How to setup Samba on Fedora 28 as a public share



  • I had to do this recently and, as usual, I though you all might want to have a guide.

    Start with Fedora 28 Minimal and then make sure it is up to date

    sudo dnf upgrade -y --refresh
    

    Now install everything you will need.

    Note: I am installing cockpit in order to use it to setup the storage, because I don't fstab unless I have to. Same for nano, because vi.

    sudo dnf install cockpit cockpit-storaged nano samba policycoreutils-python-utils -y
    

    Open the firewall for use of cockpit and samba

    sudo firewall-cmd --add-service=cockpit --permanent
    sudo firewall-cmd --add-service=samba --permanent
    sudo firewall-cmd --reload
    

    Set cockpit set to start on reboot, and start now

    sudo systemctl enable --now cockpit.socket
    

    Create the mount point

    This examples uses /data from here on.

    sudo mkdir /data
    

    Setup your storage

    Log into cockpit and setup your storage disks or setup your storage disks manually in /etc/fstab. Then reboot to make sure it all comes back right on reboot

    sudo reboot
    

    Tell SELinux that this is a samba share

    sudo semanage fcontext -a -t samba_share_t "/data(/.*)?"
    sudo restorecon -Rv /data/
    

    Create the folders to be shared, only public in this example

    sudo mkdir -p /data/shares/public
    

    Make a copy of the original smb.conf

    sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.orig
    

    Edit the smb.conf as needed

    sudo nano /etc/samba/smb.conf
    

    For this example, I have this in the smb.conf file.

    [global]
            workgroup = WORKGROUP
            security = user
            map to guest = bad user
            min protocol = SMB2
            passdb backend = tdbsam
    
    [Public]
            comment = Public Read / Write
            path = /data/shares/public
            public = yes
            browseable = yes
            writeable = yes
            read only = no
            force user = pubshare
            guest ok = yes
            guest only = yes
    

    Create the user, in Fedora, that samba will use for the folder

    sudo useradd pubshare -s /usr/sbin/nologin 
    

    Create the user in samba

    Note: Just hit enter twice to set a blank password, or set a real password. It will not affect the operation of the share.

    sudo smbpasswd -a pubshare
    

    Change the owner of the share to the user just created

    sudo chown pubshare /data/shares/public/
    

    Restart Samba and connect to your share from another system.

    sudo systemctl restart smb
    


  • I am intentionally not dealing with password protected share because that gets into a lot of choices.

    Such as local privileges, or tie to AD, or tie to some other auth, etc.



  • Thanks a lot!



  • Nice write up, thanks!