| 知乎专栏 | 多维度架构 |
apt install samba
/etc/samba/smb.conf 将 Home 目录修改为可写模式
[homes] read only = no
添加用户
sudo smbpasswd -L -a backup
配置共享目录
[backup]
path = /opt/backup
public = yes
writable = yes
valid users = backup
服务器端
[root@netkiller ~]# dnf install -y samba
[root@netkiller ~]# cp /etc/samba/smb.conf{,.original}
[root@netkiller ~]# systemctl enable smb
[root@netkiller ~]# systemctl start smb
客户端
[root@netkiller ~]# dnf install -y samba-client
配置防火墙
[root@netkiller ~]# firewall-cmd --permanent --add-service=samba [root@netkiller ~]# firewall-cmd --reload
[root@netkiller ~]# dnf install -y cifs-utils
环境 ubuntu 17.10
$ sudo apt install samba
查看Samba 服务器的端口
neo@shenzhen:~$ sudo netstat -tlnp |grep smb tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 4480/smbd tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 4480/smbd neo@shenzhen:~$
# yum -y install samba # service smbd start
smbpasswd
[root@development ~]# sudo smbpasswd -L -a neo
smb.conf
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
[developer]
comment = Developer Stuff
path = /var/www/html
public = yes
writable = yes
printable = no
write list = +apache
yum install -y samba
cp /etc/samba/smb.conf{,.original}
systemctl enable smb
systemctl start smb
防火墙
firewall-cmd --permanent --add-port=137/tcp firewall-cmd --permanent --add-port=138/tcp firewall-cmd --permanent --add-port=139/tcp firewall-cmd --permanent --add-port=445/tcp firewall-cmd --permanent --add-port=901/tcp firewall-cmd --reload
iptables -L
security = share|user 共享|用户模式
comment = 描述 valid users = '%S'登录用户,'neo'允许neo访问 read only = 'No'读写模式,'Yes'只读模式 browseable = 'No'不显示, 'Yes'显示
添加账号
[root@netkiller ~]# adduser finance [root@netkiller ~]# smbpasswd -a finance New SMB password: Retype new SMB password: Added user finance.
确认账号正确添加
[root@netkiller ~]# pdbedit -L finance:1000:
创建共享目录
[root@netkiller ~]# mkdir -p /opt/backup/finance [root@netkiller ~]# chown finance:finance /opt/backup/finance
配置 /etc/samba/smb.conf 文件
[finance]
comment = Finance Stuff
path = /opt/backup/finance
browseable = yes
writable = yes
create mask = 0644
directory mask = 0755
valid users = neo
write list = finance
匿名共享无需用户登陆,任何人都可以向该文件夹内写入和删除数据
编辑配置文件 /etc/samba/smb.conf
[global] 下增加 map to guest = Bad User
[global] workgroup = SAMBA security = user passdb backend = tdbsam printing = cups printcap name = cups load printers = yes cups options = raw map to guest = Bad User
增加 [share] 配置项
[share]
comment = File share
path = /opt/backup/share
browseable = Yes
writable = Yes
create mask = 0644
directory mask = 0755
guest ok = Yes
public = Yes
完成的配置
[root@netkiller home]# cat /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
map to guest = Bad User
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[share]
comment = File share
path = /opt/backup/share
browseable = Yes
writable = Yes
create mask = 0644
directory mask = 0755
guest ok = Yes
public = Yes
#read only = no
#valid users =
write list = share
# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] workgroup = MYGROUP server string = Samba Server Version %v log file = /var/log/samba/log.%m max log size = 50 idmap config * : backend = tdb cups options = raw [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes print ok = Yes browseable = No
# smbstatus Samba version 4.1.12 PID Username Group Machine ------------------------------------------------------------------- Service pid machine Connected at ------------------------------------------------------- No locked files
链接共享目录后再次查看
# smbstatus Samba version 4.1.12 PID Username Group Machine ------------------------------------------------------------------- 12507 www www 192.168.4.69 (ipv4:192.168.4.69:65102) Service pid machine Connected at ------------------------------------------------------- www 12507 192.168.4.69 Wed Sep 23 01:34:44 2015 IPC$ 12507 192.168.4.69 Wed Sep 23 01:34:43 2015 Locked files: Pid Uid DenyMode Access R/W Oplock SharePath Name Time -------------------------------------------------------------------------------------------------- 12507 80 DENY_NONE 0x100081 RDONLY NONE /www SOA Wed Sep 23 02:01:22 2015 12507 80 DENY_NONE 0x100081 RDONLY NONE /www SOA/queue Wed Sep 23 02:01:22 2015 12507 80 DENY_NONE 0x100081 RDONLY NONE /www . Wed Sep 23 01:37:53 2015 12507 80 DENY_NONE 0x100081 RDONLY NONE /www . Wed Sep 23 01:58:22 2015
