Samba服务程序是一款基于SMB协议并由服务端和客户端组成的开源文件共享软件,实现了Linux与Windows系统间的文件共享。
一、安装samba软件并设置开机自启动
[root@localtest10 ~]# yum -y install samba
日志打印省略
[root@localtest10 ~]# systemctl enable smb 设置开机自启动
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
[root@localtest10 ~]# systemctl is-enabled smb 确认是否已设置开机自启动
enabled二、配置防火墙放行Samba
samba默认使用TCP:139和445端口,UDP:137和138端口,/usr/lib/firewalld/services/samba.xml配置文件包含了这4个默认端口,所有开放samba服务就行。
[root@localtest10 ~]# firewall-cmd --add-service=samba --permanent
success
[root@localtest10 ~]# firewall-cmd --reload
success
[root@localtest10 ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: bond0
sources:
services: dhcpv6-client http https ntp samba ssh
ports: 55555/tcp 3260/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:三、创建访问samba用户
先创建操作系统用户,再关联到samba服务,samba名称可自定义
[root@localtest10 ~]# useradd samba
[root@localtest10 ~]# pdbedit -a -u samba
new password:
retype new password:
Unix username: samba
NT username:
Account Flags: [U ]
User SID: S-1-5-21-2785848677-2935801267-1846127573-1000
Primary Group SID: S-1-5-21-2785848677-2935801267-1846127573-513
Full Name:
Home Directory: \\localtest10\samba
HomeDir Drive:
Logon Script:
Profile Path: \\localtest10\samba\profile
Domain: LOCALTEST10
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 23:06:39 CST
Kickoff time: Wed, 06 Feb 2036 23:06:39 CST
Password last set: Sat, 24 Apr 2021 23:07:20 CST
Password can change: Sat, 24 Apr 2021 23:07:20 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF四、创建对外共享的目录并赋权
[root@localtest10 ~]# mkdir /share
[root@localtest10 ~]# chown samba:samba /share/
[root@localtest10 ~]# chmod 700 /share/
[root@localtest10 ~]# ls -la / |grep share
drwx------ 2 samba samba 6 Apr 24 23:09 share五、在对外共享目录内临时创建文件用于测试
写入123内容到123.txt文件
[root@localtest10 ~]# su - samba
[samba@localtest10 ~]$ pwd
/home/samba
[samba@localtest10 ~]$ cd /share/
[samba@localtest10 share]$ echo "123" > 123.txt
[samba@localtest10 share]$ cat 123.txt
123
[samba@localtest10 share]$ ls -l
total 4
-rw-rw-r-- 1 samba samba 4 Apr 24 23:12 123.txt六、添加对外共享目录配置到Samba主配置文件
本例增加的[share]及后面的内容
[root@localtest10 ~]# vi /etc/samba/smb.conf
[share]
comment = Do not arbitrarily modify the database file
path = /share
public = no
writable = yes
[root@localtest10 ~]# cat /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[share]
comment = Do not arbitrarily modify the database file
path = /share
public = no
writable = yes
[share1]
comment = Do not arbitrarily modify the database file
path = /home
public = no
writable = yes
共享多个目录
启动samba服务:
systecmctl start smb
查看samba服务是否启动:systemctl status smb
如果是active则启动成功。
查看samba进程是否启动:ps -ef | grep smb
7、测试Windows客户端远程访问Samba服务
执行Win+R打开下图并输入Samba服务IP和共享目录
这个ip地址为对应的linux端的IP,centos查看ip:
ip addr 或 ifconfig
注意:这个地方有可能连接不上,我的原因是因为除了firewall防火墙之外,还有selinux防火墙,和iptables防火墙。关闭selinux的命令为setenforce 0
iptables允许samba服务通过命令:iptables -I INPUT -p tcp -m mulitport 138,139,145 -j ACCEPT
成功后L:
1456
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
