How to setup Samba on Fedora 28 as a public share

  • I had to do this recently and, as usual, I though you all might want to have a guide.

    Start with Fedora 28 Minimal and then make sure it is up to date

    sudo dnf upgrade -y --refresh

    Now install everything you will need.

    Note: I am installing cockpit in order to use it to setup the storage, because I don't fstab unless I have to. Same for nano, because vi.

    sudo dnf install cockpit cockpit-storaged nano samba policycoreutils-python-utils -y

    Open the firewall for use of cockpit and samba

    sudo firewall-cmd --add-service=cockpit --permanent
    sudo firewall-cmd --add-service=samba --permanent
    sudo firewall-cmd --reload

    Set cockpit set to start on reboot, and start now

    sudo systemctl enable --now cockpit.socket

    Create the mount point

    This examples uses /data from here on.

    sudo mkdir /data

    Setup your storage

    Log into cockpit and setup your storage disks or setup your storage disks manually in /etc/fstab. Then reboot to make sure it all comes back right on reboot

    sudo reboot

    Tell SELinux that this is a samba share

    sudo semanage fcontext -a -t samba_share_t "/data(/.*)?"
    sudo restorecon -Rv /data/

    Create the folders to be shared, only public in this example

    sudo mkdir -p /data/shares/public

    Make a copy of the original smb.conf

    sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.orig

    Edit the smb.conf as needed

    sudo nano /etc/samba/smb.conf

    For this example, I have this in the smb.conf file.

            workgroup = WORKGROUP
            security = user
            map to guest = bad user
            min protocol = SMB2
            passdb backend = tdbsam
            comment = Public Read / Write
            path = /data/shares/public
            public = yes
            browseable = yes
            writeable = yes
            read only = no
            force user = pubshare
            guest ok = yes
            guest only = yes

    Create the user, in Fedora, that samba will use for the folder

    sudo useradd pubshare -s /usr/sbin/nologin 

    Create the user in samba

    Note: Just hit enter twice to set a blank password, or set a real password. It will not affect the operation of the share.

    sudo smbpasswd -a pubshare

    Change the owner of the share to the user just created

    sudo chown pubshare /data/shares/public/

    Restart Samba and connect to your share from another system.

    sudo systemctl restart smb

  • I am intentionally not dealing with password protected share because that gets into a lot of choices.

    Such as local privileges, or tie to AD, or tie to some other auth, etc.

  • Thanks a lot!

  • Nice write up, thanks!