RedHat 7.4 SAMBA的搭建与配置
samba能支持从windows文件夹直接访问Linux远程文件夹,很方便开发的小工具。之前给公司服务器配了一个,现在稍微总结一下。
1. 环境搭建
1.通过yum仓库安装samba,输入命令:
yum install samba samba-client samba-swat -y
等待自动完成安装.
这里yum仓库找到了samba包,如果没有得自行下载tar.gz。
2.查看已安装的包
rpm -qa | grep samba
samba服务器安装完毕,会生成配置文件目录/etc/samba和其它一些samba可执行命令工具,/etc/samba/smb.conf 是samba的核心配置文件.
2. 配置samba
先定位到/etc/samba目录下,把smb.conf备份一下:cp smb.conf smb.conf.bak
现在我要把/share目录共享给我的win7机器,打开samba配置文件,
vi /etc/samba/smb.conf
用shift +g 或 G定位到最后一行,添加以下内容:
[global]
workgroup = SAMBA
security = user
passdb backend = tbdsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
path = /home
valid users = root
browseable = yes
read only = yes
inherit acls = yes
[tftp]
path = /tftpboot
available = yes
browseable = yes
public = yes
writable = yes
[printers]
comment = All Printers
path = /var/tmp
printable = yes
create mask = 0600
browseable = No
[printer$]
comment = Printer Dirvers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[wang] #共享文件名
comment = xxxx samba share #描述,不影响配置
path = /home/xxxx #共享文件夹所在路径
read only = no #是否只读
guest ok = yes #是否可访问
命令行输入service smb restart重启samba服务器。
3. 用户管理
su进入root用户
1.添加samba用户
smbpasswd -a xxxx(用户名)
输入两次用户密码
注:这里必须是已经存在的linux用户名,可使用useradd添加linux用户
重启samba服务器service smb restart
4. 配置共享文件夹
输入vi /etc/samba/smb.conf(这是smb服务器配置文件)
定位到配置文件最后, 有:
[wang] #共享文件名
comment = xxxx samba share #描述,不影响配置
path = /home/xxxx #共享文件夹所在路径
read only = no #是否只读
guest ok = yes #是否可访问
配置完重启samba服务器就ok了
service smb restart
5. 其它命令参考
1.SAMBA服务的介绍
后台的进程:smbd
使用的端口号:139,445
配置文件:/etc/samba/smb.conf (全局参数设置/共享目录)
2.服务的安装及配置
yum search samba #查看从哪个包里安装的
yum install samba -y #安装SAMBA服务
systemctl restart smb #重启服务
netstat -antulp | grep smb #查看服务的端口及其他
firewall-cmd --permanent --add-service=samba #防火墙添加Samba服务
firewall-cmd --reload
mkdir /share{1..3} #创建几个共享目录
touch /share1/file{1..9}
touch /share2/file{21..29}
touch /share3/file{31..39}
man semanage-fcontext
semanage fcontext -a -t samba_share_t "/share1/(/.*)?" #修改文件的上下文
semanage fcontext -a -t samba_share_t "/share2/(/.*)?"
semanage fcontext -a -t samba_share_t "/share3/(/.*)?"
