热门标签
热门文章
- 1Linux-线程-010
- 2关于”TCP直接返回“_tcp原路返回
- 3基于Java助农农产品销售平台系统的设计与实现(Springboot框架) 参考文献
- 4HikariCP--基础--02--配置参数_hikariconfig配置
- 5html+css实例_css+h3+html项目
- 6常见的国内外Linux服务器运维面板汇总_国外面板
- 7专访格灵深瞳CTO赵勇:为" 计算机视觉" 赋予智慧的光芒_赵勇元宇宙
- 8[toolschain] 怎么运用git 嵌套git 管理(子文件夹中也有个git) 并且如何简单设置使用repo的笔记 本文是求助GPT的记录 实践有用
- 91297:公共子序列_1297:公共子序列
- 10阿里云中小企业扶持权益,助力企业开启智能时代创业新范式
当前位置: article > 正文
文件共享服务samba_smb服务版本
作者:小丑西瓜9 | 2024-03-03 07:55:01
赞
踩
smb服务版本
一、实验环境
linux 的samba 服务端环境: [root@localhost ~]# cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core) [root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-229.el7.x86_64 #1 SMP Fri Mar 6 11:36:42 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]# ip addr show|sed -rn '/inet[[:space:]]+127/! s/^[[:space:]]+inet[[:space:]]+(.*)\/[[:digit:]]+[[:space:]]+.*$/\1/p' 172.16.0.118 linux的samba客户端环境: [root@localhost ~]# cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core) [root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-229.el7.x86_64 #1 SMP Fri Mar 6 11:36:42 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]# ip addr show|sed -rn '/inet[[:space:]]+127/! s/^[[:space:]]+inet[[:space:]]+(.*)\/[[:digit:]]+[[:space:]]+.*$/\1/p' 172.16.0.120 windows的samba客户端环境就不说了,一会儿会简单演示一下。
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
二、samba简单概述
参考摘抄引用:
https://baike.baidu.com/item/NetBIOS%E5%8D%8F%E8%AE%AE/8938996?fr=aladdin
https://baike.baidu.com/item/smb/4750512
https://baike.baidu.com/item/cifs/5620036?fr=aladdin
https://blog.csdn.net/vevenlcf/article/details/43057435
几个协议:
NetBIOS:NetBIOS协议是由IBM公司开发,主要用于数十台计算机的小型局域网。NetBIOS协议是一种在局域网上的程序可以使用的应用程序编程接口,为程序提供了请求地基服务的统一命令集,作用是为了给局域网提供网络以及其他特殊功能,几乎所有的局域网都是在NetBIOS协议的基础上工作的;
SMB:Service message block,服务信息块。它被用于Web连接和客户端与服务器之间的信息沟通。SMB最初是由IBM的贝瑞·费根鲍姆(Barry Feigenbaum)研制的,其目的是将DOS操作系统中的本地文件接口“中断13”改造为网络文件系统;
CIFS:Common Internet File System,通用网络文件系统。CIFS是一个新提出的协议,它使得程序可以访问远程Internet计算机上的文件并要求此计算机提供服务。CIFS使用的是C/S模式。客户端程序请求远在服务器上的服务器程序为它提供服务。服务器获得请求并返回响应。CIFS是公共的或开放的SMB协议版本,并由Microsoft使用。SMB协议在局域网上服务器文件访问和打印的协议。像SMB协议一样,CIFS在高层运行,而不像TCP/IP协议那样运行在底层。CIFS可以看作是应用程序协议入文件传输协议和超文本传输协议的一个实现。
历史情况:
在NetBIOS出现之后,Microsoft就使用NetBIOS实现了一个网络文件/打印服务系统,这个系统基于NetBIOS设定了一套共享协议,Microsoft称之为SMB(Service Message Block)协议。这个协议被Microsoft用于它们Lan Manager和Windows NT服务器系统中,而Windows系统均包括这个协议的客户软件,因而这个协议在局域网系统中影响很大。
随着Internet的流行,Microsoft希望将这个协议扩展到Internet上去,称为Internet上计算机之间相互共享数据的一种标准。因此它将原有的几乎没有多少技术文档的SMB协议进行整理,重新命名为CIFS(Common Internet File System),并打算将它与NetBIOS相脱离,试图使得它成为Internet上的一个标准协议。
三、samba实现的软件包介绍
3.1、和samba相关的软件包
