Fedora 10 is provided as either CD-ROM's or DVD-ROM's for installation. You can either download the multiple CD sets or single DVD for installation. The DVD-ROM disk is preferred and recommended method of installation. Booting the DVD or booting from CD#1 will start the installer which will allow Fedora to be installed on your computer or for you to upgrade an existing Fedora on your machine. The following steps were done with the single DVD installation.
There are also "LiveCD's" which can be booted and will run a basic Fedora 10 in memory while also providing a simpler method of installation (not as complete at the DVD or multi-CD method). The default LiveCD ships with Gnome (ex: F10-i686-Live.iso). There is a specific LiveCD that ships with KDE. Both provide an installer however they come with significantly less software than the DVD. Also they require more memory in order to be usable. The LiveCD may be useful for demonstration.
Note: To upgrade an existing Fedora installation you cannot use a Live disk.
Physical Installation
It is highly recommended you read the Fedora Release Notes and official Installation Guide before installing Fedora.
An additional recommendation is to read Common Problems before installing.
Obtain the Fedora 10 DVD image or multi-CD set images from a Fedora mirror (or use the torrent) and burn to DVD. (For more information on how to download Fedora CD's or DVD).
Boot from the DVD. If you choose to use a LiveCD please note that the following steps will differ.
NOTE: The Fedora 10 Installer (anaconda) is very minimal and most configuration steps will need to be done post-installation.
I did a Custom Install of Fedora 10.
* Network Setup
Fedora 10 uses NetworkManager for automatically configuring the network for installation. Users will only be prompted to set their 'hostname' (e.g. 'mycomputer').
* Root password
This is your "Administrator" or "Superuser" password that lets you access everything on your system. Pick a good password and remember it.
* Partitioning
o If you have an empty hard drive or wish to delete the entire contents of your drive, then let the installer automatically partition or remove everything and partition.
o If you wish to dual-boot or save some contents on your drive, then select custom partitioning. I recommend at least 3 partitions: an 8-12GB / main partition, a 10+GB /home partition and a 1-2GB
* Boot Loader
o If you have a blank harddrive or wish Fedora to be your Primary Operating System, then leave the default options here. This also works for dual booting with other systems (ex: Windows).
o If you wish to preserve Windows as your primary operating system, then install Grub on the / partition, NOT the MBR. To do this, select Change device on the Install boot loader screen and install to First sector of boot partition. I use Bootpart from Windows 2000/XP to load Linux. An alternative to Bootpart is the NT OS Loader + Linux mini-HOWTO (also Grub Win2K Howto). I recommend this so you do not corrupt your Windows installation in a Dual-Boot environment. [NOTE] There is an example configuration available. This does take more work, and the default option on the MBR will also work. This will also work for users who are triple booting Vista/XP/Fedora (as I do).
* General Package Selection
The primary options for installation are the following. You can select these and skip individual package selection (next step) if you plan to install most of your software from online (via YUM). It is recommended you at least pick certain applications.
o Office and Productivity - [Highly Recommended]
o Software Development - [Highly Recommended / Required]
o Web Server - [Optional (useful for web developers)]
Add Additional Software Repositories - [NOT Recommended at Install time]. You do have the option of adding helpful repositories during install. This will give access to MANY more applications than included on the CD's or DVD. However this requires a high-speed internet access that is detected by the Fedora Installer. This will also significantly increase the installation time.
If you select Customize now you will be taken to the Individual Package Selection. The Fedora installer will usually have most of the necessary defaults, properly selected. You may skip this step.
* Individual Package Selection - apx 4.5-5.5GB. - It is significantly helpful to grab a some specific important packages (to reduce unnecessary downloading later). You are free to select whatever you want. The following in my experience are common useful suggestions:
o Desktop Environments
+ [Highly Recommended] - Select both GNOME Desktop Environment and KDE (K Desktop Environment)
o Applications - The default selection of applications is sufficient. Note the following:
+ [Recommended] - Graphical Internet - Add thunderbird as an email client.
+ [Recommended] - Sound and Video - Add k3b for CD/DVD creation.
o Development
+ [Recommended] - Select GNOME Software Development, KDE Software Development and X Software Development.
+ [Recommended/Optional] - Select Fedora Packager - Useful for some software building/administration.
o Servers
+ [Recommended] - Add Server Configuration Tools.
+ [Required] - Add Windows File Server (required to share files with Windows computers).
o Base System
+ [Recommended] - Add System Tools.
