Red Hat Summit Red Hat SummitApoyoConsolaDesarrolladoresIniciar una pruebaContacto

Este contenido no está disponible en el idioma seleccionado.

3.4. Configuration examples

The following examples provide real-world demonstrations of how SELinux complements the Samba server and how full function of the Samba server can be maintained.

3.4.1. Sharing directories you create
Copiar enlace

The following example creates a new directory, and shares that directory through Samba:
  1. Run the rpm -q samba samba-common samba-client command to confirm the samba, samba-common, and samba-client packages are installed. If any of these packages are not installed, install them by running the yum install package-name command as the root user.
  2. Run the mkdir /myshare command as the root user to create a new top-level directory to share files through Samba.
  3. Run the touch /myshare/file1 command as the root user to create an empty file. This file is used later to verify the Samba share mounted correctly.
  4. SELinux allows Samba to read and write to files labeled with the samba_share_t type, as long as /etc/samba/smb.conf and Linux permissions are set accordingly. Run the following command as the root user to add the label change to file-context configuration: 
    ~]# semanage fcontext -a -t samba_share_t "/myshare(/.*)?"
    Copy to Clipboard Toggle word wrap
  5. Run the restorecon -R -v /myshare command as the root user to apply the label changes: 
    ~]# restorecon -R -v /myshare
restorecon reset /myshare context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /myshare/file1 context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
    Copy to Clipboard Toggle word wrap
  6. Edit /etc/samba/smb.conf as the root user. Add the following to the bottom of this file to share the /myshare/ directory through Samba: 
    [myshare]
comment = My share
path = /myshare
public = yes
writable = no
    Copy to Clipboard Toggle word wrap
  7. A Samba account is required to mount a Samba file system. Run the smbpasswd -a username command as the root user to create a Samba account, where username is an existing Linux user. For example, smbpasswd -a testuser creates a Samba account for the Linux testuser user: 
    ~]# smbpasswd -a testuser
New SMB password: Enter a password
Retype new SMB password: Enter the same password again
Added user testuser.
    Copy to Clipboard Toggle word wrap
    Running smbpasswd -a username, where username is the user name of a Linux account that does not exist on the system, causes a Cannot locate Unix account for 'username'! error.
  8. Run the service smb start command as the root user to start the Samba service: 
    ~]# service smb start
Starting SMB services:                                     [  OK  ]
    Copy to Clipboard Toggle word wrap
  9. Run the smbclient -U username -L localhost command to list the available shares, where username is the Samba account added in step 7. When prompted for a password, enter the password assigned to the Samba account in step 7 (version numbers may differ): 
    ~]$ smbclient -U username -L localhost
Enter username's password:
Domain=[HOSTNAME] OS=[Unix] Server=[Samba 3.4.0-0.41.el6]

Sharename       Type      Comment
---------       ----      -------
myshare         Disk      My share
IPC$            IPC       IPC Service (Samba Server Version 3.4.0-0.41.el6)
username        Disk      Home Directories
Domain=[HOSTNAME] OS=[Unix] Server=[Samba 3.4.0-0.41.el6]

Server               Comment
---------            -------

Workgroup            Master
---------            -------
    Copy to Clipboard Toggle word wrap
  10. Run the mkdir /test/ command as the root user to create a new directory. This directory will be used to mount the myshare Samba share.
  11. Run the following command as the root user to mount the myshare Samba share to /test/, replacing username with the user name from step 7: 
    ~]# mount //localhost/myshare /test/ -o user=username
    Copy to Clipboard Toggle word wrap
    Enter the password for username, which was configured in step 7.
  12. Run the ls /test/ command to view the file1 file created in step 3: 
    ~]$ ls /test/
file1
    Copy to Clipboard Toggle word wrap
Volver arriba
Red Hat logoGithubredditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar. Explore nuestras recientes actualizaciones.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

Theme

© 2025 Red Hat