[root@localhost ~]# yum list samba* Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.163.com * epel: mirrors.aliyun.com * extras: mirrors.cn99.com * updates: mirrors.cn99.com Available Packages samba.x86_64 4.8.3-4.el7 base samba-client.x86_64 4.8.3-4.el7 base samba-client-libs.i686 4.8.3-4.el7 base samba-client-libs.x86_64 4.8.3-4.el7 base samba-common.noarch 4.8.3-4.el7 base samba-common-libs.x86_64 4.8.3-4.el7 base samba-common-tools.x86_64 4.8.3-4.el7 base samba-dc.x86_64 4.8.3-4.el7 base samba-dc-libs.x86_64 4.8.3-4.el7 base samba-devel.i686 4.8.3-4.el7 base samba-devel.x86_64 4.8.3-4.el7 base samba-krb5-printing.x86_64 4.8.3-4.el7 base samba-libs.i686 4.8.3-4.el7 base samba-libs.x86_64 4.8.3-4.el7 base samba-pidl.noarch 4.8.3-4.el7 base samba-python.x86_64 4.8.3-4.el7 base samba-python-test.x86_64 4.8.3-4.el7 base samba-test.x86_64 4.8.3-4.el7 base samba-test-libs.i686 4.8.3-4.el7 base samba-test-libs.x86_64 4.8.3-4.el7 base samba-vfs-glusterfs.x86_64 4.8.3-4.el7 base samba-winbind.x86_64 4.8.3-4.el7 base samba-winbind-clients.x86_64 4.8.3-4.el7 base samba-winbind-krb5-locator.x86_64 4.8.3-4.el7 base samba-winbind-modules.i686 4.8.3-4.el7 base samba-winbind-modules.x86_64 4.8.3-4.el7 bas
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
3.2、samba服务端要安装的软件包
samba,samba-common,samba-libs (1) samba samba是一款用于实现unix或unix与windows主机实现互通的标准程序组件。 [root@localhost ~]# yum info samba Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.163.com * epel: mirrors.aliyun.com * extras: mirrors.cn99.com * updates: mirrors.cn99.com Available Packages Name : samba Arch : x86_64 Version : 4.8.3 Release : 4.el7 Size : 680 k Repo : base/7/x86_64 Summary : Server and Client software to interoperate with Windows machines URL : http://www.samba.org/ License : GPLv3+ and LGPLv3+ Description : Samba is the standard Windows interoperability suite of programs for Linux and : Unix. (2) samba-common samba-common为samba的服务端和客户端提供必须的文件。 [root@localhost ~]# yum info samba-common Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.163.com * epel: mirrors.aliyun.com * extras: mirrors.cn99.com * updates: mirrors.cn99.com Available Packages Name : samba-common Arch : noarch Version : 4.8.3 Release : 4.el7 Size : 206 k Repo : base/7/x86_64 Summary : Files used by both Samba servers and clients URL : http://www.samba.org/ License : GPLv3+ and LGPLv3+ Description : samba-common provides files necessary for both the server and client : packages of Samba. (3) samba-libs samba-libs提供的是链接库相关的东西。 [root@localhost ~]# yum info samba-libs Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.163.com * epel: mirrors.aliyun.com * extras: mirrors.cn99.com * updates: mirrors.cn99.com Available Packages Name : samba-libs Arch : i686 Version : 4.8.3 Release : 4.el7 Size : 280 k Repo : base/7/x86_64 Summary : Samba libraries URL : http://www.samba.org/ License : GPLv3+ and LGPLv3+ Description : The samba-libs package contains the libraries needed by programs that link : against the SMB, RPC and other protocols provided by the Samba suite. Name : samba-libs Arch : x86_64 Version : 4.8.3 Release : 4.el7 Size : 276 k Repo : base/7/x86_64 Summary : Samba libraries URL : http://www.samba.org/ License : GPLv3+ and LGPLv3+ Description : The samba-libs package contains the libraries needed by programs that link : against the SMB, RPC and other protocols provided by the Samba suite.
