Samba service consists of 2 modules
- Smb:service Message Block--------PROGRESS:SMBD port:445/tcp
- NetBIOS: Local name resolution--------PROGRESS:NMBD PORT:137/UDP 138/UDP 139/TCP
1. Server Installation
[[email protected] f1]# yum install samba
2. Create user
[[email protected] ~]# useradd smbuser #不设置系统登入密码[[email protected] ~]# smbpasswd -a smbuser #设置samba登入密码 -a 是添加 不加是修改 smbpasswd -hNew SMB password:Retype new SMB password:Added user smbuser.#[[email protected] ~]# smbpasswd smbuser #修改密码#[[email protected] ~]# smbpasswd -x smbuser #删除用户#所有用户查看[[email protected] samba]# pdbedit -Lsmbuser:1004:#显示单个用户详细信息[[email protected] ~]# pdbedit -u smbuser -v
3. Configuration files
[[email protected] f1]# Cp/etc/samba/smb.conf{,.bak} [[email protected] f1]# vim/etc/samba/smb.conf #主要配置g Loal section [Global] workgroup = Samba Server string = Samba Server Version%v interfaces = Ens33 #监听网卡 hosts allow = 172.16.86. #允许主机可以是网络或者主机 log file =/var/log/samba/log.%m #日志 max log size = #日志滚动大小 Securit y = user #表示用服务器登入验证表 Passdb backend = Tdbsam printing = Cups printcap name = Cups Load printers = yes cups options = raw[homes] Comment = Home directories Valid users =%s,%d%w%s brow seable = no #必须是no, or you can login directly into the client mode writable = no #家目录写权限 can be written by default this is the same as the following read Noly select inherit ACLS = yes test parameters [[Emai L protected] samba]# testparmload SMB config files from/etc/samba/smb.confrlimit_max:increasing rlimit_max (1024) To minimum Windows limit (16384) processing sections "[Homes]" Processing section "[Printers]" Processing section "[print$]" Loaded Services file OK.
4. Start the service
[[email protected] samba]# systemctl start nmb smb
5. Client Installation
[[email protected] ~]# yum install samba-client
5.1 Specify user View
[[email protected] ~]# smbclient -L 172.16.86.210 -U smbuserEnter SAMBA\smbuser‘s password: 上述密码 Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers IPC$ IPC IPC Service (Samba Server Version 4.7.1) smbuser Disk Home DirectoriesReconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- SAMBA LOCALHOST
5.2 Specifying users to log in
[[email protected] ~]# smbclient //172.16.86.210/smbuser -U smbuserEnter SAMBA\smbuser‘s password:Try "help" to get a list of possible commands.smb: \> #之后操作跟ftp一样smb: \> put cektputting file cekt as \cekt (56.1 kb/s) (average 56.1 kb/s)#服务器[[email protected] samba]# ls /home/smbuser/.bash_logout .bash_profile .bashrc cekt
5.3 Shared Directory
#服务器[[email protected] samba]# mkdir /sambashared/node1 -pv[[email protected] samba]# chmod o+w /sambashared/node1 #可以用setfacl方式对指定用户开放权限 个人绝对这里都可以写,在smb中控制具体那些用户能写[[email protected] samba]# vim smb.conf[node1] comment = shared node1 path = /sambashared/node1 write list = smbuser,smbuser2 browseable = no #yes 个人账户登入会显示node1 no个人账户登入不会显示node1节点 guest ok = no[[email protected] samba]# systemctl restart nmb smb#客户端[[email protected] ~]# smbclient //172.16.86.210/node1 -U smbuserEnter SAMBA\smbuser‘s password:Try "help" to get a list of possible commands.smb: \> put ks3.cfgputting file ks3.cfg as \ks3.cfg (480.9 kb/s) (average 481.0 kb/s)
Shared directory Additional Usage scenarios
#共享目录本是为每个用户提供一个公共文件目录。以下是个人对共享目录的另外一种使用场景#每个用户不创建家目录,只能在公共目录中访问,#在共享目录下 创建每个用户的家目录,属主用户,数组smbroot,权限770,公共目录pub #这么设计的好处是smbroot 能管理所有账号,文件存放位置比较统一,容易管理[[email protected] ~]# useradd -M smbuser2[[email protected] ~]# smbpasswd -a smbuser2[[email protected] node1]# chown smbuser2.root t1[[email protected] node1]# ll总用量 8drwxrwx--- 3 smbuser smbroot 68 5月 21 19:05 smbuserdrwxrwx--- 3 smbuser2 smbroot 68 5月 21 19:05 smbuser2
6. Mount the client locally:
[[email protected] samba]# yum install cifs-utils -y[[email protected] ~]# mkdir /mnt/t5[[email protected] mnt]# mount -t cifs //172.16.86.210/node1 /mnt/t5 -o username=smbuser,password=zander[[email protected] ~]# mount -t cifs //172.16.86.210/node1 /mnt/t5 -o username=smbuserPassword for [email protected]//172.16.86.210/node1: ******[[email protected] ~]# cd /mnt/t5[[email protected] t5]# lltotal 4-rwxr--r-- 1 1004 1004 1970 May 21 02:38 ks3.cfg
7. Mount User Information view
[[email protected] node1]# Smbstatussamba version 4.7.1PID Username Group machine Protocol Version Encryption Signing-------------------------------------------------------------- --------------------------------------------------------------------------29289 smbuser smbuser 172.16.86.1 (i pv4:172.16.86.1:53772) smb3_02-partial (AES-128-CMAC) Service PID Machine Connected at Encryption Signing-------------------------------------------------------------------- -------------------------node1 29289 172.16.86.1 May 21 19:39 50 sec 2018 CST--locked files:pid Uid denymode Access r/w Oplock SharePath Name time-------------------------------- ------------------------------------------------------------------29289 1004 Deny_none 0x100081 rdonly None/sambAshared/node1. Mon may 19:39:53 201829289 1004 deny_none 0x100081 rdonly none/sambashared/node1. Mon May 21 19:39:53 2018
Linux Samba File system introduction