Tuesday, 20 August 2013

Centos 6/RHEL create a custom share folder for a specific user Samba

Sharing a home directory with Samba has its advantages, but it is not perfect for every scenario.

You may want to create a shared folder that is used by one or more users to store documents, images, or to act as a repository for your media files or you might need to provide limited permissions, read-only access, or a global directory for a group of users. Here we look at creating a custom share folder that can be used to augment your networking environment.

It is assumed that Samba is already installed and that it is configured to run as a standalone server.

We will look at both individual access and group access to a customized share folder of your choice.

Individual Access

To begin, log in as root and create a new directory by typing the following

# mkdir/home/<foldername>

Assign the ownership of this folder to a particular user and group. Set the permissions using values to suit your own setup

# chown <username> /home/<foldername> && chgrp <groupname> /
home/<foldername> && chmod 0770 /home/<foldername>

When you have finished, open the Samba configuration file

# vi/etc/samba/smb.conf

Scroll down to the bottom of the file and add the following lines, remember to customize the comment, the foldername value, and replace username and groupname with the same values as used in the previous step.

[foldername]
comment = your foldername description
path = /home/foldername/
browseable = yes
guest ok = no
writable = yes
create mask =0666
directory mask =0770
valid users = username
force group = groupname
forceuser = username

You may want to customize the preceding values to suit your setup.

Any new directory created will be given the permissions of 0770, while any new file added will have the permissions set to 0666. The only valid users that can connect to this share folder are defined by the username value while all files and directories will have the group name of groupname applied to it.

When you have finished, save the configuration file before restarting the
Samba server like so service smb start && service nmb start.

Group Access

If you are intending to enable multiple user access, then you can enhance this to include more users by listing the relevant usernames, like so

valid users = username1, username2, username3

Alternatively, you can specify the @ parameter as below

valid users = @groupname

This states that anyone who is a member of groupname is a valid user for the share folder concerned. Your modified configuration statement could look similar to this

[folder_name]
comment = folder_name description
writable = yes
valid users = @groupname
path = /home/samba/folder_name
create mode = 0660
directory mode = 0770

If you wanted a particular share to be accessible by the users of multiple groups, then the code would look more like this

[folder_name]
comment = folder_name description
writable = yes
valid users = @groupname1, @groupname2, @groupname3
path = /home/samba/folder_name
create mode = 0660
directory mode = 0770

To use the group access feature, users must be members of the same group as Samba cannot overrule the existing rules set by CentOS.

Remember to restart the service as below

# service smb start && service nmb start