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
3.3、samba服务端安装的软件包的文件简单说明
[root@localhost ~]# yum install samba samba-common samba-libs #安装过程省略...... samba-common: [root@localhost ~]# rpm -ql samba-common /etc/logrotate.d /etc/logrotate.d/samba #rsyslog管理samba的日志的配置文件 /etc/samba /etc/samba/lmhosts #NetBIOS名字和IP地址之间的映射的配置文件,有点类似于/etc/hosts文件 /etc/samba/smb.conf #samba的主配置文件 /etc/samba/smb.conf.example #samba主配置文件的模板文件 /etc/sysconfig/samba #smb和nmb服务的配置文件(smb.service,nmb.service) /usr/lib/tmpfiles.d/samba.conf /usr/share/man/man5/lmhosts.5.gz /usr/share/man/man5/smb.conf.5.gz /usr/share/man/man5/smbpasswd.5.gz /usr/share/man/man7/samba.7.gz /var/lib/samba #与samba服务数据存储相关的目录 /var/lib/samba/lock /var/lib/samba/private /var/log/samba #samba服务的日志文件目录 /var/log/samba/old /var/run/samba #samba服务进程的pid文件目录 /var/run/winbindd samba-libs: [root@localhost ~]# rpm -ql samba-libs /usr/lib64/libdcerpc-samr.so.0 /usr/lib64/libdcerpc-samr.so.0.0.1 /usr/lib64/libsamba-policy.so.0 /usr/lib64/libsamba-policy.so.0.0.1 /usr/lib64/samba/libLIBWBCLIENT-OLD-samba4.so /usr/lib64/samba/libMESSAGING-SEND-samba4.so /usr/lib64/samba/libMESSAGING-samba4.so /usr/lib64/samba/libauth-unix-token-samba4.so /usr/lib64/samba/libauth4-samba4.so /usr/lib64/samba/libcluster-samba4.so /usr/lib64/samba/libdcerpc-samba4.so /usr/lib64/samba/libnon-posix-acls-samba4.so /usr/lib64/samba/libsamba-net-samba4.so /usr/lib64/samba/libsamba-python-samba4.so /usr/lib64/samba/libshares-samba4.so /usr/lib64/samba/libsmbpasswdparser-samba4.so /usr/lib64/samba/libxattr-tdb-samba4.so samba: [root@localhost ~]# rpm -ql samba /etc/openldap/schema #与ldap协议相关的配置 /etc/openldap/schema/samba.schema /etc/pam.d/samba #与pam认证相关的配置 /usr/bin/eventlogadm #与samba事件日志记录相关的程序 /usr/bin/smbstatus #列出当前samba连接信息的程序 /usr/lib/systemd/system/nmb.service #nmb服务的unit文件 /usr/lib/systemd/system/smb.service #smb服务的unit文件 /usr/lib64/samba/auth /usr/lib64/samba/auth/script.so /usr/lib64/samba/auth/unix.so /usr/lib64/samba/vfs /usr/lib64/samba/vfs/acl_tdb.so /usr/lib64/samba/vfs/acl_xattr.so /usr/lib64/samba/vfs/aio_fork.so /usr/lib64/samba/vfs/aio_pthread.so /usr/lib64/samba/vfs/audit.so /usr/lib64/samba/vfs/btrfs.so /usr/lib64/samba/vfs/cap.so /usr/lib64/samba/vfs/catia.so /usr/lib64/samba/vfs/commit.so /usr/lib64/samba/vfs/crossrename.so #中间省略很多模块文件 /usr/sbin/nmbd #NetBIOS name server to provide NetBIOS over IP naming services to clients /usr/sbin/smbd #server to provide SMB/CIFS services to clients #中间省略安装的文档文件 /var/lib/samba /var/lib/samba/lock /var/lib/samba/private /var/log/samba /var/log/samba/old /var/run/samba /var/run/winbindd
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
3.4、监听端口说明
smb.service监听端口:139/tcp,445/tcp
nmb.service监听端口:137/udp,138/udp
PS:如果只需要和linux交互,nmb.service可以不用启用。smb.service就可以完成文件共享交互。如果要让windows可以用,网上邻居能看到,要启用nmb.service服务。
3.5、samba客户端相关的软件包
samba-client,cifs-utils [root@localhost ~]# yum install samba-clients cifs-utils #安装过程省略...... cifs-utils:让mount程序支持CIFS协议。(mount -t cifs或mount.cifs) [root@localhost ~]# yum info cifs-utils Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.cn99.com * epel: mirrors.tuna.tsinghua.edu.cn * extras: mirrors.cn99.com * updates: mirrors.cn99.com Installed Packages Name : cifs-utils Arch : x86_64 Version : 6.2 Release : 10.el7 Size : 175 k Repo : installed From repo : base Summary : Utilities for mounting and managing CIFS mounts URL : http://linux-cifs.samba.org/cifs-utils/ License : GPLv3 Description : The SMB/CIFS protocol is a standard file sharing protocol widely deployed : on