samba
能在linux与windows之间进行文件案共享通用Internet文件系统(CIFS)也称为服务器信息块(SMB),是适用于Microsoft
Windows服务器和客户端的标准文件和打印机共享系统。
Samba服务可用于将Linux文件系统作为CIFS/SMB网络文件共享进行共享,并将Linux打印机作为CIFS/SMB打印机共享进行共享。
一、服务的安装
服务端:(在实验前重置虚拟机保证一个纯净的操作环境ip配置yum源配置)
4 clear
5 systemctl start smb 开启服务
6 systemctl enable smb.service 开机自启服务
7 systemctl stop firewalld
8 systemctl disable firewalld
9 id student (查看是否student用户真实存在,samba服务必须要用真实存在的用户登陆)
10 id westos
11 smbpasswd -a student 给student用户设置samba服务密码
12 useradd westos
13 id westos
14 smppasswd -a westos
15 smbpasswd -a westos
16 pdbedit -L 查看用户
17 getsebool -a | grep samba
18 setsebool -P(大写) samba_enable_home_dirs on 永久设置开启
3 yum install samba samba-client.x86_64 samba-common -y
5 systemctl start smb 开启服务
6 systemctl enable smb.service 开机自启服务
7 systemctl stop firewalld
8 systemctl disable firewalld
9 id student (查看是否student用户真实存在,samba服务必须要用真实存在的用户登陆)
11 smbpasswd -a student 给student用户设置samba服务密码
12 useradd westos
13 id westos
14 smppasswd -a westos 给westos用户设置samba服务密码
16 pdbedit -L 查看用户
pdbedit -X westos 删除用户westos
17 getsebool -a | grep samba
18 setsebool -P(大写) samba_enable_home_dirs on 永久设置开启
![](https://i-blog.csdnimg.cn/blog_migrate/c1323863c5e07e8e4cfa52afd34b30ca.png)
![](https://i-blog.csdnimg.cn/blog_migrate/9a410226b22449d2b081ae0fc5f7c408.png)
客户端:(在实验前重置虚拟机保证一个纯净的操作环境ip配置yum源配置)
102 yum install samba-client.x86_64 -y
103 smbclient -L //172.25.254.200 -U student 列出、查看student用户访问172.25.254.213
104 smbclient //172.25.254.200/student -U student
二、开机自动挂载
客户端:
110 smbclient //172.25.254.200/student -U student (上传文件只能上传此时所在目录下的文件即你在什么目录下登进去)
113 df
114 cd /mnt
115 ls
116 touch file
117 ls
119 cd
120 umount /mnt
121 vim /etc/fstab 开机自动挂载(尽量不要这样做,因为若172.25.254.213没有开机则此虚拟机也无法打开)
//172.25.254.213/student /mnt cifs defaults,username=student,password=student 0 0
122 mount -a
123 df
127 mount /mnt
128 umount /mnt
129 df
132 vim /etc/rc.d/rc.local (开机自启动挂载)
mount //172.25.254.213/student /mnt/ -o username=student,password=student
133 chmod +x /etc/rc.d/rc.local
挂载在/mnt下后当我们对/mnt执行时相当于在samba执行
服务端: ls /home/student
三、服务基本配置的更改
服务端:
24 rpm -qc samba-common 查看此软件生成的文件都有哪些25 vim /etc/samba/smb.conf 编辑配置文件(更改工作站名)
89 workgroup = WESTOS
26 systemctl restart smb.service
客户端:
服务端:
27 vim /etc/samba/smb.conf
hosts deny =172.25.254.155 (不允许172.25.254.155访问)28 systemctl restart smb.service
客户端:
客户端 smbclient -L //172.25.254.200 (测试)
(被拒绝)
服务端:
29 vim /etc/samba/smb.conf
hosts allow =172.25.254.155(只允许172.25.254.155访问)30 systemctl restart smb.service
客户端:
[root@client ~]# smbclient -L //172.25.254.200 (允许访问)
Enter root's password: (匿名用户没有密码,直接进入)
Anonymous login successful
Domain=[WESTOS] OS=[Unix] Server=[Samba 4.1.1]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.1.1)
Anonymous login successful
Domain=[WESTOS] OS=[Unix] Server=[Samba 4.1.1]
Server Comment
--------- -------
Workgroup Master
--------- -------
服务端:
; hosts deny =172.25.254.155 (将更改的还原)
