目标:实现Samba文件共享服务 试验环境:两台主机服务端:192.168.56.11客户端:192.168.56.12
配置用户认证共享
服务端操作:
1.关闭防火墙,关闭selunix
[root@hejie ~]# setenforce 0
[root@hejie ~]# systemctl stop firewalld
2.安装软件包
[root@hejie ~]# yum install samba-* -y
3.启动smb并设置开机自启
[root@hejie ~]# systemctl start smb
[root@hejie ~]# systemctl enable smb
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
关于Samba的配置文件
[root@hejie ~]# grep -Ev '^#|^$' /etc/samba/smb.conf
[global] //全局参数
workgroup = SAMBA //工作组名称 非常重要
security = user //安全验证方式,总共四种
//share:无需验证身份,简单方便,安全性差
//user:需要验证用户密码才可以访问,安全性高
//server:需要通过三方服务器验证账号密码,(集中管理账户)
//domain:使用域控制器进行身份验证
passdb backend = tdbsam //定义用户后台的类型,共有三种
//smbpasswd:为系统用户设置Samba服务程序的密码
//tdbsam:创建数据库文件并使用pdbedit命令建立Samba服务程序的用户
//ldapsam:基于LDAP服务进行账户验证
printing = cups //设置Samba共享打印机的类型
printcap name = cups //设置共享打印机的配置文件
load printers = yes //设置在Samba服务启动时是否共享打印机设备
cups options = raw //打印机的选项
[homes] //共享参数
comment = Home Directories //描述信息
valid users = %S, %D%w%S //允许访问该共享的用户
browseable = No //指定共享信息是否可见
read only = No
inherit acls = Yes
[printers]
comment = All Printers 任意字符串
path = /var/tmp 共享目录路径
printable = Yes
create mask = 0600
browseable = No 指定该共享是否可以浏览
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root 允许写入该共享的用户
create mask = 0664
directory mask = 0775
4.添加用户"zhengran",不创建家目录,并设置密码。
[root@hejie ~]# useradd -M zhengran
[root@hejie ~]# smbpasswd -a zhengran
New SMB password:
Retype new SMB password:
Added user zhengran.
假设这里映射"zhengran"用户为share用户,那么就要在/etc/samba/smbusers文件中添加如下内容:
[root@hejie ~]# echo 'zhengran = share' > /etc/samba/smbusers
5.在全局配置中添加如下内容:
[root@hejie ~]# vim /etc/samba/smb.conf
[global]
workgroup = SAMBA
security = user
username map = /etc/samba/smbusers //添加此行内容
passdb backend = tdbsam
6.创建一个共享目录“zhengran”,并更改其属主属组为用户“zhengran”
[root@hejie ~]# mkdir /opt/zhengran
[root@hejie ~]# chown -R zhengran.zhengran /opt/zhengran/
[root@hejie ~]# ll /opt/
total 0
drwxr-xr-x. 2 zhengran zhengran 6 Aug 7 17:22 zhengran
7.配置共享
[root@hejie ~]# cat >> /etc/samba/smb.conf
> comment = zhengranwoaini //注释信息
> path = /opt/zhengran //共享目录路径
> browseable = yes //指定该共享是否可以浏览
> guest ok = yes //指定该共享是否允许guset账户访问
> writable = yes //指定目录是否可写
> write list = share //允许写入该共享的用户,组要用@表示,例如:
write list = root,@root
> public = yes //是否允许匿名访问
> EOF
8.用testparm检查配置文件是否有语法错误,可显示最终生效的配置
[root@hejie ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[zhengran]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = SAMBA
printcap name = cups
security = USER
username map = /etc/samba/smbusers
idmap config * : backend = tdb
cups options = raw
[homes]
comment = Home Directories
browseable = No
inherit acls = Yes
read only = No
valid users = %S %D%w%S
[printers]
comment = All Printers
path = /var/tmp
browseable = No
printable = Yes
create mask = 0600
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