Microsoft Windows machines. This package contains tools for mounting : shares on Linux using the SMB/CIFS protocol. The tools in this package : work in conjunction with support in the kernel to allow one to mount a : SMB/CIFS share onto a client and use it as if it were a standard Linux : file system. [root@localhost ~]# rpm -ql cifs-utils /etc/cifs-utils/idmap-plugin /etc/request-key.d/cifs.idmap.conf /etc/request-key.d/cifs.spnego.conf /usr/bin/cifscreds /usr/bin/getcifsacl /usr/bin/setcifsacl /usr/lib64/cifs-utils/idmapwb.so /usr/sbin/cifs.idmap /usr/sbin/cifs.upcall /usr/sbin/mount.cifs #客户端可以使用这个程序进行挂载samba 服务端共享的文件系统 /usr/share/man/man1/cifscreds.1.gz /usr/share/man/man1/getcifsacl.1.gz /usr/share/man/man1/setcifsacl.1.gz /usr/share/man/man8/cifs.idmap.8.gz /usr/share/man/man8/cifs.upcall.8.gz /usr/share/man/man8/idmapwb.8.gz /usr/share/man/man8/mount.cifs.8.gz samba-client:samba客户端程序 [root@localhost ~]# yum info samba-client Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.cn99.com * epel: mirrors.tuna.tsinghua.edu.cn * extras: mirrors.cn99.com * updates: mirrors.cn99.com Installed Packages Name : samba-client Arch : x86_64 Version : 4.8.3 Release : 4.el7 Size : 2.0 M Repo : installed From repo : base Summary : Samba client programs URL : http://www.samba.org/ License : GPLv3+ and LGPLv3+ Description : The samba-client package provides some SMB/CIFS clients to complement : the built-in SMB/CIFS filesystem in Linux. These clients allow access : of SMB/CIFS shares and printing to SMB/CIFS printers. [root@localhost ~]# rpm -ql samba-client /usr/bin/cifsdd /usr/bin/dbwrap_tool /usr/bin/findsmb /usr/bin/mvxattr /usr/bin/nmblookup /usr/bin/oLschema2ldif /usr/bin/regdiff /usr/bin/regpatch /usr/bin/regshell /usr/bin/regtree /usr/bin/rpcclient /usr/bin/samba-regedit /usr/bin/sharesec /usr/bin/smbcacls /usr/bin/smbclient #交互式的访问samba server共享的文件系统的程序 /usr/bin/smbcquotas /usr/bin/smbget /usr/bin/smbprint /usr/bin/smbspool /usr/bin/smbtar /usr/bin/smbtree /usr/libexec/samba /usr/libexec/samba/cups_backend_smb ...... #安装的说明文档文件省略
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
四、samba服务的配置文件简单介绍
4.1、samba服务端默认模板配置文件大纲说明
[root@localhost samba]# grep -E -i "#(====| ---)" /etc/samba/smb.conf.example #======================= Global Settings ===================================== # ----------------------- Network-Related Options ------------------------- # --------------------------- Logging Options ----------------------------- # ----------------------- Standalone Server Options ------------------------ # ----------------------- Domain Members Options ------------------------ # ----------------------- Domain Controller Options ------------------------ # ----------------------- Browser Control Options ---------------------------- # --------------------------- Printing Options ----------------------------- # --------------------------- File System Options --------------------------- #============================ Share Definitions ============================== (1) 全局设置 (2) 网络相关的选项 (3) 日志相关的选项 (4) 独立服务端的选项 (5) 域成员相关选项 (6) 域控制相关选项 (7) 浏览或预览控制相关的选项 (8) 打印机相关的选项 (9) 文件系统相关的选项 (10) 共享定义部分
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
4.2、samba服务端共享文件配置常用指令说明:
共享文件系统配置: [SHARED_NAME] 上面的共享有三类: [homes]:为每个samba用户定义其是否能够通过samba服务访问自己的家目录; [printers]:定义打印服务; [shared_fs]:定义共享的文件系统; 常用配置指令: comment:注释信息; path:当前共享所映射的文件系统路径; browseable:是否可浏览,指是否可被用户查看; guest ok:是否允许来宾账号访问; public:是否公开所有用户; writable:是否可写; read only:是否为只读; write list:拥有写权限的用户列表,支持用户和组: a)用户:用户名 b)组:"@组名"或"+组名" #引号实际定义的时候没有,这里只是起到引用作用
