31.12. The /etc/rc.d/init.d/smb script file

Configure your /etc/rc.d/init.d/smb script file to start and stop Samba smbd and nmbd daemons Server automaticaly. Create the smb script file, touch /etc/rc.d/init.d/smb and add the following lines:


      #!/bin/sh
      #
      # chkconfig: - 91 35
      # description: Starts and stops the Samba smbd and nmbd daemons \
      #        used to provide SMB network services.

      # Source function library.
      . /etc/rc.d/init.d/functions

      # Source networking configuration.
      . /etc/sysconfig/network

      # Check that networking is up.
      [ ${NETWORKING} = "no" ] && exit 0

      # Check that smb.conf exists.
      [ -f /etc/smb.conf ] || exit 0

      RETVAL=0

      # See how we were called.
      case "$1" in
      start)
      echo -n "Starting SMB services: "
      daemon smbd -D    
      RETVAL=$?
      echo
      echo -n "Starting NMB services: "
      daemon nmbd -D 
      RETVAL2=$?
      echo
      [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && touch /var/lock/subsys/smb || \
      RETVAL=1
      ;;
      stop)
      echo -n "Shutting down SMB services: "
      killproc smbd
      RETVAL=$?
      echo
      echo -n "Shutting down NMB services: "
      killproc nmbd
      RETVAL2=$?
      [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && rm -f /var/lock/subsys/smb
      echo ""
      ;;
      restart)
      $0 stop
      $0 start
      RETVAL=$?
      ;;
      reload)
      echo -n "Reloading smb.conf file: "
      killproc -HUP smbd
      RETVAL=$?
      echo
      ;;
      status)
      status smbd
      status nmbd
      RETVAL=$?
      ;;
      *)
      echo "Usage: $0 {start|stop|restart|status}"
      exit 1
      esac

      exit $RETVAL
    

Now, make this script executable and change its default permissions:


        [root@deep ] /# chmod 700 /etc/rc.d/init.d/smb
      
Create the symbolic rc.d links for Samba with the command:

        [root@deep ] /# chkconfig --add smb
      

Samba script will not automatically start the smbd and nmbd daemon when you reboot the server. You can change it to do this by default by executing the following command:


        [root@deep ] /# chkconfig --level 345 smb on
      
Start your Samba Server manually with the following command:

        [root@deep ] /# /etc/rc.d/init.d/smb start
      

        Starting SMB services:                            [  OK  ]
        Starting NMB services:                          [  OK  ]
      

31.12.1. Securing Samba

Immunize important configuration files, the immutable bit can be used to prevent accidentally deleting or overwriting a file that must be protected. It also prevents someone from creating a symbolic link to this file. Once your smb.conf and lmhosts files have been configured, it's a good idea to immunize them with a command like:


          [root@deep ] /# chattr +i /etc/smb.conf
          [root@deep ] /# chattr +i /etc/lmhosts