Configuration of a Samba share on Fedora CoreOS based systems to allow public and browseable shares
Configuring samba on a Fedora CoreOS based system like Fedora Kinoite or Fedora Silverblue is not so different from
the traditional, non-atomic, OS configurations, including Fedora Workstation.
The main package to install is samba
, that you can achieve with the following command:
# rpm-ostree install samba
# systemctl enable smb nmb --now
If you are using CoreOS-native layering, you might want to add this package and enable the unit in your Containerfile
.
Setting the user samaba password⌗
The first thing to do is to set the password for the user samba
:
# smbpasswd -a <sambauser>
Configuration of /etc/samba/smb.conf⌗
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
#
# Note:
# SMB1 is disabled by default. This means clients without support for SMB2 or
# SMB3 are no longer able to connect to smbd (by default).
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
map to guest = Bad User
hosts allow = 192.168.1.0/24
idmap config * : backend = tdb
# Install samba-usershares package for support
include = /etc/samba/usershares.conf
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
## Below is the public share configuration, browseable, readable, but writable only by the user aleskandro
[share]
comment = Public
path = /var/home/aleskandro/Public
writeable = yes
browseable = yes
public = yes
create mask = 0644
directory mask = 0755
write list = aleskandro
SELinux⌗
1. Change the File Context⌗
If the files being shared are in a user’s home directory, update the SELinux context to samba_share_t
, which is appropriate for files shared by Samba.
sudo chcon -R -t samba_share_t /path/to/shared_directory
For a persistent change, use:
sudo semanage fcontext -a -t samba_share_t "/path/to/shared_directory(/.*)?"
sudo restorecon -R /path/to/shared_directory
2. Enable Samba to Access Home Directories⌗
If you intend to share files directly from user home directories, you can enable the samba_enable_home_dirs
SELinux boolean to allow access:
sudo setsebool -P samba_enable_home_dirs on
3. Verify the Configuration and Test⌗
After making these changes, restart Samba to apply any configuration updates:
sudo systemctl restart smb nmb