- Samba
Samba is a free software that implements the SMB protocol on Linux and UNIX systems. It consists of servers and client programs. Server messages Block (SMB) is a communication protocol used to share files and printers on a LAN, it provides sharing services for files, printers, and other resources between different computers in the LAN. The SMB protocol is a client/server protocol that allows a client to access shared file systems, printers, and other resources on the server. By setting "NetBIOS over TCP/IP", Samba can not only share resources with local network hosts, but also share resources with computers around the world.
To put it simply, Samba implements cross-platform file sharing between Windows and Linux. Samba has two Daemon Processes: smbd and nmbd;
SMB: listens to tcp 139 port 445 for file sharing and user verification;
Nmb: listens to udp137 and port 138 for NetBIOS resolution and browsing and sharing.
To implement Samba on Linux, the following kits are required:
Samba implementation service
Samba-client Linux Client
CIFS-utils for cross-platform access
Environment check
Whether Samba and related suites are installed in the environment
[[Email protected] ~] # Rpm-Qa samba-client CIFS-utils
Samba-client-3.6.23-12.el6.x86_64
Cifs-utils-4.8.1-19.el6.x86_64
2) install samba
After check, samba-client and CIFS-utils have been installed by default (if not installed, install it), so install the samba main service;
[[Email protected] ~] # Yum-y install samba
Install Yum to automatically resolve dependencies;
Samba main configuration file Introduction
Main configuration file:
/Etc/Samb/smb. conf
Default Configuration:
[[Email protected] ~] # Grep-ve "^ # | ^ $ | ^;"/etc/samba/smb. conf
[Global]
Workgroup = mygroup // Samba global settings
Server String = Samba server version % v
# Logs split per machine
Log File =/var/log/samba/log. % m
# Max 50kb per log file, then rotate
Max log size = 50
Security = user
Passdb backend = tdbsam
# The login script name depends on the machine name
# The login script name depends on the Unix user used
# Disables profiles support by specifing an empty path
Load printers = Yes
Cups Options = raw
# Obtain list of printers automatically on systemv
[Homes] // user shared directory settings
Comment = Home Directories
Browseable = No
Writable = Yes
[Printers] // print settings
Comment = all printers
Path =/var/spool/samba
Browseable = No
Guest OK = No
Writable = No
Printable = Yes
In addition, the configuration file also provides shared settings, but is used; commented out.
[[Email protected] ~] # Grep-n "^;"/etc/samba/smb. conf | tail-N 20
243:; store dos attributes = Yes
252:; Valid users = % S // specify the authorized user or user group
253:; Valid users = mydomain \ % s
264:; [netlogon] // specify the shared custom ID
265:; Comment = network logon service // specify the description of the shared directory
266:; Path =/var/lib/samba/netlogon // specify the actual shared path
267:; guest OK = Yes // equivalent to public = Yes, available to all
268:; writable = No // opposite to read only, whether it can be written
269:; share modes = No
274:; [profiles]
275:; Path =/var/lib/samba/profiles
276:; browseable = No // set to hide
277:; guest OK = Yes
282:; [public]
283:; Comment = Public stuff
284:; Path =/home/samba
285:; Public = Yes
286:; writable = Yes
287:; printable = No
288:; write list = + staff
Common configuration statement Parsing
Workgroup: the name of the workgroup.
Server String: Server description
Security: security level. User authentication is required.
Comment: Description of the shared directory
Path: the actual location of the shared directory.
Browseable: visible or not. No is hidden.
Public: whether all users are visible
Writable: whether it can be written, opposite to read only
In addition to the preceding descriptions, MAN 5 smb. conf can also be used to help
Account description
Samba can be used anonymously and authenticated. The specific method is determined by the security in the main configuration file;
There are five Samba types: Share, user, server, domain, and ads.
1. Share: Everyone can access this Samba server (no user name or password is required ).
2. User: enter a valid user name and password to access the Samba server (the Samba server is responsible for Identity Authentication ).
3. SERVER: the server is the same as the user. It only submits the authentication to another designated Samba server.
4. domain: the domain controller is responsible for identity authentication.
5. Ads: submits authentication to the domain controller (more secure than domain ).
Shared access
Windows Access
Linux access
Smbclient access
Smbclient l server address
Smbclient // server address/sharing name
Smbclient U user name/server address/sharing name
Account Management
Account settings
The account name must exist in the system, but use an independent password. The account file exists in/var/lib/samba/private/passwd. TDB; users and passwords are used for access and sharing. The permissions depend on the permissions of the corresponding system account;
Account Management Tools
Pdbedit Tool
-A: Specify the system account as the samba account and set the password;
-L view shared account information
-X delete a shared account
Case Analysis
The/samba directory under the root directory is the shared directory, which contains the music, Carton, and MV directories, which correspond to various types of files for upload and download respectively, where the VIP account Woon can be written;
1) set the environment
[[Email protected] Samba] # ls
Carton music video
2) Configure sharing
[[Email protected] Samba] # Vim/etc/samba/smb. conf
[Music]
Path =/samba
Public = Yes
Read Only = Yes
Write list = Woon
3) Add a shared account
[[Email protected] Samba] # pdbedit-A Woon
[[Email protected] Samba] # useradd samba
[[Email protected] Samba] # pdbedit-a samba
[[Email protected] Samba] # setfacl-D-m u: Woon: rwx/samba/
4) restart the samba service;
Service SMB restart
Service nmb estart
Lab Verification
Woon User Authentication
[[Email protected] ~] # Ls-Al/etc/>/samba/LS. Log
[[Email protected] ~] # Rm-RF/samba/install. Log
[[Email protected] ~] # Smbclient-u Woon // 192.168.239.128/music
Enter Woon's password:
Domain = [mygroup] OS = [UNIX] Server = [Samba 3.6.23-12. el6]
SMB: \> ls
. D 0 Tue Mar 3 17:48:13 2015
.. Dr 0 Tue Mar 3 17:32:03 2015
Mv d 0 Tue Mar 3 17:38:00 2015
Music D 0 Tue Mar 3 17:38:59 2015
Ls. Log 15220 Tue Mar 3 17:48:03 2015
Acl d 0 Tue Mar 3 17:34:37 2015
Carton D 0 Tue Mar 3 17:33:47 2015
33788 blocks of size 262144. 14918 blocks available
SMB: \> put install. Log
Putting file install. log as \ install. Log (8637.9 kb/s) (average 8638.1 kb/s)
SMB: \> ls
. D 0 Tue Mar 3 17:48:39 2015
.. Dr 0 Tue Mar 3 17:32:03 2015
Mv d 0 Tue Mar 3 17:38:00 2015
Music D 0 Tue Mar 3 17:38:59 2015
Ls. Log 15220 Tue Mar 3 17:48:03 2015
Set up Samba sharing service in centos6.6