Set up Samba sharing service in centos6.6

1. Samba

Samba is a free software that implements the SMB protocol on Linux and UNIX systems. It consists of servers and client programs. Server messages Block (SMB) is a communication protocol used to share files and printers on a LAN, it provides sharing services for files, printers, and other resources between different computers in the LAN. The SMB protocol is a client/server protocol that allows a client to access shared file systems, printers, and other resources on the server. By setting "NetBIOS over TCP/IP", Samba can not only share resources with local network hosts, but also share resources with computers around the world.

To put it simply, Samba implements cross-platform file sharing between Windows and Linux. Samba has two Daemon Processes: smbd and nmbd;

SMB: listens to tcp 139 port 445 for file sharing and user verification;

Nmb: listens to udp137 and port 138 for NetBIOS resolution and browsing and sharing.

To implement Samba on Linux, the following kits are required:

Samba implementation service

Samba-client Linux Client

CIFS-utils for cross-platform access

Environment check

1. Whether Samba and related suites are installed in the environment

[[Email protected] ~] # Rpm-Qa samba-client CIFS-utils

Samba-client-3.6.23-12.el6.x86_64

Cifs-utils-4.8.1-19.el6.x86_64

2) install samba

After check, samba-client and CIFS-utils have been installed by default (if not installed, install it), so install the samba main service;

[[Email protected] ~] # Yum-y install samba

Install Yum to automatically resolve dependencies;

Samba main configuration file Introduction

Main configuration file:

/Etc/Samb/smb. conf

Default Configuration:

[[Email protected] ~] # Grep-ve "^ # | ^ $ | ^;"/etc/samba/smb. conf

[Global]

Workgroup = mygroup // Samba global settings

Server String = Samba server version % v

# Logs split per machine

Log File =/var/log/samba/log. % m

# Max 50kb per log file, then rotate

Max log size = 50

Security = user

Passdb backend = tdbsam

# The login script name depends on the machine name

# The login script name depends on the Unix user used

# Disables profiles support by specifing an empty path

Load printers = Yes

Cups Options = raw

# Obtain list of printers automatically on systemv

[Homes] // user shared directory settings

Comment = Home Directories

Browseable = No

Writable = Yes

[Printers] // print settings

Comment = all printers

Path =/var/spool/samba

Browseable = No

Guest OK = No

Writable = No

Printable = Yes

In addition, the configuration file also provides shared settings, but is used; commented out.

[[Email protected] ~] # Grep-n "^;"/etc/samba/smb. conf | tail-N 20

243:; store dos attributes = Yes

252:; Valid users = % S // specify the authorized user or user group

253:; Valid users = mydomain \ % s

264:; [netlogon] // specify the shared custom ID

265:; Comment = network logon service // specify the description of the shared directory

266:; Path =/var/lib/samba/netlogon // specify the actual shared path

267:; guest OK = Yes // equivalent to public = Yes, available to all

268:; writable = No // opposite to read only, whether it can be written

269:; share modes = No

274:; [profiles]

275:; Path =/var/lib/samba/profiles

276:; browseable = No // set to hide

277:; guest OK = Yes

282:; [public]

283:; Comment = Public stuff

284:; Path =/home/samba

285:; Public = Yes

286:; writable = Yes

287:; printable = No

288:; write list = + staff

Common configuration statement Parsing

Workgroup: the name of the workgroup.

Server String: Server description

Security: security level. User authentication is required.

Comment: Description of the shared directory

Path: the actual location of the shared directory.

Browseable: visible or not. No is hidden.

Public: whether all users are visible

Writable: whether it can be written, opposite to read only

In addition to the preceding descriptions, MAN 5 smb. conf can also be used to help

Account description

Samba can be used anonymously and authenticated. The specific method is determined by the security in the main configuration file;

There are five Samba types: Share, user, server, domain, and ads.
1. Share: Everyone can access this Samba server (no user name or password is required ).
2. User: enter a valid user name and password to access the Samba server (the Samba server is responsible for Identity Authentication ).
3. SERVER: the server is the same as the user. It only submits the authentication to another designated Samba server.
4. domain: the domain controller is responsible for identity authentication.
5. Ads: submits authentication to the domain controller (more secure than domain ).

Shared access

Windows Access

Linux access

Smbclient access

Smbclient l server address

Smbclient // server address/sharing name

Smbclient U user name/server address/sharing name

Account Management

Account settings

The account name must exist in the system, but use an independent password. The account file exists in/var/lib/samba/private/passwd. TDB; users and passwords are used for access and sharing. The permissions depend on the permissions of the corresponding system account;

Account Management Tools

Pdbedit Tool

-A: Specify the system account as the samba account and set the password;

-L view shared account information

-X delete a shared account

Case Analysis

The/samba directory under the root directory is the shared directory, which contains the music, Carton, and MV directories, which correspond to various types of files for upload and download respectively, where the VIP account Woon can be written;

1) set the environment

[[Email protected] Samba] # ls

Carton music video

2) Configure sharing

[[Email protected] Samba] # Vim/etc/samba/smb. conf

[Music]

Path =/samba

Public = Yes

Read Only = Yes

Write list = Woon

3) Add a shared account

[[Email protected] Samba] # pdbedit-A Woon

[[Email protected] Samba] # useradd samba

[[Email protected] Samba] # pdbedit-a samba

[[Email protected] Samba] # setfacl-D-m u: Woon: rwx/samba/

4) restart the samba service;

Service SMB restart

Service nmb estart

Lab Verification

1. Woon User Authentication

[[Email protected] ~] # Ls-Al/etc/>/samba/LS. Log

[[Email protected] ~] # Rm-RF/samba/install. Log

[[Email protected] ~] # Smbclient-u Woon // 192.168.239.128/music

Enter Woon's password:

Domain = [mygroup] OS = [UNIX] Server = [Samba 3.6.23-12. el6]

SMB: \> ls

. D 0 Tue Mar 3 17:48:13 2015

.. Dr 0 Tue Mar 3 17:32:03 2015

Mv d 0 Tue Mar 3 17:38:00 2015

Music D 0 Tue Mar 3 17:38:59 2015

Ls. Log 15220 Tue Mar 3 17:48:03 2015

Acl d 0 Tue Mar 3 17:34:37 2015

Carton D 0 Tue Mar 3 17:33:47 2015

33788 blocks of size 262144. 14918 blocks available

SMB: \> put install. Log

Putting file install. log as \ install. Log (8637.9 kb/s) (average 8638.1 kb/s)

SMB: \> ls

. D 0 Tue Mar 3 17:48:39 2015

.. Dr 0 Tue Mar 3 17:32:03 2015

Mv d 0 Tue Mar 3 17:38:00 2015

Music D 0 Tue Mar 3 17:38:59 2015

Ls. Log 15220 Tue Mar 3 17:48:03 2015

Set up Samba sharing service in centos6.6