# smbpasswd -a www New SMB password: Retype new SMB password: Added user www.
<![CDATA[
$ nmblookup -A 172.16.0.5
Looking up status of 172.16.0.5
USER <00> - B <ACTIVE>
WORKGROUP <00> - <GROUP> B <ACTIVE>
USER <20> - B <ACTIVE>
WORKGROUP <1e> - <GROUP> B <ACTIVE>
WORKGROUP <1d> - B <ACTIVE>
..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>
MAC Address = 00-25-64-A7-18-97
[root@netkiller ~]# dnf install -y cifs-utils
挂载匿名共享目录
[root@netkiller ~]# mount -t cifs //192.168.30.7/share /mnt
或者
[root@netkiller ~]# mount.cifs //192.168.30.7/share /mnt
挂载用户共享目录
[root@netkiller ~]# mount.cifs -o user=developer,password=123456 //192.168.30.7/developer /mnt
[root@netkiller ~]# cat /etc/fstab # # /etc/fstab # Created by anaconda on Fri Dec 17 08:19:10 2021 # # Accessible filesystems, by reference, are maintained under '/dev/disk/'. # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info. # # After editing this file, run 'systemctl daemon-reload' to update systemd # units generated from this file. # UUID=ecdc2a0e-e6cf-40bf-83eb-85788baaced3 / xfs defaults 0 0 UUID=3064c079-b411-4992-ac37-6def07de0bfd /boot xfs defaults 0 0 UUID=7FBB-A83B /boot/efi vfat umask=0077,shortname=winnt 0 2 //192.168.30.7/share /mnt/share cifs auto,password= 0 0 //192.168.30.7/developer /mnt/developer cifs auto,username=developer,password=123456 0 0
挂载 /etc/fstab 中的配置项
[root@netkiller ~]# mount -a
sudo apt-get install smbfs
smbmount
$ sudo mkdir /mnt/winfs $ sudo smbmount //172.16.0.92/tmp /mnt/winfs $ ls /mnt/winfs/
使用neo帐号登录
$ sudo smbmount //172.16.0.92/tmp /mnt/winfs -o username=neo
mount
$ mount -t smbfs -o username=jwhittal \\\\172.16.1.3\\c$ /mnt/thumb
linux 不再使用smbfs, 替换为 cifs
$ mount -t cifs //192.168.0.2/ /mnt/
$ sudo apt-get install smbclient
neo@netkiller:~$ smbclient -L 172.16.0.1
Enter neo's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.0]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (netkiller server (Samba, Ubuntu))
www Disk www diretcory
print$ Disk Printer Drivers
neo Disk Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.0]
Server Comment
--------- -------
DEBIAN debian server
NETKILLER netkiller server (Samba, Ubuntu)
Workgroup Master
--------- -------
WORKGROUP DEBIAN
访问developer共享目录
$ smbclient //localhost/developer
Enter neo's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.3.2]
Server not using user level security and no password supplied.
