# File Server
## Introduction
A file server is a specialized server designed to store and manage files, allowing users to access and share data within a network. One popular choice for implementing a file server is to use Samba, an open-source software suite that provides file and print services for Windows, Linux, and other Unix-like operating systems.
## Installation
To set up a file server using Samba, you'll first need to install the Samba software on your machine. The installation process may vary depending on your operating system. For example, on a Linux system, you can use the package manager. If you're using CentOS, you can install Samba with the following command:
```bash
sudo apt-get install samba
```
Adjust the command according to the package manager of your distribution.
## Firewall
Ensure that your firewall allows traffic for the Samba service. If you're using a Linux system with `ufw` (Uncomplicated Firewall), you can enable Samba with:
```bash
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload
```
## Protocol
Samba uses the Server Message Block (SMB) protocol for file and printer sharing. It allows interoperability between Windows and non-Windows operating systems. Make sure that your clients and server are configured to use the same version of the SMB protocol.
## Config
Samba's configuration is managed through the `smb.conf` file. This file is usually located in the `/etc/samba/` directory. You can edit it using a text editor like `nano` or `vi`. Here's an example of a basic configuration:
```plaintext
[shared_folder]
comment = Shared Folder
path = /path/to/shared/folder
browseable = yes
read only = no
guest ok = yes
```
After making changes, restart the Samba service to apply the configuration:
```bash
sudo service smbd restart
```
### Create Mask
The "create mask" is a parameter in Samba that defines the default permissions assigned to new files created in a shared directory. It sets the initial file permissions for files created by users accessing the shared folder. The mask is specified in octal notation, similar to standard Unix file permissions.
In the `smb.conf` file, you can set the "create mask" parameter for a share. For example:
```plaintext
[shared_folder]
comment = Shared Folder
path = /path/to/shared/folder
create mask = 0644
...
```
In this example, the "create mask" is set to 0644, which means that new files will have read and write permissions for the owner and read permissions for group members and others.
### Directory Mask
Similar to the "create mask," the "directory mask" parameter in Samba specifies the default permissions assigned to new directories created within a shared directory. It controls the initial directory permissions for directories created by users.
Here's an example of how to set the "directory mask" in the `smb.conf` file:
```plaintext
[shared_folder]
comment = Shared Folder
path = /path/to/shared/folder
directory mask = 0755
...
```
In this case, the "directory mask" is set to 0755, allowing the owner to have read, write, and execute permissions, and others (group members and users outside the group) to have read and execute permissions.
## Samba User
To access the Samba shares, users need to be added to the Samba user database. You can add a user using the `smbpasswd` command:
```bash
sudo smbpasswd -a username
```
This command will prompt you to set a password for the specified username.
## Permission
Permissions in a Samba environment affect both file and user access.
### File Permission
File permissions determine who can read, write, or execute files on the server. Use the `chmod` command to modify file permissions:
```bash
chmod permissions filename
```
### Samba Permission
Samba allows you to control access to shares using its own set of permissions. In the `smb.conf` file, you can specify which users or groups have access to a particular share:
```plaintext
valid users = user, @group
```
> User is noraml username and group will start with `@`
Adjust the configuration according to your specific requirements. After modifying the `smb.conf` file, remember to reload the Samba service to apply the changes:
```bash
sudo service smbd reload
```
## SELinux
SELinux (Security-Enhanced Linux) is a security feature in Linux that provides mandatory access controls. If SELinux is enforcing on your system, it may interfere with Samba.
```bash
vim /etc/sysconfig/selinux
```
```plaintext
...
SELINUX = enforcing
...
```
We change the security context of files or directories in SELinux-enabled systems.
```bash
chcon -t samba_share_t /path/to/directory
```
Sign in with Wallet
Connect another wallet