Samba
配置目錄及主要配置文件
/etc/samba
/etc/samba/smb.conf
檢查配置文件
testparm
配置文件
/etc/samba/smb.conf
[global] 全局設置
workgroup = MYGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
idmap config * : backend = tdb
cups options = raw
[homes] 用戶家目錄共享
comment = Home Directories
read only = No
browseable = No
[printers] 打印機共享
comment = All Printers
path = /var/spool/samba
printable = Yes
print ok = Yes
browseable = No
共享目錄的認證配置
設置共享訪問權限
valid users = 共享賬號
write list = 共享賬號
用戶名或@組名 多個賬號之間以逗號分隔
主機地址控制
hosts allow =IP或網段地址
hosts deny =IP或網段地址
實驗
安裝包
yum -y install samba
首先準備共享賬號
共享賬號與本地賬號相對應的
密碼可以不同
建立兩個用戶
[root@localhost repo]# useradd -s /sbin/nologin user1
[root@localhost repo]# pdbedit -a user1
new password:
retype new password:
Unix username: user1
NT username:
Account Flags: [U ]
User SID: S-1-5-21-2792076147-587696584-1372980158-1000
Primary Group SID: S-1-5-21-2792076147-587696584-1372980158-513
Full Name:
Home Directory: \\localhost\user1
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\user1\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: 三, 06 2月 2036 23:06:39 CST
Kickoff time: 三, 06 2月 2036 23:06:39 CST
Password last set: 一, 15 8月 2016 13:58:38 CST
Password can change: 一, 15 8月 2016 13:58:38 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost repo]# useradd -s /sbin/nologin user2
[root@localhost /]# smbpasswd -a user2
New SMB password:
Retype new SMB password:
Added user user2.
查看共享賬號列表
[root@localhost smb]# pdbedit -L
user1:500:
user2:501:
編輯配置文件最後加
vim /etc/samba/smb.conf
[smbgx] 共享名
path = /test 指定共享路徑
public = no 不對所有人開發
readonly =yes 默認權限爲只讀
valid users = user1,user2 指定合法用戶
writelist = user2 user2可讀可寫
啓動服務
/etc/init.d/smb start
[root@localhost repo]# netstat -anptu |grep smb
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 3583/smbd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 3583/smbd
tcp 0 0 192.168.100.100:445 192.168.100.1:7189 ESTABLISHED 3590/smbd
tcp 0 0 :::139 :::* LISTEN 3583/smbd
tcp 0 0 :::445 :::* LISTEN 3583/smbd
[root@localhost repo]# ls /home/user1 /home/user2 /test
/home/user1:
issue
/home/user2:
fstab
/test:
inittab
使用smbclient訪問共享
[root@localhost repo]# smbclient -L 192.168.100.100
Enter root's password: 直接回車
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
Sharename Type Comment
--------- ---- -------
smbgx Disk 剛纔創建的共享
IPC$ IPC IPC Service (Samba Server Version 3.6.9-151.el6)
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
Server Comment
--------- -------
Workgroup Master
--------- -------
smbclient -U 用戶名 //服務器地址/共享名
[root@localhost repo]# smbclient -U user1 //192.168.100.100/smbgx
Enter user1's password: 驗證user1用戶
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
smb: \> ls
. D 0 Mon Aug 15 14:10:32 2016
.. DR 0 Mon Aug 15 14:06:49 2016
inittab 884 Mon Aug 15 14:10:33 2016
35983 blocks of size 524288. 27876 blocks available
smb: \>
使用mount掛載共享
mount -t cifs //服務器地址/共享名 掛載點
mount -t cifs -o username=用戶名,password=密碼 //服務器地址/共享名 掛載點
[root@localhost repo]# mount -t cifs -o username=user1 //192.168.100.100/smbgx /smb
Password:
[root@localhost repo]# mount |tail -1
//192.168.100.100/smbgx on /smb type cifs (rw)
[root@localhost smb]# touch a
touch: 無法創建"a": 權限不夠
[root@localhost /]# mount -o username=user2,password=1 //192.168.100.100/smbgx /smb
[root@localhost /]# mount |tail -1
//192.168.100.100/smbgx on /smb type cifs (rw)
不推薦這種做法
[root@localhost smb]# ll -d /test/
drwxr-xr-x. 2 root root 4096 8月 15 14:10 /test/
[root@localhost smb]# chmod o+w /test/
可以通過ACL來控制
setfacl -m user:user2:rwx /test
[root@localhost u1]# ll -d /test/
drwxrwxr-x+ 2 root root 4096 8月 15 14:38 /test/
[root@localhost smb]# ls
a inittab
[root@localhost smb]# touch b
[root@localhost smb]# ls
a b inittab
啓用別名賬號
啓用別名映射文件
username map = 別名文件路徑
編輯配置文件
vim /etc/samba/smb.conf
[global]
username map = /etc/samba/smbusers 默認別名記錄文件
[root@localhost ~]# cat /etc/samba/smbusers
# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
user2 = gly 自己添加 左邊是用戶名 = 別名
驗證別名成功
[root@localhost ~]# smbclient -U gly //192.168.100.100/smbgx
Enter gly's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
smb: \> ls
. D 0 Mon Aug 15 14:41:40 2016
.. DR 0 Mon Aug 15 14:25:12 2016
inittab 884 Mon Aug 15 14:10:33 2016
a 0 Mon Aug 15 14:38:30 2016
b 0 Mon Aug 15 14:41:40 2016
35983 blocks of size 524288. 27876 blocks available