Sanitarium by Zac Dreyer

How to install and configure a file server using CentOS 6.4, Samba and external drives

Posted by zac on Friday, August 2nd, 2013

I am going to assume a few things here, firstly that you have a functioning and network ready CentOS 6.4 server. Secondly that you have a basic understanding of Linux commands and the Linux file structure. If you do not have either you might want to reach that point before continuing with this tutorial.

Server Config

  • OS: CentOS 6.4 (minimal install)
  • IP Address: 192.168.137.250

Samba Server network information

  • 137/tcp
  • 137/udp
  • 138/tcp
  • 138/udp
  • 139/udp
  • 139/udp
  • 445/tcp
  • 445/udp

Samba Server daemon information

  • smbd, which provides the file and printer sharing services, and
  • nmbd, which provides the NetBIOS-to-IP-address name service. NetBIOS over TCP/IP requires some method for mapping NetBIOS computer names to the IP addresses of a TCP/IP network.

 

Lets start with configuring the user account. The aim here was to configure a single user mass storage facility where all storage could be accessed locally via standard Windows shares or remotely via SFTP. This tutorial is going to make way for multiple users via a workgroup / usergroup configuration but will only cover the creation and configuration of a single user. As 6.4 insists on using LVM I will be configuring the storage repository in the created user’s home directory. Lets get going with the user / usergroup creation.

Step 1: Add a new group, or you can use an existing group. Here I am adding a new group called WORKGROUP, because I am not very creative when it come’s to naming things.

groupadd WORKGROUP

Step 2: Create a user and add the user to the group we just created.

useradd test
usermod -G WORKGROUP test

Step 3: Change the group and permission of the user directory.

chgrp -R staff /home/test
chmod -R 777 /home/test

Now we start with the Samba Server install and setup. This can get rather tricky…. so focus! 🙂

Step 4: Install Samba through the yum CLI. The cups-libs is for printer.

yum install -y samba samba-commons cups-libs

You can skip this step if selinux has permissive or disabled status. (use sestatus command to check selinux status)

Step 5: Change the selinux security context on sharing directory and set the selinux boolean value for samba .

chcon -R -t samba_share_t /home/test/
semanage fcontext -a -t samba_share_t /home/test/
setsebool -P samba_enable_home_dirs on

Step 6: Set the samba password for the previously created user.

smbpasswd -a test

Step 7: Make a backup of /etc/samba/smb.conf file then edit the smb.conf file. Add the given information to the /etc/samba/smb.conf file as indicated.

cd /etc/samba/
cp -p smb.conf smb.conf.orig
nano /etc/samba/smb.conf

Edits to /etc/samba/smb.conf

# near line 58, under the [global] section: add
unix charset = UTF-8
dos charset = CP932

# add to end of file 
[sharedrepo]
comment = shared-directory
path = /home/test
public = no
valid users = test, @WORKGROUP
writable = yes
browseable = yes
create mask = 0777
create mode = 0777
directory mode = 0777
share modes = yes

Step 8: Edit the lines in /etc/samba/smb.conf as below. This will allow network to reach samba server. Change the value of 192.168.137.0/24 with your subnet. Change the ethernet value to that in use by your system and which you want to allow for traffic. In second line, 192.168.137. is for the subnet. Same rule applies to 127. which is for loopback.

interfaces = lo eth0 192.168.137.0/24
hosts allow = 127. 192.168.137.

# If your networked Windows PC's are using a different WORKGROUP name edit the line below in <em>smb.conf</em> with your workgroup name.  
workgroup = WORKGROUP

Step 9 : Now add the services to /etc/services.

If these entries already exist in your /etc/services, you can skip this step.

nano /etc/services

Edits to /etc/services

netbios-ns    137/tcp            # netbios name service
netbios-ns    137/udp            # netbios name service
netbios-dgm    138/tcp            # netbios datagram service
netbios-dgm    138/udp            # netbios datagram service
netbios-ssn    139/udp            # netbios session service
netbios-ssn    139/udp            # netbios session service

Step 10: Add iptables rules for samba server, for port 137,138.139 and 445, to /etc/sysconfig/iptables.

Change the 192.168.137.0/24 value of your subnet.

nano /etc/sysconfig/iptables

Edits to /etc/sysconfig/iptables. Your iptables file might not look exactly like this, you will need to ensure that the entries are placed in roughly the same place.

# Generated by iptables-save v1.4.7 on Sun Feb 17 19:36:23 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [199:25862]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
# Start of new entries
-A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 137 -j ACCEPT
-A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 138 -j ACCEPT
-A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 139 -j ACCEPT
-A INPUT -s 192.168.56.0/24 -m state --state NEW -p tcp --dport 445 -j ACCEPT
# End of new entries
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Step 11: Now start / restart all appropriate services.

/etc/init.d/iptables restart
/etc/init.d/smb start
/etc/init.d/nmb start

Step 12: Ensure that the smb and nmb services autostart at boot.

chkconfig smb on
chkconfig nmb on

Step 13: Now test samba from a Windows machine. If all works correctly you will be prompted for a username and password, and using the account details configured in earlier steps, you should gain access to the shared folder.

 

Right, now that the sharing is up and running, it’s time to attach the external drives and get them going. For the benefit of demonstration I will be attaching 2 physical drives to the storage repository, CentOS would reference these as /dev/sdb and /dev/sdc. I will also be assuming that the 2 drives are fresh off the shelf so they are formatted in FAT32, as most off the shelf external drive’s are. Drives are attached and being detected, so lets get started.

Step 14: Set up the partitions on /dev/sdb and /dev/sdc. Simply follow the key presses after each command

fdisk /dev/sdb
Command action
   a   toggle a bootable flag
   b   edit bsd disklabel
   c   toggle the dos compatibility flag
   d   delete a partition
   l   list known partition types
   m   print this menu
   n   add a new partition
   o   create a new empty DOS partition table
   p   print the partition table
   q   quit without saving changes
   s   create a new empty Sun disklabel
   t   change a partition's system id
   u   change display/entry units
   v   verify the partition table
   w   write table to disk and exit
   x   extra functionality (experts only)

Command (m for help): p
Command (m for help): d
FOLLOW DELETE INSTRUCTIONS
Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-6081, default 1): 1 (or just hit enter for the default to apply)
Last cylinder or +size or +sizeM or +sizeK (1-6081, default 6081): 6081 (or just hit enter for the default to apply)

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

Repeat for /dev/sdc

Step 15: Format the partitions.

mkfs -t ext3 /dev/sdb1
mkfs -t ext3 /dev/sdc1

Step 16: Configure and mount the new partitions via /etc/fstab.

mkdir /home/test/disk1
mkdir /home/test/disk2
nano /etc/fstab

Edits to /etc/fstab and add the following entries.

/dev/sdb1 /home/test/disk1 ext3 auto 0 0
/dev/sdc1 /home/test/disk1 ext3 auto 0 0

Next, issue a simple mount command providing the partition name.

mount /dev/sdb1
mount /dev/sdc1

Ensure that the drives are mounted and that the space is correctly available.

mount
df -h

Step 17: Set the permissions for the mount point.

chmod 777 /home/test/disk1 -R
chmod 777 /home/test/disk2 -R
chcon -R -t samba_share_t /home/test/disk1
chcon -R -t samba_share_t /home/test/disk2

Step 18: Reboot CentOS box ensure that everything is accessible via the Windows share.

That is about it, the last few steps can be repeated for new drives.

Sources:

 

Posted in: Featured, Linux.

Comments are closed.