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
五、samba部分配置说明以及认证用户说明
5.1、samba配置文件配置说明
空行会忽略,以分号或井号开头的都是注释行。
[global] # ----------------------- Network-Related Options ------------------------- workgroup = MYGROUP #windows NT域名或Windows工作组名。 server string = Samba Server Version %v #主机的简要说明(和windows NT描述信息等价),%v是一个宏变量,表示samba的版本; ; netbios name = MYSERVER #设置一个长度不超过15字符的名字(主机的netBIOS名称),workgroup和netBIOS name不能设置一样 ; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 ##设置samba服务器监听网卡,可以写网卡名称或IP地址。lo接口一定要加上来。 ; hosts allow = 127. 192.168.12. 192.168.13. #设置允许连接到samba服务器的客户端 ; hosts deny = #设置不允许连接到samba服务器的客户端。 # --------------------------- Logging Options ----------------------------- log file = /var/log/samba/log.%m #指明日志文件。%m是一个宏,可以标识访问的客户端地址。也就是日志成按照每个客户端地址一个日志文件的形式记录 max log size = 50 #设置单个日志最大的大小(默认单位KB,默认是50KB),达到这大小后,会切割日志文件。默认以log.ipaddress.1,log.ipaddress.2,......的形式切割保留。如果设置为0表示不限制大小存储。 # ----------------------- Standalone Server Options ------------------------ security = user #设置用户访问samba服务的验证方式,默认有4个,分别为user,share(要弃用),server(要弃用) #4个值的含义: ##share: 匿名共享。不需要提供用户名和口令; ##user:使用samba服自我管理的账号和密码进行用户认证;用户必须是系统用户,但密码非为/etc/shadown中的密码,而由samba自行管理的文件,其密码文件的格式由passdb backend进行定义。 ##server:由第三方服务进行统一认证; ##domain:使用DC(域控)进行认证。基于kerberos协议进行。 passdb backend = tdbsam #定义密码存储管理的类型 #详情请参考后边的工具介绍(smbpasswd,tdbsam,ldapsam) # ----------------------- Domain Members Options ------------------------ 这个不说明 # ----------------------- Domain Controller Options ------------------------ 这个不说明 # ----------------------- Browser Control Options ---------------------------- 这个不说 #----------------------------- Name Resolution ------------------------------- 这个不说明 # --------------------------- Printing Options -----------------------------这个不说明 # --------------------------- File System Options ---------------------------这个不说明
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
5.2、samba的认证用户说明
所有用于认证的samba的用户,都必须在系统用户上存在。但是密码不是通过/etc/passwd,/etc/shadow来认证。不过要借用系统的账号,也就是/etc/passwd中的用户。
六、配置samba共享
6.1、服务启动和查看
先备份: [root@localhost ~]# cp /etc/samba/ lmhosts smb.conf smb.conf.example [root@localhost ~]# cp /etc/samba/smb.conf.example{,.bak} [root@localhost ~]# cp /etc/samba/smb.conf{,.bak} [root@localhost ~]# ls -l /etc/samba/ total 36 -rw-r--r-- 1 root root 20 Oct 31 06:32 lmhosts -rw-r--r-- 1 root root 706 Oct 31 06:32 smb.conf -rw-r--r-- 1 root root 706 Dec 21 15:41 smb.conf.bak -rw-r--r-- 1 root root 11327 Oct 31 06:32 smb.conf.example -rw-r--r-- 1 root root 11327 Dec 21 15:41 smb.conf.example.bak 拷贝模板文件成配置文件: [root@localhost ~]# cd /etc/samba/ [root@localhost samba]# ls lmhosts smb.conf smb.conf.bak smb.conf.example smb.conf.example.bak [root@localhost samba]# vim smb.conf [root@localhost samba]# rm -f smb.conf [root@localhost samba]# cp smb.conf.example smb.conf 默认服务状态: [root@localhost samba]# systemctl status nmb.service smb.service ● nmb.service - Samba NMB Daemon Loaded: loaded (/usr/lib/systemd/system/nmb.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:nmbd(8) man:samba(7) man:smb.conf(5) ● smb.service - Samba SMB Daemon Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:smbd(8) man:samba(7) man:smb.conf(5) 启动服务: [root@localhost samba]# systemctl start nmb.service smb.service [root@localhost samba]# ps aux|grep -E 'nmb|smb' root 15323 0.3 0.6 346192 6516 ? Ss 15:46 0:00 /usr/sbin/nmbd --foreground --no-process-group root 15324 1.0 1.1 418272 11476 ? Ss 15:46 0:00 /usr/sbin/smbd --foreground --no-process-group root 15326 0.0 0.2 412948 2932 ? S 15:46 0:00 /usr/sbin/smbd --foreground --no-process-group root 15327 0.0 0.2 412940 2632 ? S 15:46 0:00 /usr/sbin/smbd --foreground --no-process-group root 15328 0.0 0.3 418272 3236 ? S 15:46 0:00 /usr/sbin/smbd --foreground --no-process-group root 15331 0.0 0.0 112644 968 pts/0 R+ 15:46 0:00 grep --color=auto -E nmb|smb [root@localhost samba]# ss -nulp|grep -E ':137|:138|:139|:445' UNCONN 0 0 172.16.255.255:137 *:* users:(("nmbd",15323,17)) UNCONN 0 0 172.16.0.118:137 *:* users:(("nmbd",15323,16)) UNCONN 0 0 *:137 *:* users:(("nmbd",15323,14)) UNCONN 0 0 172.16.255.255:138 *:* users:(("nmbd",15323,19)) UNCONN 0 0 172.16.0.118:138 *:* users:(("nmbd",15323,18)) UNCONN 0 0 *:138 *:* users:(("nmbd",15323,15)) [root@localhost samba]# ss -ntlp|grep -E ':137|:138|:139|:445' LISTEN 0 50 *:139 *:* users:(("smbd",15324,36)) LISTEN 0 50 *:445 *:* users:(("smbd",15324,35)) LISTEN 0 50 :::139 :::* users:(("smbd",15324,34)) LISTEN 0 50 :::445 :::* users:(("smbd",15324,33)) 使用testparm命令测试samba的配置文件语法: [root@localhost samba]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] log file = /var/log/samba/log.%m max log size = 50 security = USER server string = Samba Server Version %v workgroup = MYGROUP idmap config * : backend = tdb cups options = raw [homes] browseable = No comment = Home Directories read only = No [printers] browseable = No comment = All Printers path = /var/spool/samba printable = Yes [root@localhost samba]# 使用smbstat查看: [root@localhost samba]# smbstatus Samba version 4.8.3 PID Username Group Machine Protocol Version Encryption Signing ---------------------------------------------------------------------------------------------------------------------------------------- Service pid Machine Connected at Encryption Signing --------------------------------------------------------------------------------------------- No locked files 防火墙允许samba服务,selinux默认我是不用: [root@localhost ~]# firewall-cmd --list-all public (default, active) interfaces: eno16777736 sources: services: dhcpv6-client nfs ssh ports: 15723/tcp 4000-5000/tcp masquerade: no forward-ports: icmp-blocks: rich rules: [root@localhost ~]# firewall-cmd --add-service=samba success [root@localhost ~]# firewall-cmd --list-all public (default, active) interfaces: eno16777736 sources: services: dhcpv6-client nfs samba ssh ports: 15723/tcp 4000-5000/tcp masquerade: no forward-ports: icmp-blocks: rich rules:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
6.2、samba client匿名用户登录
smbclient简要语法:smbclient -L SMB_SERVER [-U USERNAME] -L:指定共享的samba的服务器,比如默认我可以使用ip地址172.16.0.120 -U|--user=username[%password]:指定认证时候的用户名密码,如果不指定密码,指定了用户,会交互式提示 你输入。如果samba服务器允许匿名用户登录,可以不输入用户名和密码。 [root@localhost ~]# smbclient -L 172.16.0.118 Enter SAMBA\root's password: Anonymous login successful #(samba)匿名用户登录成功。 Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.8.3) #这一行提示实现了IPC机制。然后有注释信息,默认%v的宏也替换成了samba的版本。这里因为是匿名用户,没有看到任何的samba共享。 Reconnecting with SMB1 for workgroup listing. Anonymous login successful Server Comment --------- ------- Workgroup Master --------- ------- MYGROUP LOCALHOST
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
6.3、创建系统用户实现samba共享,实现用户认证登录
