samba筆記: http://services.linuxpanda.tech/%E7%BD%91%E7%BB%9C%E6%96%87%E4%BB%B6%E5%85%B1%E4%BA%AB/samba.html
文章參考:https://wiki.archlinux.org/index.php/Samba_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)
1.samba簡介
Samba是在Linux和UNIX系統上實現SMB協議的一個免費軟件,由服務器及客戶端程序構成。SMB(Server Messages Block,信息服務塊)是一種在局域網上共享文件和打印機的一種通信協議,它為局域網內的不同計算機之間提供文件及打印機等資源的共享服務。SMB協議是客戶機/服務器型協議,客戶機通過該協議可以訪問服務器上的共享文件系統、打印機及其他資源。通過設置“NetBIOS over TCP/IP”使得Samba不但能與局域網絡主機分享資源,還能與全世界的電腦分享資源。
2.環境介紹
os:centos7
samba: 4.4.4
3.安裝samba
[root@mail samba]# yum -y install samba samba-client samba-swat
4.啟動samba
[root@mail samba]# systemctl enable smb Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service. [root@mail samba]# systemctl enable nmb Created symlink from /etc/systemd/system/multi-user.target.wants/nmb.service to /usr/lib/systemd/system/nmb.service. [root@mail samba]# systemctl start smb [root@mail samba]# systemctl start nmb [root@mail samba]#
5.查看smb,nmb占用端口信息
[root@mail samba]# netstat -tunlp | grep mb tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 57979/smbd tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 57979/smbd tcp6 0 0 :::139 :::* LISTEN 57979/smbd tcp6 0 0 :::445 :::* LISTEN 57979/smbd udp 0 0 192.168.122.255:137 0.0.0.0:* 58003/nmbd udp 0 0 192.168.122.1:137 0.0.0.0:* 58003/nmbd udp 0 0 192.168.137.255:137 0.0.0.0:* 58003/nmbd udp 0 0 192.168.137.101:137 0.0.0.0:* 58003/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 58003/nmbd udp 0 0 192.168.122.255:138 0.0.0.0:* 58003/nmbd udp 0 0 192.168.122.1:138 0.0.0.0:* 58003/nmbd udp 0 0 192.168.137.255:138 0.0.0.0:* 58003/nmbd udp 0 0 192.168.137.101:138 0.0.0.0:* 58003/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 58003/nmbd
6.編輯 /etc/samba/smb.conf
[root@mail samba]# vim /etc/samba/smb.conf 添加如下內容 [tools] comment = Public Stuff path = /share/test read only = No guest ok = Yes
7.創建指定共享的目錄
[root@mail samba]# mkdir -pv /share/test mkdir: created directory ‘/share/test’
[root@mail samba]# chown -R nobody.nobody /share/test #這里使用了nobody的,如果對權限有要求,可以使用smbpasswd -a 添加一個用戶(用戶必須系統存在),使用setfacl添加權限即可。
8.測試配置文件正確性
[root@mail samba]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Processing section "[tools]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions 回車 # Global parameters [global] workgroup = SAMBA printcap name = cups security = USER idmap config * : backend = tdb cups options = raw [homes] comment = Home Directories browseable = No inherit acls = Yes read only = No valid users = %S %D%w%S [printers] comment = All Printers path = /var/tmp browseable = No printable = Yes create mask = 0600 [print$] comment = Printer Drivers path = /var/lib/samba/drivers create mask = 0664 directory mask = 0775 write list = root [tools] comment = Public Stuff path = /share/test guest ok = Yes read only = No
9.訪問共享文件
9.1Windows平台可以直接在資源管理器輸入\\192.168.137.100\tools即可訪問 其中192.168.137.100為samba服務器的地址, tools為共享名稱
9.2Linux平台可以使用
[root@mail samba]# smbclient //192.168.137.101/tools Enter root's password: session setup failed: NT_STATUS_LOGON_FAILURE [root@mail samba]# smbpasswd -a root New SMB password: Retype new SMB password: Added user root. [root@mail samba]# smbclient //192.168.137.101/tools Enter root's password: Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4] smb: \> ls . D 0 Mon Feb 20 23:05:52 2017 .. D 0 Mon Feb 20 23:05:52 2017 38770180 blocks of size 1024. 33408000 blocks available smb: \>