32 systemctl restart smb.service
四、共享文件
1、共享自己新创建的
服务端:
36 mkdir /westos 新建目录/westos
37 semanage fcontext -a -t samba_share_t '/westos(/.*)?' 更改目录及目录下所有文件安全上下文为samba_share_t
38 restorecon -RvvF /westos 刷新安全上下文
39 ls -Zd /westos 查看安全上下文
40 vim /etc/samba/smb.conf
[DIR](在文件最后添加)
comment= westos dir
path = /westos
41 systemctl restart smb.service
客户端:
154 smbclient -L //172.25.254.200
156 smbclient //172.25.254.200/DIR -U student
2、共享系统文件
服务端:
40 vim /etc/samba/smb.conf
[mnt](在文件最后添加)
comment = /mnt dir
path = /mnt
41 systemctl restart smb.service
45 setsebool -P samba_export_all_ro on (这个打开以后自己新创建文件不需要再更改安全上下文)
46 cd /mnt
47 ls
48 touch file{1..3}
客户端:
158 smbclient -L //172.25.254.200
159 smbclient //172.25.254.213/mnt -U student
五、允许写,等操作
53 vim /etc/samba/smb.conf
[DIR]
comment= westos dir
path = /westos
browseable = yes(是否隐藏 当为no时隐藏,yes时显现)
54 systemctl restart smb.service
客户端:
162 smbclient -L //172.25.254.200
(2)服务端:
55 vim /etc/samba/smb.conf
[DIR]comment= westos dir
path = /westos
browseable = yes
writable = yes (系统是否可写)
56 systemctl restart smb.service (此时客户端不可写,因为/westos目录对其他人不可写)
63 chmod 777 /westos (此时可写)
客户端:
163 mount //172.25.254.200/DIR /mnt -o username=student,password=student
164 cd /mnt
165 touch /mnt/file
166 touch /mnt/file2
168 cd
169 umount /mnt
(3)服务端:
[DIR]
comment= westos dir
path = /westos
browseable = yes
#writable = yes
write list = student (只有student用户可写)
write list = @student (属于student用户组的可写)
73 systemctl restart smb.service
74 usermod -G student westos 给westos用户添加附加组student
客户端:
170 mount //172.25.254.200/DIR /mnt -o username=student,password=student
171 touch /mnt/file4
172 umount /mnt
173 mount //172.25.254.200/DIR /mnt -o username=westos,password=westos
174 touch /mnt/file5
182 umount /mnt
183 mount //172.25.254.200/DIR /mnt -o username=westos,password=westos
184 touch /mnt/file5
185 ll /mnt
(4)服务端
75 id westos
78 chmod 755 /westos 更改权限此时不可写
79 vim /etc/samba/smb.conf
comment= westos dir
path = /westos
browseable = yes
writable = yes
#write list = @student
admin users = westos (westos为超级用户身份)
80 systemctl restart smb.service
客户端:
183 mount //172.25.254.200/DIR /mnt -o username=westos,password=westos
184 touch /mnt/file6
六、多用户登陆(超级用户使用samba用户和密码登陆后切换到普通用户后还可以看到内容为避免此种情况)
客户端:
188 yum install cifs-utils.x86_64 -y
190 umount /mnt
191 vim /root/smbpass
username=student
password=student
193 cd /mnt
194 ls
195 touch file3
196 useradd test
198 su - test
在新建的test用户中
2 cifscreds add -u westos 172.25.254.200 (添加用户认证)
3 ls /mnt
4 touch file3
5 ls -ld /mnt
客户端:
201 smbclient //172.25.254.200/DIR (不允许匿名用户访问)
202 df
服务端:
vim /etc/samba/smb.conf
126 map to guest = bad user
322 [DIR]
323 comment= westos dir
324 path = /westos
325 browseable = yes
326 writable = yes
327 #write list = @student
328 admin users = westos
329 guest ok = yes
客户端:
204 smbclient //172.25.254.200/DIR
205 mount //172.25.254.200DIR /mnt -o username=guest,password=''