smb: \> ls
. D 0 Thu Oct 29 02:05:37 2009
.. D 0 Thu Oct 22 05:27:16 2009
ofcard.php 1104 Tue Oct 27 02:00:49 2009
index.html 580 Thu Oct 29 02:05:37 2009
webapps D 0 Wed Oct 28 06:04:08 2009
ecmall D 0 Thu Oct 22 00:00:12 2009
doc D 0 Wed Oct 28 06:04:09 2009
supersite D 0 Thu Oct 22 03:35:08 2009
empire D 0 Thu Oct 22 02:56:12 2009
discuz D 0 Wed Oct 21 22:04:29 2009
resin-data D 0 Wed Oct 28 06:21:02 2009
phpMyAdmin D 0 Sat Oct 24 09:02:29 2009
empirecms6 D 0 Thu Oct 22 04:12:44 2009
ecshop D 0 Wed Oct 21 21:56:40 2009
watchdog-data D 0 Wed Oct 28 06:07:19 2009
ucenter D 0 Wed Oct 21 22:41:58 2009
ecshop.old D 0 Fri Oct 23 11:35:39 2009
magento D 0 Tue Oct 6 19:19:54 2009
weberp D 0 Fri Oct 23 05:21:33 2009
61335 blocks of size 131072. 41655 blocks available
smb: \>
使用用户Neo登录
$ smbclient //localhost/developer -U neo
Enter neo's password:
Domain=[UBUNTU] OS=[Unix] Server=[Samba 3.3.2]
smb: \> ls
. D 0 Thu Oct 29 03:13:31 2009
.. D 0 Thu Oct 22 05:27:16 2009
ofcard.php 1104 Tue Oct 27 02:00:49 2009
index.html 676 Thu Oct 29 03:13:31 2009
webapps D 0 Wed Oct 28 06:04:08 2009
ecmall D 0 Thu Oct 22 00:00:12 2009
doc D 0 Wed Oct 28 06:04:09 2009
supersite D 0 Thu Oct 22 03:35:08 2009
empire D 0 Thu Oct 22 02:56:12 2009
discuz D 0 Wed Oct 21 22:04:29 2009
resin-data D 0 Wed Oct 28 06:21:02 2009
phpMyAdmin D 0 Sat Oct 24 09:02:29 2009
empirecms6 D 0 Thu Oct 22 04:12:44 2009
ecshop D 0 Wed Oct 21 21:56:40 2009
watchdog-data D 0 Wed Oct 28 06:07:19 2009
ucenter D 0 Wed Oct 21 22:41:58 2009
ecshop.old D 0 Fri Oct 23 11:35:39 2009
magento D 0 Tue Oct 6 19:19:54 2009
weberp D 0 Fri Oct 23 05:21:33 2009
61335 blocks of size 131072. 41654 blocks available
smb: \> quit
Backup the /etc/samba/smb.conf file:
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.original
security = share
[tmp] comment = test writable = yes locking = yes path = /tmp public = yes [neo] comment = neo writable = yes locking = yes path = /home/neo/ public = yes [htdocs] comment = neo writable = yes locking = yes path = /opt/lampp/htdocs public = yes
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.original
security = user
add user
sudo useradd -s /bin/true neo sudo smbpasswd -L -a neo
enable
sudo smbpasswd -L -e neo
del user
sudo smbpasswd -L -x neo
测试配置文件是否正确
$ testparm
查看共享目录
$ smbclient -L localhost -N
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.3.2]
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
developer Disk Development
IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu))
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.3.2]
Server Comment
--------- -------
PRINTSERVER
UBUNTU ubuntu server (Samba, Ubuntu)
Workgroup Master
--------- -------
WORKGROUP PRINTSERVER
Windows 访问测试
C:\>net view \\192.168.3.40 在 \\192.168.3.40 的共享资源 ubuntu server (Samba, Ubuntu) 共享名 类型 使用为 注释 ---------------------------------------------------------- developer Disk Development 命令运行完毕,但发生一个或多个错误。
'/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:08, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:08, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:11, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied [2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013) '/www' does not exist or permission denied when connecting to [www] Error was Permission denied
关闭 SELinux