+ [Optional] - Deselecting some items in Dial-up Networking Support, Fonts (lots of foreign fonts) and Hardware Support (lots of various WiFi), and Input Methods may reduce unwanted/unusable software depending on your location and hardware.
Install the selected packages and reboot.
For users who opted to install grub on the first sector of the / partition instead of the MBR, you will be required to setup NTLDR to boot Linux.
For the first boot:
* License - Accept any licenses for Fedora
* Create User - Create at least 1 user account for yourself. Always use that account. DO NOT use root as your personal account. The root account will NOT be permitted to login into the graphical desktop.
* Date and Time - Network Time Protocol - Enable this ONLY if you have an active working internet connection that is on (ex: broadband, T1, DSL). You do not need to check the time server every time the service starts.
* Hardware Profile - Fedora uses smolt to provide basic non-intrusive information on your specific installation. While this may be helpful to Fedora developers, some may consider it a privacy issue. Please understand what information is being sent before you allow it to do so. I personally do not sent profile information.
Setup sudo
Fedora, like all other Linux distributions, has a root user and has individual users. The root is the "superuser", somewhat similar to "Administrator" in Windows.
Use the personal account you created at First Boot for daily use root only for administration/configuration. To run as 'root' use su or sudo commands. However sudo requires setup. As root run:
echo 'loginname ALL=(ALL) ALL' >> /etc/sudoers
Where 'loginname' is your user account.
Use 'ALL=(ALL) NOPASSWD:ALL' if you don't want to be prompted a password.
If you are prompted for a password with 'sudo' it is the user password, not root.
Example:
[anoop@home ~]$ su
Password: <--- Enter root password
[root@home anoop]# echo 'mirandam ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
[root@home anoop]# exit
exit
The following is an example of how sudo lets you execute root commands:
[anoop@home ~]$ du -sh /root
du: `/root': Permission denied <--- Fails!!!
[anoop@home ~]$ sudo du -sh /root
163M /root <--- Works!!!
NOTE: Every command provided on this page will work if you remove sudo from the command. However this requires you must be logged in as 'root'. An alternative to using sudo is to use su to login as root, before executing a command.
Graphical Bootloader - Plymouth
Fedora 10 replaces the previous graphical bootup system (which used the X-server) with a simpler system that uses kernel modesetting. However modesetting drivers are not available for all hardware yet. Please see: Plymouth.
Note: The following is optional. If no kernel modesetting is available a simple text based scroll bar should show up with booting Fedora.
In order to see the graphical boot, you must enable a mode setting for your video. Most users will find vesafb allows most standard VGA resolutions. Some examples are in Linux Kernel Documentation / fb / vesafb.txt and also here. You must have a proper Kernel mode number. For example I selected: 0x318 for 1024x768x16M resolution on a desktop CRT monitor.
As 'root', edit /boot/grub/grub.conf, and add 'vga=0x318' to the end of the kernel line. For example:
title Fedora (2.6.27.5-117.fc10.i686)
root (hd0,9)
kernel /boot/vmlinuz-2.6.27.5-117.fc10.i686 ro root=UUID=bb061789-157b-4cb2-85c8-633026e8df1e rhgb quiet vga=0x318
initrd /boot/initrd-2.6.27.5-117.fc10.i686.img
The next time you reboot, you should see the Plymouth graphical booter.
NOTE: You may use vga=ask instead. Follow the instructions you see on the screen and remember the number you used. Replace the number with the proper value in grub.conf as I did above.
NOTE: The resolution you select only applies to the graphical boot. You may use different resolutions/settings when you are using Fedora. It is acceptable to select a lower resolution for booting.
Setup yum
Fedora uses yum to install and update its software. When connected to the internet it will automatically determine application dependencies.
Fedora Repositories
Fedora typically has 2 repositories enabled by default: fedora (the same packages that come on any combination of the CD's or DVD's) and updates (updated packages, newer than fedora repository).
Third Party Repositories
For applications that are against Fedora policies (MP3, DVD, MPEG, Binary Drivers, etc), a third party repository should be used. The recommended repository for Fedora is: RPMFusion. For the purpose of this guide, (most) all needs are met by the RPMFusion repository, other requirements are stated.
To set up the RPMFusion repositories:
[anoop@home ~]$ sudo rpm -ivh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm
[anoop@home ~]$ sudo rpm -ivh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm
[anoop@home ~]$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-*
Install Nvidia Driver
In order to provide more complete information on the Nvidia driver, please see: Fedora Nvidia Driver Install Guide ( http://www.mjmwired.net/resources/mjm-fedora-nvidia.html).