restorecon -vFR /web
getsebool -a | grep samba
setsebool -P samba_enable_home_dirs on #设置布尔值
setsebool -P samba_export_all_rw on
chmod o+w /share1/ #文件夹可以让他人写入
chmod o+w /share2/
chmod o+w /share3/
或者
setacl -m u:user1:rwx -R /share1 #setacl
setacl -m u:user2:rwx -R /share2
setacl -m u:user3:rwx -R /share3
vim /etc/samba/smb.conf
workgroup=WORKGROUP #工作组
server string = han samba server #显示的信息
hosts all = 192.168.100.0/24 except 192.168.100.2 #访问控制
hosts deny = 192.168.100../24 except 192.168.100.2
3.无密码访问
vim /etc/samba/smb.conf
security = share #不要密码的,企业一般不用
[hanshare1] #共享目录的配置
comment= this is hanshare
path=/share1
public=yes #share yes || user no
browseable=yes
writable=yes
systemctl restart smb.service
linux客户端的访问
yum install samba-client cifs-utils -y #安装Samba客户端
smbclient -L //192.168.100.1
smbclient //192.168.100.1/hanshare1
ls #列出
put #上传
get #下载
prompt mget * #批量下载
4.用户和密码访问
useradd user1 -s /sbin/nologin
useradd user2 -s /sbin/nologin
useradd user3 -s /sbin/nologin
man smbpasswd
smbpasswd -a user1
smbpasswd -a user2
smbpasswd -a user3
vim /etc/samba/smb.conf
security = user
[share1] #谁都可以访问
conment = this is share1
path = /share1
public = no
browseable = yes
writable = yes
[share2]
conment = this is share2
path = /share2
public = no
browseable = yes
writable = no
write list = user1 #谁都能访问,只有user1可以写
[share3]
conment = this is share3
path = /share3
public = no
browseable = yes
writable = no
write list = user1 #只有user1可以访问
valid users = user1 #多用户,或者组(user1,user2,@caiwubu)
systemctl restart smb
windows客户端的连接
\\192.168.100.1
net use * /del #清除缓存
Linux客户端挂载(四种挂载方式,两类)
(1)mount -t cifs -o username=user1,passwd=user1 //192.168.100.1/share1 /mnt/share1/
(2)mount -o username=user1 //192.168.100.1/share1 /mnt/share1/
(3)vim /etc/filename #把用户和密码写在一个文件里
user=user1
passwd=user1
vim /etc/fstab
//192.168.100.1/share1 /mnt/share1 cifs credentials=/etc/filename 0 0 #验证的时候去找/etc/filename这个文件
(4)vim /etc/fstab
//192.168.100.1/share1 /mnt/share1 cifs username=user1,password=user1 0 0 #在挂载文件里直接写入用户和密码
vim /var/log/samba/* #日志文件
5.每个用户单独一个配置文件(每个用户只能访问自己的文件夹)
vim /etc/samba/smb.conf
config file = /etc/samba/smb.conf.%U #在配置文件的全局配置中添加一条这个命令
cp /etc/samba/smb.conf /etc/samba/smb.conf.user3
vim /etc/samba/smb.conf.user3 #配置每个用户的单独的配置文件
删除config file = /etc/samba/smb.conf.%U #在每个用户里删除刚才添加的那条命令
[share3]
comment=this is share3
path=/share3
public =no
browseable = yes
writable = yes
客户端连接
smbclicent -L //192.168.100.1 -U user3
smbclicent //192.168.100.1/share3 -U user3 #其他用户无法登入进来
6.多用户分级(rhel7新增加的功能multiuser)
vim /etc/samba/smb.conf
[share1]
comment = this is share1
path = /share1
public =no
browseable = yes
writable = no
write list = user1
valid user = user1 user2
Linux客户端
挂载方式(有三种)
(1)vim /han.txt #用户名和密码的文件
username=user1
password=user1
mount -o multiuser , credentials=/han.txt , sec=ntlmssp //192.168.100.1/share1 /mnt/share1
(2)mount -o multiuser,user=user1,sec=ntlmssp //192.168.100.1/share1 /mnt/share1/
(3)vim /etc/fstab
//192.168.100.1/share1 /mnt/share1 cifs defaults , multiuser , credentials=/han.txt , sec=ntlmssp 0 0
mount -a
ll /mnt/share1/
useradd user1 #客户端创建三个和服务器端相同的用户
useradd user2
useradd user3
su user1 #用户自己就有权限挂载使用
cifscreds add 192.168.100.1
ll /mnt/share1
touch /mnt/share1/666
ll /mnt/share1/
su - user2
cifscreds add 192.168.100.1
ll /mnt/share1
touch /mnt/share1/888
su - user3
ll /mnt/share1