create mask = 0664
directory mask = 0775
write list = root
[zhengran]
comment = zhengranwoaini
path = /opt/zhengran
guest ok = Yes
read only = No
write list = share
9.重启smb
[root@hejie ~]# systemctl restart smb
客户端上操作:
1.安装工具包
[root@hyj ~]# yum install samba-client cifs-utils -y
在客户机查看samba服务端有哪些共享资源
[root@hyj ~]# smbclient -L 192.168.56.11 -U share
Enter SAMBA\share's password:
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
zhengran Disk zhengranwoaini
IPC$ IPC IPC Service (Samba 4.6.2)
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
3.创建目录,并将samba服务器的共享资源zhengran挂载到客户机本地
[root@hyj ~]# mkdir /opt/ran
[root@hyj ~]# mount -t cifs //192.168.56.11/zhengran /opt/ran -o username=share,password=123
[root@hyj ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/CentOS-root 17G 1016M 16G 6% /
devtmpfs 982M 0 982M 0% /dev
tmpfs 993M 0 993M 0% /dev/shm
tmpfs 993M 8.5M 984M 1% /run
tmpfs 993M 0 993M 0% /sys/fs/cgroup
/dev/sda1 1014M 125M 890M 13% /boot
tmpfs 199M 0 199M 0% /run/user/0
//192.168.56.11/zhengran 47G 5.4G 42G 12% /opt/ran
4.在客户机挂载点创建新文件
[root@hyj ~]# cd /opt/ran/
[root@hyj ran]# touch 1 2 3
[root@hyj ran]# ls
1 2 3
5.在服务器上验证
[root@hejie ~]# cd /opt/zhengran/
[root@hejie zhengran]# ls
1 2 3
配置匿名共享
服务端
1.修改配置文件
[root@hejie ~]# vim /etc/samba/smb.conf
[global]
workgroup = SAMBA
security = user
map to guest = Bad User //添加此行
2.创建共享目录
[root@hejie ~]# mkdir /opt/ranran
[root@hejie ~]# chmod 777 /opt/ranran/
[root@hejie ~]# ll /opt/ranran/ -d
drwxrwxrwx. 2 root root 6 Aug 7 19:24 /opt/ranran/
3.配置共享
[root@hejie ~]# cat >> /etc/samba/smb.conf
> comment = ranranwoaini
> path = /opt/ranran
> browseable = yes
> writable = yes
> guest ok = yes
> public = yes
> EOF
4.重启服务
[root@hejie ~]# systemctl restart smb
5.在客户机上查看服务器端有哪些共享资源
[root@hyj ~]# smbclient -L 192.168.56.11 -U 'Bad User'
Enter SAMBA\Bad User's password: // 这里直接敲回车,不用输入密码
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
zhengran Disk zhengranwoaini
ran Disk ranranwoaini
IPC$ IPC IPC Service (Samba 4.6.2)
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
6.将samba服务器的共享资源ran挂在到客户机上
[root@hyj ~]# mount -t cifs //192.168.56.11/ran /opt/ran -o username='Bad User'
Password for Bad User@//192.168.56.11/ran:
[root@hyj ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 17G 1016M 16G 6% /
devtmpfs 982M 0 982M 0% /dev
tmpfs 993M 0 993M 0% /dev/shm
tmpfs 993M 8.5M 984M 1% /run
tmpfs 993M 0 993M 0% /sys/fs/cgroup
/dev/sda1 1014M 125M 890M 13% /boot
tmpfs 199M 0 199M 0% /run/user/0
//192.168.56.11/ran 47G 5.4G 42G 12% /opt/ran
7.在客户机上进入共享目录创建新文件
[root@hyj ~]# cd /opt/ran/
[root@hyj ran]# ls
[root@hyj ran]# touch a b c
[root@hyj ran]# ls
a b c
8.在服务端验证
[root@hejie ~]# cd /opt/ranran/
[root@hejie ranran]# ls
a b c
1474
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