Network Management
Fedora 10 uses NetworkManager by default. The primary settings for any network devices will be automatically selected at installation time. Since there is no screen for selecting networking options, most devices will default to using DHCP.
Using NetworkManager has greatly improved networking for many wireless and some less common devices (mobile broadband, GSM, etc.), it may still have problems with some configurations. NetworkManager development and integration into Fedora is still an ongoing effort.
NOTE: The following steps do NOT apply to all users. NetworkManager is highly recommended for Laptop users, especially using wireless with security.
Disabling NetworkManager and Enabling network Service
On machines with a fixed networking device and a fixed IP address (e.g. desktop, server, appliance), it might be more practical to disable NetworkManager and use the older network service. Additionally users requiring virtual device types (bridging, bonding, or VLANs) will also need to use the network service.
Note that the Fedora 10 installer disables the network service by default. To switch to using the network service:
First disable NetworkManager and prevent it from automatically loading:
[anoop@home ~]$ sudo /etc/init.d/NetworkManager stop
Stopping NetworkManager daemon: [ OK ]
[anoop@home ~]$ sudo /sbin/chkconfig --level 35 NetworkManager off
Next, configure your network settings:
[anoop@home ~]$ sudo system-config-network
You should have an eth0 device already showing. To configure the IP settings click on Edit. Do not forget to set DNS on the DNS tab (if you're using fixed IP's). Make sure the eth0 is selected as Active. Then File > Save and quit.
Next, enable the service and make sure it loads at next boot:
[anoop@home ~]$ sudo /etc/init.d/network start
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
[anoop@home ~]$ sudo /sbin/chkconfig --level 35 network on
While it may be possible to re-activate your network without a reboot, it may be recommended to reboot.
Startup Applications Requiring Network
Some applications require the network to be initialized during boot. If you are using NetworkManager and having these problems, edit /etc/sysconfig/network as 'root' and add the following line:
NETWORKWAIT=1. Or run:
[anoop@home ~]$ sudo su -c 'echo NETWORKWAIT=1 >> /etc/sysconfig/network'
Install RealPlayer
Note: Currently these instructions only apply to Fedora 32-bit.
Download RealPlayer 11.0 GOLD from: http://www.real.com/linux/.
Select: "Advanced Installation Options RedHat Package"
Install RealPlayer:
[anoop@home Download]$ sudo rpm -ivh RealPlayer11GOLD.rpm
RealPlayer/HelixPlayer Forums: https://helixcommunity.org/projects/player/forums
NOTE: Totem issues: If the Totem-Mozilla-Plugin tries to load RealPlayer content instead of RealPlayer, try removing the plugin:
[anoop@home ~]$ sudo yum remove totem-mozplugin
Install MP3 Players
Fedora ships without any form of MP3 playback. In order to add MP3 playback you must install from a 3rd party. The following requires the use of the RPMFusion repositories.
XMMS: simple, older GUI, minimalistic features (but still popular)
* Installation through yum:
[anoop@home ~]$ sudo yum install xmms xmms-mp3 xmms-faad2 xmms-pulse xmms-skins
Audacious: (A fork of Beep Media Player - BMP). XMMS rebuilt to be a little bit more modern. Still basic but much better than XMMS.
* Installation through yum:
[anoop@home ~]$ sudo yum install audacious audacious-plugins-freeworld*
NOTE: There is a '*' at the end.
Rhythmbox/Gstreamer - A simple audio application similar to iTunes layout.
* Most of Rhythmbox and the Gstreamer system should be installed when installing Gnome (mentioned above). The missing components are just the MP3 (and other media) plugins.
* Installation through yum:
[anoop@home ~]$ sudo yum install rhythmbox gstreamer-plugins-ugly gstreamer-plugins-bad gstreamer-ffmpeg
Amarok - A modern feature rich media player application.
* It is helpful to have KDE installed first as this will reduce the download.
* Installation through yum:
[anoop@home ~]$ sudo yum install amarok xine-lib-extras-freeworld
K3B CD-Burner MP3 Audio Decoding:
* If you wish to make audio CD's in K3b from MP3's, install the following:
* Using yum:
[anoop@home ~]$ sudo yum install k3b-extras-freeworld
Note: PulseAudio - I was able to run most all these applications with either their default settings or using PulseAudio plugins enabled.
