Configuring samba on a Fedora CoreOS based system like Fedora Kinoite or Fedora Silverblue is not so different from the traditional, non-atomic, OS configurations, including Fedora Workstation. The main package to install is samba, that you can achieve with the following command:

# rpm-ostree install samba
# systemctl enable smb nmb --now

If you are using CoreOS-native layering, you might want to add this package and enable the unit in your Containerfile.

Setting the user samaba password#

The first thing to do is to set the password for the user samba:

# smbpasswd -a <sambauser>

Configuration of /etc/samba/smb.conf#

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
#
# Note:
# SMB1 is disabled by default. This means clients without support for SMB2 or
# SMB3 are no longer able to connect to smbd (by default).

[global]
        workgroup = SAMBA
        security = user

        passdb backend = tdbsam

        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw

        map to guest = Bad User
        hosts allow = 192.168.1.0/24
        idmap config * : backend = tdb

        # Install samba-usershares package for support
        include = /etc/samba/usershares.conf

[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes

[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No

[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @printadmin root
        force group = @printadmin
        create mask = 0664
        directory mask = 0775

## Below is the public share configuration, browseable, readable, but writable only by the user aleskandro

[share]
    comment = Public
    path = /var/home/aleskandro/Public
    writeable = yes
    browseable = yes
    public = yes
    create mask = 0644
    directory mask = 0755
    write list = aleskandro

SELinux#

1. Change the File Context#

If the files being shared are in a user’s home directory, update the SELinux context to samba_share_t, which is appropriate for files shared by Samba.

sudo chcon -R -t samba_share_t /path/to/shared_directory

For a persistent change, use:

sudo semanage fcontext -a -t samba_share_t "/path/to/shared_directory(/.*)?"
sudo restorecon -R /path/to/shared_directory

2. Enable Samba to Access Home Directories#

If you intend to share files directly from user home directories, you can enable the samba_enable_home_dirs SELinux boolean to allow access:

sudo setsebool -P samba_enable_home_dirs on

3. Verify the Configuration and Test#

After making these changes, restart Samba to apply any configuration updates:

sudo systemctl restart smb nmb