Set Up Samba or NFS on Oracle Linux 9: AD, Kerberos & SELinux

October 22, 2025 | By the+gnu+linux+evangelist.

How to Install Samba & NFS

2. System update and install core packages

Update system and install the packages used by both Samba and NFS workflows.

sudo dnf update -y

sudo dnf install -y epel-release

sudo dnf install -y samba samba-client samba-common sssd realmd krb5-workstation oddjob oddjob-mkhomedir adcli samba-common-tools

sudo dnf install -y nfs-utils nfs4-acl-tools rpcbind

sudo dnf install -y policycoreutils-python-utils selinux-policy-devel

3. Create canonical directories and permissions

Create share directories under /srv (recommended for server data) and set POSIX permissions before applying SELinux contexts.
```
sudo mkdir -p /srv/samba/share
```
```
sudo mkdir -p /srv/nfs/data
```
```
sudo chown -R root:root /srv/samba /srv/nfs
```
```
sudo chmod -R 2770 /srv/samba/share
```
4. SELinux: persistent file contexts for Samba and NFS

Label Samba share directories with the samba_share_t type so smbd can access them. For NFS exports set an appropriate type (server policies often use nfs_t for exports) and enable the needed booleans. Using semanage fcontext creates persistent rules; then apply with restorecon. See SELinux Samba docs for rationale. :contentReference[oaicite:0]{index=0}
```
sudo semanage fcontext -a -t samba_share_t '/srv/samba(/.*)?'
```
```
sudo restorecon -Rv /srv/samba
```
```
sudo semanage fcontext -a -t nfs_t '/srv/nfs(/.*)?'
```
```
sudo restorecon -Rv /srv/nfs
```
```
sudo setsebool -P nfs_export_all_rw on
```

5. Samba basic config and test share

Create a minimal smb.conf with a secure share. We use hosts allow and Samba ACLs for access control; AD users/groups will be mapped later.

sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.orig

sudo tee /etc/samba/smb.conf <<'EOF'
[global]
   workgroup = EXAMPLE
   server string = Oracle9 Samba Server
   security = ADS
   realm = EXAMPLE.COM
   unix password sync = no
   client signing = mandatory
   server signing = mandatory
   idmap config * : backend = tdb
   template homedir = /home/%D/%U
   winbind use default domain = yes

[share]
   path = /srv/samba/share
   browsable = yes
   read only = no
   create mask = 0660
   directory mask = 2770
EOF

sudo systemctl enable --now smb nmb

Pages: 1 2 3

Tags: enterprise file server Oracle Linux 9, nfs selinux context, nfs server Oracle Linux 9, Oracle Linux 9 active directory integration, Oracle Linux 9 ad authentication, Oracle Linux 9 directory quotas, Oracle Linux 9 enterprise file sharing, Oracle Linux 9 ext4 quotas, Oracle Linux 9 file server backup, Oracle Linux 9 file server performance, Oracle Linux 9 File Sharing, Oracle Linux 9 ha clustering, Oracle Linux 9 high-performance file server, Oracle Linux 9 kerberos, Oracle Linux 9 kerberos authentication, Oracle Linux 9 mixed os file sharing, Oracle Linux 9 network shares, Oracle linux 9 nfs, Oracle Linux 9 nfs acl, Oracle Linux 9 nfs export, Oracle Linux 9 nfs id mapping, Oracle Linux 9 nfs installation, Oracle Linux 9 nfs-utils, Oracle Linux 9 nfs4-acl-tools, Oracle Linux 9 quota management, Oracle Linux 9 realmd, Oracle Linux 9 rpcbind, Oracle Linux 9 Samba, Oracle Linux 9 Samba Installation, Oracle Linux 9 samba winbind, Oracle Linux 9 selinux, Oracle Linux 9 smb share, Oracle Linux 9 sssd, Oracle Linux 9 system update, Oracle Linux 9 user quotas, Oracle Linux 9 xfs quotas, samba selinux context, Samba Server Oracle Linux 9, smb nfs cross-platform

Set Up Samba or NFS on Oracle Linux 9: AD, Kerberos & SELinux

How to Install Samba & NFS

2. System update and install core packages

3. Create canonical directories and permissions

4. SELinux: persistent file contexts for Samba and NFS

5. Samba basic config and test share

Contents