Install Media Players
Fedora ships with a limited set of media player for both audio and video. For audio please read the MP3 player notes. For video and other multimedia (DVD, etc.) we will also be making use of a 3rd party repository: RPMFusion. Make sure to have the RPMFusion repositories configured before executing the following. Note that many "dependancies" in libraries, plugins and codecs are shared between these applications and also the MP3 player applications.
The most popular media players (in order) are: MPlayer, Xine and VLC. Each has its own strengths. Install whichever you prefer although the first 2 are recommended.
MPlayer - MPlayer comes in a command line only interface (mplayer) or skinable GUI and it also has a powerful encoding tool MEncoder (also great for ripping or compressing audio/video). Additionally there is a highly functional web plugin allowing for many popular formats in Firefox/Mozilla (WMV, QuickTime, etc.).
* Installation through yum with RPMFusion enabled:
[anoop@home ~]$ sudo yum install mplayer mplayer-gui gecko-mediaplayer mencoder
* Note that mencoder is optional but provides many encoding functions.
* Binary Codecs: Please install the Binary Codecs for further support of formats that MPlayer does not directly support.
* MPlayer should work automatically defaulted to PulseAudio.
Xine - Xine is similar to MPlayer in many ways however lacking the command line application and encoder. However has fully supported DVD playback with proper navigation.
* Installation through yum with RPMFusion enabled:
[anoop@home ~]$ sudo yum install xine xine-lib-extras xine-lib-extras-freeworld
* Binary Codecs: Please install the Binary Codecs for further support of formats that Xine does not directly support.
* DVD Playback: To properly play DVDs please see DVD Playback.
* Xine Crashing: If you are experiencing Xine crashing immediately after loading please read this: Xine F10 Crash.
Binary Codecs - The MPlayer projects maintains a package full of binary codecs for which no directly open source option exists, some of these files include Windows DLL's. These are shared by both Xine and MPlayer. NOTE: There is significant variation depending on your architecture (i386, x86_64, ppc). The 32bit i386 works the best.
* Navigate to: http://www.mplayerhq.hu/MPlayer/releases/codecs/
* Select the package (.tar.bz2) best matching your version of Fedora/Architecture. Generally 32-bit users will use: all-20071007.tar.bz2.
* Install the codecs (32-bit for example):
[anoop@home Download]$ sudo mkdir -p /usr/lib/codecs
[anoop@home Download]$ sudo tar -jxvf all-20071007.tar.bz2 --strip-components 1 -C /usr/lib/codecs/
VLC - VLC is a simpler media player with an easy to use interface. It also supports DVD playback. While most needs should be met with Xine and MPlayer some prefer VLC.
* Installation through yum with RPMFusion enabled:
[anoop@home ~]$ sudo yum install vlc
* DVD Playback: To properly play DVDs please see DVD Playback.
DVD Playback - Due to non-technical reasons, the libdvdcss package currently exists in the Livna repository. Either use the Livna repository for this single package, or manually download and install it:
* Setup the Livna Repository:
[anoop@home ~]$ sudo rpm -ivh http://rpm.livna.org/livna-release.rpm
[anoop@home ~]$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-livna
* Installation through yum with Livna enabled:
[anoop@home ~]$ sudo yum install libdvdcss
SELinux Issues - The package ffmpeg-libs gave at least 2 SELinux AVC denials, the fix from the Troubleshooter was:
[anoop@home ~]$ sudo chcon -t textrel_shlib_t '/usr/lib/sse2/libpostproc.so.51.2.0'
[anoop@home ~]$ sudo chcon -t textrel_shlib_t '/usr/lib/sse2/libswscale.so.0.6.1'
Install Microsoft Truetype Fonts
The official source for the package is http://corefonts.sourceforge.net/.
There is a request for RPMFusion to package this. From that I am providing an updated SPEC file.
You have to build the RPM using the chosen SPEC file. For convenience I have created the RPM (please do not link directly to this file):
msttcore-fonts-2.0-3.noarch.rpm
[anoop@home Download]$ sudo rpm -ivh msttcore-fonts-2.0-3.noarch.rpm
Note: If have upgraded from Fedora 8 or some a previous version of Fedora. Please see Fedora 8 - Truetype Fonts on removing the older packages.
Note: Fedora encourages the use of the Liberation Fonts. These should be installed by default (and included on the DVD), however if not, please run:
[anoop@home ~]$ sudo yum install liberation-fonts
Disable Unneeded Services/Daemons
Information regarding services and their functions can be found on: Services in Fedora 10 (http://www.mjmwired.net/resources/mjm-services-f10.html).
