SAMBA 文件共享服务

samba 通过简单配置就能够实现Linux系统与Windows系统之间的文件共享工作，也可实现Linux与Linux之间的文件共享。

在配置samba前，有个小建议：虚拟机的ip地址最好配置成静态的，动态也可以哦。

samba服务程序的配置方法

第一步：在虚拟机中安装samba 　

[root@localhost ~]# yum install -y samba
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:4.10.16-13.el7_9 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================
Package Arch Version Repository Size
=======================================================================================
Installing:
samba x86_64 4.10.16-13.el7_9 updates 719 k

Transaction Summary
=======================================================================================
Install 1 Package

Total download size: 719 k
Installed size: 2.2 M
Downloading packages:
samba-4.10.16-13.el7_9.x86_64.rpm | 719 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : samba-4.10.16-13.el7_9.x86_64 1/1
Verifying : samba-4.10.16-13.el7_9.x86_64 1/1

Installed:
samba.x86_64 0:4.10.16-13.el7_9

Complete!

[root@localhost ~]#

第二步：查看samba服务程序主配置文件，并将主配置文件多余的删去，只留下下面部分

 （修改配置文件时使用命令 vim /etc/samba/smb.conf）

[root@localhost ~]# cat /etc/samba/smb.conf

[global]
workgroup = MYGROUP
security = user

passdb backend = tdbsam

printing = cups
printcap name = cups
load printers = yes
cups options = raw

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[root@localhost ~]#

第三步：通过修改配置文件配置共享资源，手动添加下面信息

[root@localhost ~]# cat /etc/samba/smb.conf

[global]
workgroup = MYGROUP
security = user

passdb backend = tdbsam

printing = cups
printcap name = cups
load printers = yes
cups options = raw

[database]
comment =Do not arbitrarily modify the database file
path = /home/database
public = no
writable = yes

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[root@localhost ~]#

第四步：重启samba服务

[root@localhost ~]#systemctl restart smb

[root@localhost ~]#

第五步：创建用于访问共享资源的账户信息

Samba服务程序的数据库要求账户必须在当前系统中已经存在，否则日后创建文件时将导致文件的权限属性混乱不堪，由此引发错误。

pdbedit命令用于管理SMB服务程序的账户信息数据库，格式为“pdbedit [选项] 账户”。在第一次把账户信息写入到数据库时需要使用-a参数，以后在执行修改密码、删除账户等操作时就不再需要该参数了

[root@localhost ~]# useradd wangju

[root@localhost ~]# id wangju

uid=1000(wangju) gid=1000(wangju) groups=1000(wangju)

[root@localhost ~]# pdbedit -a -u wangju

new password:此处输入该账户在Samba服务数据库中的密码

retype new password:再次输入密码进行确认

Unix username: wangju

NT username: 

Account Flags: [U ]

User SID: S-1-5-21-507407404-3243012849-3065158664-1000

Primary Group SID: S-1-5-21-507407404-3243012849-3065158664-513

Full Name: wangju

Home Directory: \\localhost\wangju

HomeDir Drive: 

Logon Script: 

Profile Path: \\localhost\wangju\profile

Domain: LOCALHOST

Account desc: 

Workstations: 

Munged dial: 

Logon time: 0

Logoff time: Wed, 06 Feb 2036 10:06:39 EST

Kickoff time: Wed, 06 Feb 2036 10:06:39 EST

Password last set: Mon, 13 Mar 2017 04:22:25 EDT

Password can change: Mon, 13 Mar 2017 04:22:25 EDT

Password must change: never

Last bad password : 0

Bad password count : 0

Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

第六步：创建用于共享资源的文件目录，并且设置文件权限

修改完毕后执行restorecon命令，让应用于目录的新SELinux安全上下文立即生效

[root@localhost ~]# mkdir /home/database

[root@localhost ~]# chown -Rf wangju:wangju /home/database

[root@localhost ~]# semanage fcontext -a -t samba_share_t /home/database

[root@localhost ~]# restorecon -Rv /home/database

restorecon reset /home/database context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:samba_share_t:s0