(1) 在samba 服务端创建一个系统用户smbuser1,然后在客户端简单查看samba服务器端的共享 samba服务端执行: [root@localhost ~]# useradd smbuser1 -s /sbin/nologin #创建linux系统用户 [root@localhost ~]# smbpasswd -a smbuser1 #使用smbpasswd把smbuser1用户加入samba,并设置密码 New SMB password: Retype new SMB password: Added user smbuser1. 说明:把系统用户加入samba用户认证系统中有两个组件,分别是smbpasswd和pdbedit: smbpasswd用法: smbpasswd [选项] 已存在的系统用户名 选项: -a:添加用户,加入新的用户要使用该选项; -x:删除已经加入samba的用户; -d:禁用已经加入samba的用户; -e:启用已经加入samba的用户; -n:允许加入的用户的密码为空(是否可以通过samba的验证还要看全局配置) pdbedit用户: -L, --list:列出samba服务中的所有用户; -a, --create:添加用户为samba用户(要配合-u选项); -u, --user=USER:指明要加入的用户名;(和-a选项一起使用) -x, --delete:删除用户; -t, --password-from-stdin:从标准输出接受字符串作为密码(和passwd不一样) 特别说明:使用空提示符,而后将密码输入两次; samba 客户端执行(配置之前加的smbuser1用户): [root@localhost ~]# smbclient -L 172.16.0.118 -U smbuser1 Enter SAMBA\smbuser1's password: Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.8.3) smbuser1 Disk Home Directories #出现了共享的信息。默认是用户家目录。 Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- MYGROUP LOCALHOST [root@localhost ~]# 使用smbclient进行交互式的访问: 语法格式:smbclient //SMB_SERVER/SHARE_NAME [-U USERNAME] 这里的SHARE_NAME就是上面显示的用户名smbuser1 [root@localhost ~]# smbclient //172.16.0.118/smbuser1 -U smbuser1 Enter SAMBA\smbuser1's password: #输入密码 Try "help" to get a list of possible commands. smb: \> pwd Current directory is \\172.16.0.118\smbuser1\ smb: \> ls . D 0 Fri Dec 21 17:19:23 2018 .. D 0 Fri Dec 21 17:27:19 2018 .bash_logout H 18 Fri Mar 6 06:06:48 2015 .bash_profile H 193 Fri Mar 6 06:06:48 2015 .bashrc H 231 Fri Mar 6 06:06:48 2015 49725724 blocks of size 1024. 49692696 blocks available smb: \> help #和ftp交互式模式很像,也支持很多命令。 ? allinfo altname archive backup blocksize cancel case_sensitive cd chmod chown close del deltree dir du echo exit get getfacl geteas hardlink help history iosize lcd link lock lowercase ls l mask md mget mkdir more mput newer notify open posix posix_encrypt posix_open posix_mkdir posix_rmdir posix_unlink posix_whoami print prompt put pwd q queue quit readlink rd recurse reget rename reput rm rmdir showacls setea setmode scopy stat symlink tar tarmode timeout translate unlock volume vuid wdel logon listconnect showconnect tcon tdis tid utimes logoff .. ! smb: \> smb: \> lcd /var/tmp/ #切换系统路径 smb: \> get .bashrc #下载单个文件到切换后的文件系统目录下 getting file \.bashrc of size 231 as .bashrc (32.2 KiloBytes/sec) (average 32.2 KiloBytes/sec) [root@localhost ~]# ls -l /var/tmp/.bashrc #文件系统目录确认下载的文件 -rw-r--r-- 1 root root 231 Dec 21 17:41 /var/tmp/.bashrc smb: \> lcd /etc smb: \> put fstab #上传文件 putting file fstab as \fstab (52.8 kb/s) (average 52.8 kb/s) [root@localhost ~]# ls -l /home/smbuser1/fstab #samba服务端用户家目录确认文件 -rwxr--r-- 1 smbuser1 smbuser1 541 Dec 21 17:42 /home/smbuser1/fstab
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
6.4、自己定义共享目录实现共享访问
(1) 创建文件系统共享目录 #为了性能考虑,如果是生产环境。可以考虑把共享的目录指向独立磁盘的分区挂载点。 [root@localhost ~]# mkdir -pv /data/samba/files mkdir: created directory ‘/data’ mkdir: created directory ‘/data/samba’ mkdir: created directory ‘/data/samba/files’ 这里打算共享的文件系统目录为: /data/samba/files (2) 向samba配置文件中加入指定自定义共享配置 vim /etc/samba/smb.conf #下面是加入的配置 [myfiles] comment = A test shared dir path = /data/samba/files public = yes writeable = yes browseable = yes (3) 测试配置文件语法 [root@localhost ~]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Processing section "[myfiles]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] log file = /var/log/samba/log.%m max log size = 50 security = USER server string = Samba Server Version %v workgroup = MYGROUP idmap config * : backend = tdb cups options = raw [homes] browseable = No comment = Home Directories read only = No [printers] browseable = No comment = All Printers path = /var/spool/samba printable = Yes [myfiles] comment = A test shared dir guest ok = Yes path = /data/samba/files read only = No #发现导出的配置和我们定义的可能不太一样。不要紧,含义一样就行。 (4) 重载服务并在客户端访问查看 [root@localhost ~]# systemctl reload smb.service [root@localhost ~]# systemctl status smb.service ● smb.service - Samba SMB Daemon Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2018-12-21 15:46:39 CST; 2h 5min ago Docs: man:smbd(8) man:samba(7) man:smb.conf(5) Process: 15754 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS) Main PID: 15324 (smbd) Status: "smbd: ready to serve connections..." CGroup: /system.slice/smb.service ├─15324 /usr/sbin/smbd --foreground --no-process-group ├─15326 /usr/sbin/smbd --foreground --no-process-group ├─15327 /usr/sbin/smbd --foreground --no-process-group ├─15328 /usr/sbin/smbd --foreground --no-process-group └─15698 /usr/sbin/smbd --foreground --no-process-group Dec 21 15:46:39 localhost.localdomain systemd[1]: Starting Samba SMB Daemon... Dec 21 15:46:39 localhost.localdomain smbd[15324]: [2018/12/21 15:46:39.690929, 0] ../lib/util/become_daemon.c:138(daemon_ready) Dec 21 15:46:39 localhost.localdomain systemd[1]: Started Samba SMB Daemon. Dec 21 15:46:39 localhost.localdomain smbd[15324]: daemon_ready: STATUS=daemon 'smbd' finished starting up and ready to serve connections Dec 21 17:51:55 localhost.localdomain systemd[1]: Reloading Samba SMB Daemon. Dec 21 17:51:55 localhost.localdomain systemd[1]: Reloaded Samba SMB Daemon. [root@localhost ~]# [root@localhost ~]# smbclient -L 172.16.0.118 -U smbuser1 Enter SAMBA\smbuser1's password: Sharename Type Comment --------- ---- ------- myfiles Disk A test shared dir #由于我定义的公共可见,所以这里可以看见这个公共的共享 IPC$ IPC IPC Service (Samba Server Version 4.8.3) smbuser1 Disk Home Directories Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- MYGROUP LOCALHOST [root@localhost ~]# smbclient //172.16.0.118/myfiles -U smbuser1 Enter SAMBA\smbuser1's password: Try "help" to get a list of possible commands. smb: \> pwd Current directory is \\172.16.0.118\myfiles\ smb: \> ls . D 0 Fri Dec 21 17:46:06 2018 .. D 0 Fri Dec 21 17:46:06 2018 52403200 blocks of size 1024. 51250688 blocks available smb: \> lcd /etc smb: \> put fstab #写入失败的原因是共享目录文件系统权限的问题 NT_STATUS_ACCESS_DENIED opening remote file \fstab [root@localhost ~]# ls -ld /data/samba/files/ drwxr-xr-x 2 root root 6 Dec 21 17:46 /data/samba/files/ #samba服务端共享的文件系统目录,普通用户smbuser1没有写权限 #设置smbuser1对共享文件系统的权限,这里就通过acl来实现 [root@localhost ~]# setfacl -m u:smbuser1:rwx /data/samba/files/ [root@localhost ~]# getfacl -p /data/samba/files/ # file: /data/samba/files/ # owner: root # group: root user::rwx user:smbuser1:rwx group::r-x mask::rwx other::r-x 重新登录再次写入成功了: [root@localhost ~]# mount -t cifs //172.16.0.118/myfiles /mnt -o username=smbuser1,password=smbuser1 [root@localhost ~]# smbclient //172.16.0.118/myfiles -U smbuser1 Enter SAMBA\smbuser1's password: Try "help" to get a list of possible commands. smb: \> lcd /etc smb: \> put fstab putting file fstab as \fstab (88.1 kb/s) (average 88.1 kb/s) 使用mount.cifs挂载使用samba共享的文件系统目录: //172.16.0.118/myfiles on /mnt type cifs (rw,relatime,vers=1.0,cache=strict,username=smbuser1,domain=LOCALHOST,uid=0,noforceuid,gid=0,noforcegid,addr=172.16.0.118,unix,posixpaths,serverino,acl,rsize=1048576,wsize=65536,actimeo=1) 直接向客户端挂载目录写入数据: [root@localhost mnt]# ls -l total 8 -rwxr--r-- 1 10002 10002 541 Dec 21 17:56 fstab -rw-r--r-- 1 10002 10002 23 Dec 21 18:00 issue 服务端文件系统目录查看: [root@localhost ~]# ls -l /data/samba/files/ total 8 -rwxr--r-- 1 smbuser1 smbuser1 541 Dec 21 17:56 fstab -rw-r--r-- 1 smbuser1 smbuser1 23 Dec 21 18:00 issue
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
PS:其他就不演示了,比如用户组之类的。
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小丑西瓜9/article/detail/184144
推荐阅读
相关标签