For information on how to manage services in Fedora please read: Managing Services in Fedora (http://www.mjmwired.net/resources/mjm-fedora-manage-services.html).
Adobe Flash Plugin
The Adobe Flash plugin is available from Adobe's website. Users can install the RPM directly or use Adobe's YUM repository (recommended). Please note the plugin will not work directly on 64-bit browsers without some re-configuration.
For yum users (RECOMMENDED):
Install the Adobe YUM repository, and install through yum:
[anoop@home Download]$ sudo rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm
[anoop@home Download]$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
[anoop@home Download]$ sudo yum install flash-plugin
For manual installation: For users without yum:
Go to Install a different version of Adobe Flash Player and select:
Select an operating system: Linux
Select an installer type: .rpm for Linux.
Download the .rpm file (.rpm for Linux (x86)) and save it to disk.
Install:
[anoop@home Download]$ sudo rpm -ivh flash-plugin-10.0.12.36-release.i386.rpm
Installation on Fedora 64-bit
The following steps are required for Fedora 64-bit users.
First install the Adobe YUM repository, as stated above:
[anoop@home Download]$ sudo yum install nspluginwrapper.{i386,x86_64} alsa-plugins-pulseaudio.i386
[anoop@home Download]$ sudo yum install flash-plugin
Java Runtime Environment
The standard installation of Fedora 10 should install OpenJDK (based off of Sun Java). However if not, it can be installed using YUM:
[anoop@home ~]$ sudo yum install java-1.6.0-openjdk java-1.6.0-openjdk-plugin
With OpenJDK installed, Java application and Web applets should automatically work. Unfortunately some applets may not run properly and the OpenJDK might have some limitations. Majority of user should find OpenJDK perfect for everyday use.
Using Sun Java Instead
If you require Sun Java or if OpenJDK does not work properly, you can download Sun Java and use it in Fedora.
Download the Java package from:
http://java.sun.com/javase/downloads/index.jsp
Select: Java SE Runtime Environment (JRE) 6 Update 12 (the JDK is for developers)
On the next page, for Platform select "Linux" for 32-bit users, and "Linux x64" for 64-bit users.
For Language select "Multi-language". Also accept the license agreement, and hit "Continue".
On the next page, select the RPM option:
Java SE Runtime Environment 6u12
jre-6u12-linux-i586-rpm.bin 18.72 MB (32-bit users)
jre-6u12-linux-x64-rpm.bin 18.20 MB (64-bit users)
To install (32-bit example):
[anoop@home Download]$ sudo sh jre-6u12-linux-i586-rpm.bin
You will need to hit 'space' till it reaches the end, then type 'yes'. You should see the RPM installing. If you do not, manually install it via sudo rpm -ivh.
When running the java command, Fedora will default to using OpenJDK. In order to use Sun Java, use the alternatives command.
To setup the Java runtime, perform the following (applies to both 32-bit and 64-bit users):
[anoop@home Download]$ sudo /usr/sbin/alternatives --install /usr/bin/java java /usr/java/default/bin/java 20000
The Mozilla/Firefox browser plugin for 32-bit users:
[anoop@home Download]$ sudo /usr/sbin/alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so \
libjavaplugin.so /usr/java/default/plugin/i386/ns7/libjavaplugin_oji.so 20000
For 64-bit users:
[anoop@home Download]$ sudo /usr/sbin/alternatives --install /usr/lib64/mozilla/plugins/libjavaplugin.so \
libjavaplugin.so.x86_64 /usr/java/default/lib/amd64/libnpjp2.so 20000
Note: If you wish to switch back to OpenJDK you can run the following commands one by one to switch between the OpenJDK and Sun Java:
[anoop@home ~]$ sudo /usr/sbin/alternatives --config java
[anoop@home ~]$ sudo /usr/sbin/alternatives --config libjavaplugin.so
(or for 64-bit)
[anoop@home ~]$ sudo /usr/sbin/alternatives --config libjavaplugin.so.x86_64
To update: If you wish update the JRE package, simply download the newest RPM package and install it as above. You will NOT need to reset alternatives, as those settings should remain intact.
Install Adobe Acrobat
To view PDF files, Fedora includes evince, however this application is very basic and may not work with every feature of some PDF files.
For yum users:
Install the Adobe YUM repository, and install through yum:
[anoop@home Download]$ sudo rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm
[anoop@home Download]$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
[anoop@home Download]$ sudo yum install AdobeReader_enu
NOTE: The above uses the English version: enu. To see which languages are supported by Adobe's YUM repository, run the following command:
[anoop@home Download]$ yum list AdobeReader\*
Other languages are installed similar to english for example: AdobeReader_fra, if you are unsure which package is correct, run:
yum info AdobeReader_fra for more information. Otherwise install manually as described below. (Note: 64-bit users are recommended to use yum to resolve all the 32-bit i386 dependancies.)
For manual installation: For users without yum:
Download Acrobat from: http://www.adobe.com/products/acrobat/readstep2_allversions.html
Select:
Operating system: Linux
Version: Linux - x86 (.rpm)
Your language.
The version of Adobe Acrobat Reader currently is 8.1.3 and the download size is between 40-60MB depending on your language. Not all languages are supported under Linux.
[anoop@home Download]$ su -c 'rpm -ivh AdobeReader_enu-8.1.3-1.i486.rpm'
Note: Do NOT use sudo when installing the RPM. Either install it when logged in as root or use the su -c command.
Setup Samba - Filesharing with Windows
If you have other Windows computers on your LAN and want to share files from Linux with them, you must setup Samba.
To setup Samba you must (1) install samba, (2) add you 'shares', (3) add users, (4) start Samba service and (5) manage security options (Firewall and SELinux).
1. Install Samba
It is best to have Samba installed in the installation process. If not < style="color: rgb(51, 255, 51);">[anoop@home ~]$ sudo yum install samba samba-client
2. Add Shares
You must edit /etc/samba/smb.conf as root: (use nano instead of gedit if you do not have a GUI)
[anoop@home ~]$ sudo gedit /etc/samba/smb.conf
Set your Windows Workgroup name in [global] section.
Added shares at the end of the file. Example:
[c_drive]
path = /media/c_drive
public = yes
writable = no
[netshare]
path = /data/
public = yes
writable = yes
If 'writable' the location must be writable in Linux first. Additionally permissions must match (for example: drw-rw-rw-).
If home data (all personal files under /home/username) is to be accessible, then set 'browseable = yes' under [homes] (~line 250). This configuration file is very descriptive, read through it to get more ideas or information.
3. Add Users
To access shares, you must be a valid user. Add valid users AND passwords using the smbpasswd command.
This login name WILL be the login name and password you use from Windows to access your Linux computer. The password does NOT need to match your Linux password.
[anoop@home ~]$ sudo smbpasswd -a username
New SMB password:
Retype new SMB password:
account_policy_get: (warnings ignored)
Added user username.
(Note: 'username' MUST be a valid account on the Fedora machine)
4. Start Samba Service
Run samba and check for any errors:
[anoop@home ~]$ sudo /etc/init.d/smb start
Starting SMB services: [ OK ]
Use chkconfig or serviceconf to enable samba (smb) in both runlevels 3 and 5. This will make sure to run Samba each time Fedora boots.
[anoop@home ~]$ /sbin/chkconfig --list smb
smb 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[anoop@home ~]$ sudo /sbin/chkconfig --level 35 smb on
[anoop@home ~]$ /sbin/chkconfig --list smb
smb 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Restart Samba for every change to users/passwords or 'smb.conf'
[anoop@home ~]$ sudo /etc/init.d/smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
5. Managing Security for Samba
Firewall
The Firewall will by default block Samba, to allow access run:
[anoop@home ~]$ system-config-firewall
To allow Samba access to work through the firewall you must set 'Samba' as a 'Trusted Service' and hit 'Apply'. Alternatively if you are only using the shell and do not have access to a graphical X-server, you can run:
[anoop@home ~]$ sudo system-config-firewall-tui
To allow Samba access to work through the firewall, use
SELinux
SELinux has significant control over restricting different parts of Samba. Run system-config-selinux. Please read lines #23 - #51 in /etc/samba/smb.conf for a better explanation. Alternatively, you can run:
[anoop@home ~]$ system-config-selinux
Go to Boolean and type 'samba' in the Filter (without quotes).
The following is NOT complete and is NOT recommended but is a quick enable to allow Samba to work permissively through SELinux.
[anoop@home ~]# sudo /usr/sbin/setsebool -P samba_export_all_rw on
Alternatively, you can ignore SELinux at this point and try to access your shares in Windows and SELinux TroubleShooter should give an automatic pop-up in GNOME explaining what is wrong. If you follow those recommendations you most likely will be more secure.
For any changes made above to the SELinux settings or smb.conf, it is recommended to restart Samba.
No comments:
Post a Comment