# Create a user for the share
useradd admin11
smbpasswd -a admin11   # set password for admin11
pdbedit -L               # verify the user is in the Samba database
testparm                 # check configuration syntax

3. Client verification

# yum install -y samba-client.x86_64
# List available shares on the server
smbclient -L //192.168.5.100

# Install CIFS utilities for mounting
yum install -y cifs-utils

# Mount the share
mount -t cifs //192.168.5.100/cloud /mnt/cloud/ -o username=admin11

# Adjust server directory permissions for write access
chmod 777 /it

# Create a test file from the client
touch /mnt/cloud/1.txt

# Verify the file on the server
ls -l /it/1.txt

# Adjust file and directory creation masks in smb.conf
create mask = 0644   # permissions for new files
directory mask = 0775   # permissions for new directories

4. Restrict mounting to a single user

# Add valid users line to the share definition
valid users = admin11   # only admin11 may mount this share

# Attempt mounting with a different user (should fail)
mount -t cifs //192.168.5.100/cloud /mnt/cloud/ -o username=admin12
# Result: mount error(13): Permission denied

5. Persist the mount in /etc/fstab

# Create a credentials file
cat > /etc/samba/cred.txt <<EOF
username=admin11
password=123
EOF
chmod 400 /etc/samba/cred.txt

# Add an entry to /etc/fstab
//192.168.5.100/cloud /mnt/cloud cifs defaults,credentials=/etc/samba/cred.txt 0 0

# Mount all entries
mount -a

6. Isolate departmental shares

# Example smb.conf with two department shares
[cloud]
comment = cloud
path = /it
writeable = No
write list = admin11
create mask = 0644
browseable = No
directory mask = 0775
valid users = admin11

[hr]
comment = hr
path = /hr
writeable = No
write list = admin12
browseable = No
create mask = 0644
directory mask = 0775
valid users = admin12

Original article: https://www.cnblogs.com/cloudwangsa/p/18563734 (copyright belongs to the original author).

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

file sharingSambaCIFS
Raymond Ops
Written by

Raymond Ops

Linux ops automation, cloud-native, Kubernetes, SRE, DevOps, Python, Golang and related tech discussions.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment