Samba是在Linux和UNIX系统上实现SMB协议的一个免费软件,由服务器及客户端程序构成。SMB(Server Messages Block,信息服务块)是一种在局域网上共享文件和打印机的一种通信协议,它为局域网内的不同计算机之间提供文件及打印机等资源的共享服务。
1.服务安装
[root@linux etc]# yum install samba -y
已加载插件:langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
rhel | 4.1 kB 00:00
正在解决依赖关系
--> 正在检查事务
---> 软件包 samba.x86_64.0.4.1.1-31.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
================================================================================
Package 架构 版本 源 大小
================================================================================
正在安装:
samba x86_64 4.1.1-31.el7 rhel 527 k
事务概要
================================================================================
安装 1 软件包
总下载量:527 k
安装大小:1.5 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : samba-4.1.1-31.el7.x86_64 1/1
验证中 : samba-4.1.1-31.el7.x86_64 1/1
已安装:
samba.x86_64 0:4.1.1-31.el7
完毕!
2.编辑配置文件
[root@linux etc]# cat /etc/samba/smb.conf
# This is the main Samba configuration file. For detailed information about the
# options listed here, refer to the smb.conf(5) manual page. Samba has a huge
# number of configurable options, most of which are not shown in this example.
#
# The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
# guides for installing, configuring, and using Samba:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
以下省略...
由于配置文件太多,将一些前面带井号的注释删除
[root@linux etc]# cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
[root@linux etc]# cat /etc/samba/smb.conf.bak | grep -v '#' | grep -v ';' | grep -v '^$' > /etc/samba/smb.conf
[root@linux etc]# cat /etc/samba/smb.conf
[global]
workgroup = MYGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
load printers = yes
cups options = raw
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
删除没有用的参数,边界用户的访问配置。
[root@linux etc]# vim /etc/samba/smb.conf
[global]
workgroup = MYGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
load printers = yes
cups options = raw
[shijie]
comment = hello world
path = /home/shijie
public = no
writable = yes
3.创建用户
pdbedit命令用于管理SMB服务程序的账户信息数据库,格式为“pdbedit [选项] 账户”。
参数 作用
-a 用户名 建立Samba用户
-x 用户名 删除Samba用户
-L 列出用户列表
-Lv 列出用户详细信息的列表
创建samba的用户和密码,是客户端访问服务器的账号和密码。
[root@linux etc]# pdbedit -a -u shijie
new password:
retype new password:
Unix username: shijie
NT username:
Account Flags: [U ]
User SID: S-1-5-21-2209934372-3311476088-2956246234-1000
Primary Group SID: S-1-5-21-2209934372-3311476088-2956246234-513
Full Name: shijie
Home Directory: \\linux\shijie
HomeDir Drive:
Logon Script:
Profile Path: \\linux\shijie\profile
Domain: LINUX
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: 三, 06 2月 2036 23:06:39 CST
Kickoff time: 三, 06 2月 2036 23:06:39 CST
Password last set: 二, 19 5月 2020 00:40:53 CST
Password can change: 二, 19 5月 2020 00:40:53 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
4.重启服务
[root@linux etc]# systemctl restart smb
[root@linux etc]# systemctl enable smb
5.清空防火墙策略
[root@linux etc]# iptables -F
[root@linux Desktop]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ 确定 ]
6.关闭selinux
[root@linux etc]# setenforce 0
[root@linux Desktop]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
7.访问共享
7.1Windows访问samba服务器
在开始运行或者windows资源管理器中输入:\\192.168.10.10
输入在服务器中配置的用户名密码
输入正确的用户名密码后就可以看到服务器共享的文件了
进入共享文件目录中,新建一个文件夹
在服务端同步出现了新的文件夹
7.2Linux客户端访问samba服务器
在客户端上安装cifs服务
[root@localhost ~]# yum install cifs-utils -y
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Resolving Dependencies
--> Running transaction check
---> Package cifs-utils.x86_64 0:6.2-6.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
cifs-utils x86_64 6.2-6.el7 rhel 83 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 83 k
Installed size: 174 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : cifs-utils-6.2-6.el7.x86_64 1/1
Verifying : cifs-utils-6.2-6.el7.x86_64 1/1
Installed:
cifs-utils.x86_64 0:6.2-6.el7
Complete!
创建一个认证文件,将服务器配置的用户名、密码和工作组编辑进去,并修改只有root用户可以读写的权限。
[root@localhost ~]# vim password
username=shijie
password=shijie
domain=MYGROUP
[root@localhost ~]# chmod 600 password
[root@localhost ~]# ls -l password
-rw-------. 1 root root 47 May 19 15:32 password
在桌面创建文件夹用于挂载服务器共享的文件目录
[root@localhost Desktop]# mkdir shijie
[root@localhost Desktop]# ls
109 109.tar.gz shijie
将挂载信息写入fstab文件中,并挂载。
[root@localhost Desktop]# echo ‘//192.168.10.10/shijie /root/Desktop/shijie cifs credentials=/root/password 0 0’ >> /etc/fstab
[root@localhost Desktop]# mount -a
挂载后可以看到服务器共享的文件了,在文件中创建新文件可以发现服务器中的文件也会实时了。