第七步：设置SELinux服务与策略，使其允许通过Samba服务程序访问普通用户家目录

执行getsebool命令，筛选出所有与Samba服务程序相关的SELinux域策略，根据策略的名称选择出正确的策略条目进行开启即可

[root@localhost ~]# getsebool -a | grep samba

samba_create_home_dirs --> off

samba_domain_controller --> off

samba_enable_home_dirs --> off

samba_export_all_ro --> off

samba_export_all_rw --> off

samba_portmapper --> off

samba_run_unconfined --> off

samba_share_fusefs --> off

samba_share_nfs --> off

sanlock_use_samba --> off

use_samba_home_dirs --> off

virt_sandbox_use_samba --> off

virt_use_samba --> off

[root@localhost ~]# setsebool -P samba_enable_home_dirs on

第八步：重启smb服务，并清空iptables防火墙，检验配置效果

[root@localhost ~]# systemctl restart smb

[root@localhost ~]# systemctl enable smb （ 开机自启动）

ln -s '/usr/lib/systemd/system/smb.service' '/etc/systemd/system/multi-user.target.wants/smb.service'

[root@localhost ~]# iptables -F

[root@localhost ~]# service iptables save

iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]

第九步：Windows挂载共享

要在Windows系统中访问共享资源，只需在Windows的“运行”命令框中输入两个反斜杠，然后再加上虚拟机中的IP地址即可

可以采用简单的方式查看虚拟机的ip地址,取第一个地址

[root@localhost ~]# hostname -I

192.168.146.133  192.168.122.1

 确定后会打开如下界面

 输入账户与密码，就可看到共享界面的文档了。

可以在共享文档里面新建文件，可分别在Windows系统和Linux系统中查看

Windows系统中的效果如下图

在Linux系统中的效果如下图

 第十步：Linux挂载共享

（从这一步开始，所有的配置都是在客户端配置的）

Samba服务程序也可以实现Linux系统之间的文件共享，设置Samba服务程序所在主机（即Samba共享服务器）和Linux客户端使用的IP地址，然后在客户端安装支持文件共享服务的软件包（cifs-utils）。

[root@localhost ~]# yum install cifs-utils

Loaded plugins: langpacks, product-id, subscription-manager

rhel | 4.1 kB 00:00 

Resolving Dependencies

--> Running transaction check

---> Package cifs-utils.x86_64 0:6.2-6.el7 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

================================================================================

Package Arch Version Repository Size

================================================================================

Installing:

 cifs-utils x86_64 6.2-6.el7 rhel 83 k

Transaction Summary

================================================================================

Install 1 Package

Total download size: 83 k

Installed size: 174 k

Is this ok [y/d/N]: y

Downloading packages:

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Installing : cifs-utils-6.2-6.el7.x86_64 1/1 

Verifying : cifs-utils-6.2-6.el7.x86_64 1/1 

Installed:

cifs-utils.x86_64 0:6.2-6.el7 

Complete!

第十一步：配置Linux客户端

按照Samba服务的用户名、密码、共享域的顺序将相关信息写入到一个认证文件中，为了保证不被其他人随意看到，最后把这个认证文件的权限修改为仅root管理员才能够读写[root@localhost ~]# vim auth.smb

username=wangju

password=wangju

domain=MYGROUP

[root@localhost ~]# chmod -Rf 600 auth.smb

第十二步：Linux客户端上创建一个用于挂载Samba服务共享资源的目录

把挂载信息写入到/etc/fstab文件中，以确保共享挂载信息在服务器重启后依然生效

[root@localhost ~]# mkdir /database

[root@localhost ~]# vim /etc/fstab

#

# /etc/fstab

# Created by anaconda on Wed May 4 19:26:23 2017

#

# Accessible filesystems, by reference, are maintained under '/dev/disk'

# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

#

/dev/mapper/rhel-root / xfs defaults 1 1

UUID=812b1f7c-8b5b-43da-8c06-b9999e0fe48b /boot xfs defaults 1 2

/dev/mapper/rhel-swap swap swap defaults 0 0

/dev/cdrom /media/cdrom iso9660 defaults 0 0 

//192.168.146.133/database /database cifs credentials=/root/auth.smb 0 0

[root@localhost ~]# mount -a

第十三步：进入到挂载目录/database后就可以看到Windows系统访问Samba服务程序时留下来文件了（即文件feifei.txt）

[root@localhost ~]# cat /database/feifei.txt

I like you but just like you

 

嘻嘻，文章结束啦！！！