Samba
配置目录及主要配置文件
/etc/samba
/etc/samba/smb.conf
检查配置文件
testparm
配置文件
/etc/samba/smb.conf
[global] 全局设置
workgroup = MYGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
idmap config * : backend = tdb
cups options = raw
[homes] 用户家目录共享
comment = Home Directories
read only = No
browseable = No
[printers] 打印机共享
comment = All Printers
path = /var/spool/samba
printable = Yes
print ok = Yes
browseable = No
共享目录的认证配置
设置共享访问权限
valid users = 共享账号
write list = 共享账号
用户名或@组名 多个账号之间以逗号分隔
主机地址控制
hosts allow =IP或网段地址
hosts deny =IP或网段地址
实验
安装包
yum -y install samba
首先准备共享账号
共享账号与本地账号相对应的
密码可以不同
建立两个用户
[root@localhost repo]# useradd -s /sbin/nologin user1
[root@localhost repo]# pdbedit -a user1
new password:
retype new password:
Unix username: user1
NT username:
Account Flags: [U ]
User SID: S-1-5-21-2792076147-587696584-1372980158-1000
Primary Group SID: S-1-5-21-2792076147-587696584-1372980158-513
Full Name:
Home Directory: \localhostuser1
HomeDir Drive:
Logon Script:
Profile Path: \localhostuser1profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: 三, 06 2月 2036 23:06:39 CST
Kickoff time: 三, 06 2月 2036 23:06:39 CST
Password last set: 一, 15 8月 2016 13:58:38 CST
Password can change: 一, 15 8月 2016 13:58:38 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost repo]# useradd -s /sbin/nologin user2
[root@localhost /]# smbpasswd -a user2
New SMB password:
Retype new SMB password:
Added user user2.
查看共享账号列表
[root@localhost smb]# pdbedit -L
user1:500:
user2:501:
编辑配置文件最后加
vim /etc/samba/smb.conf
[smbgx] 共享名
path = /test 指定共享路径
public = no 不对所有人开发
readonly =yes 默认权限为只读
valid users = user1,user2 指定合法用户
writelist = user2 user2可读可写
启动服务
/etc/init.d/smb start
[root@localhost repo]# netstat -anptu |grep smb
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 3583/smbd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 3583/smbd
tcp 0 0 192.168.100.100:445 192.168.100.1:7189 ESTABLISHED 3590/smbd
tcp 0 0 :::139 :::* LISTEN 3583/smbd
tcp 0 0 :::445 :::* LISTEN 3583/smbd
[root@localhost repo]# ls /home/user1 /home/user2 /test
/home/user1:
issue
/home/user2:
fstab
/test:
inittab
使用smbclient访问共享
[root@localhost repo]# smbclient -L 192.168.100.100
Enter root's password: 直接回车
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
Sharename Type Comment
--------- ---- -------
smbgx Disk 刚才创建的共享
IPC$ IPC IPC Service (Samba Server Version 3.6.9-151.el6)
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
Server Comment
--------- -------
Workgroup Master
--------- -------
smbclient -U 用户名 //服务器地址/共享名
[root@localhost repo]# smbclient -U user1 //192.168.100.100/smbgx
Enter user1's password: 验证user1用户
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
smb: > ls
. D 0 Mon Aug 15 14:10:32 2016
.. DR 0 Mon Aug 15 14:06:49 2016
inittab 884 Mon Aug 15 14:10:33 2016
35983 blocks of size 524288. 27876 blocks available
smb: >
使用mount挂载共享
mount -t cifs //服务器地址/共享名 挂载点
mount -t cifs -o username=用户名,password=密码 //服务器地址/共享名 挂载点
[root@localhost repo]# mount -t cifs -o username=user1 //192.168.100.100/smbgx /smb
Password:
[root@localhost repo]# mount |tail -1
//192.168.100.100/smbgx on /smb type cifs (rw)
[root@localhost smb]# touch a
touch: 无法创建"a": 权限不够
[root@localhost /]# mount -o username=user2,password=1 //192.168.100.100/smbgx /smb
[root@localhost /]# mount |tail -1
//192.168.100.100/smbgx on /smb type cifs (rw)
不推荐这种做法
[root@localhost smb]# ll -d /test/
drwxr-xr-x. 2 root root 4096 8月 15 14:10 /test/
[root@localhost smb]# chmod o+w /test/
可以通过ACL来控制
setfacl -m user:user2:rwx /test
[root@localhost u1]# ll -d /test/
drwxrwxr-x+ 2 root root 4096 8月 15 14:38 /test/
[root@localhost smb]# ls
a inittab
[root@localhost smb]# touch b
[root@localhost smb]# ls
a b inittab
启用别名账号
启用别名映射文件
username map = 别名文件路径
编辑配置文件
vim /etc/samba/smb.conf
[global]
username map = /etc/samba/smbusers 默认别名记录文件
[root@localhost ~]# cat /etc/samba/smbusers
# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
user2 = gly 自己添加 左边是用户名 = 别名
验证别名成功
[root@localhost ~]# smbclient -U gly //192.168.100.100/smbgx
Enter gly's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6]
smb: > ls
. D 0 Mon Aug 15 14:41:40 2016
.. DR 0 Mon Aug 15 14:25:12 2016
inittab 884 Mon Aug 15 14:10:33 2016
a 0 Mon Aug 15 14:38:30 2016
b 0 Mon Aug 15 14:41:40 2016
35983 blocks of size 524288. 27876 blocks available