10. 掛載windows上共享的目錄
10.1在window上我們創建一個共享
上面我們把window機器上的目錄名為ftp的目錄共享給了window的另一個用戶oracle,權限為讀寫的。
10.2 linux 使用認證文件(cerdentials)掛着windows共享目錄
[root@localhost samba]# smbclient //192.168.40.1/ftp -U oracle #這里先使用smbclient測試下我們的用戶和密碼的正確性
Enter oracle's password:
session request to 192.168.40.1 failed (Called name not present)
Domain=[DESKTOP-TN5P2FR] OS=[Windows 10 Enterprise 2016 LTSB 14393] Server=[Windows 10 Enterprise 2016 LTSB 6.3]
smb: \> ls #查看
. D 0 Fri Apr 7 22:52:52 2017
.. D 0 Fri Apr 7 22:52:52 2017
anaconda-ks.cfg A 1395 Sun Mar 19 10:15:42 2017
boot D 0 Mon Jan 23 17:42:30 2017
boot.iso A 6199291904 Mon Jan 23 18:22:43 2017
VSCodeSetup-1.8.0.exe A 33999136 Sat Feb 25 17:54:31 2017
59608 blocks of size 8388608. 26965 blocks available
smb: \> quit #退出
[root@localhost samba]# vim 192.168.4.150.pwd #創建一個認證文件 [root@localhost samba]# cat 192.168.4.150.pwd #檢查認證文件內容,使用man 8 mount.cifs 獲取詳細信息 username=oracle password=oracle [root@localhost samba]# chmod 700 192.168.4.150.pwd #修改這個認證文件的權限 [root@localhost samba]# mount.cifs //192.168.40.1/ftp /mnt/winftp -o credentials=/etc/samba/192.168.4.150.pwd #掛着windows共享 [root@localhost samba]# tail -n 1 /etc/mtab >> /etc/fstab #把mtab的最后一行追加到fstab中 [root@localhost samba]# cat /etc/fstab #查看fstab # # /etc/fstab # Created by anaconda on Mon Jan 23 14:39:48 2017 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/VolGroup-lv_root / ext4 defaults 1 1 UUID=5c3d4278-fa8d-4626-9546-67c0c26831b5 /boot ext4 defaults 1 2 /dev/mapper/VolGroup-lv_swap swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/sr0 /mnt/cdrom iso9660 ro 0 0 //192.168.40.1/ftp /mnt/winftp cifs rw 0 0 [root@localhost samba]# vim /etc/fstab #編輯 [root@localhost samba]# cat /etc/fstab #檢查 # # /etc/fstab # Created by anaconda on Mon Jan 23 14:39:48 2017 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/VolGroup-lv_root / ext4 defaults 1 1 UUID=5c3d4278-fa8d-4626-9546-67c0c26831b5 /boot ext4 defaults 1 2 /dev/mapper/VolGroup-lv_swap swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/sr0 /mnt/cdrom iso9660 ro 0 0 //192.168.40.1/ftp /mnt/winftp cifs credentials=/etc/samba/192.168.4.150.pwd 0 0
[root@localhost samba]# umount /mnt/winftp/ #卸載我們手工添加的
[root@localhost samba]# mount -a #掛載所有
[root@localhost samba]# mount #查看
/dev/mapper/VolGroup-lv_root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,rootcontext="system_u:object_r:tmpfs_t:s0")
/dev/sda1 on /boot type ext4 (rw)
/dev/sr0 on /mnt/cdrom type iso9660 (ro)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
//192.168.40.1/ftp on /mnt/winftp type cifs (rw)
11 搭建基於web的配置環境
11.1 設置swat的訪問主機
[root@localhost xinetd.d]# vim /etc/xinetd.d/swat #編輯swat文件, 修改only_from 為我們要基於web管理的主機ip或者一個網段即可。 [root@localhost xinetd.d]# cat /etc/xinetd.d/swat # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { disable = no port = 901 socket_type = stream wait = no only_from = 192.168.40.1 user = root server = /usr/sbin/swat log_on_failure += USERID }
11.2 激活swat 並啟動xinet.d
[root@localhost xinetd.d]# chkconfig swat on #激活swat [root@localhost xinetd.d]# service xinetd restart #重啟xinetd, Stopping xinetd: [ OK ] Starting xinetd: [ OK ] [root@localhost xinetd.d]# netstat -tlnp | grep 901 #查看901端口信息 tcp 0 0 :::901 :::* LISTEN 4744/xinetd
11.3 測試web配置
