############### #SMB文件共享 ###############
The Internet File System (CIFS) also becomes a server that is used by microsftwindows servers and clients to share system Information blocks (SMB) with standard files and printers
Samba services can be used to share Linux file systems as CIFS/SMB Network file shares and to share Linux printers as CIFS/SMB printer shares
Package:
Samba-common Samba Support Files
samba-client Client application
Samba Server application
Server name: SMB NMB
Service port: All connections are usually made using tcp/445. Backwards compatibility with UDP137, UDP138, and tcp/139
Master configuration file:/etc/samba/smb.conf
*) Installation Service ####################
[Email protected] ~]# Yum Search Samba
[[email protected] ~]# yum install samba-client.x86_64 samba-common.x86_64 samba.x86_64-y installing SMB Service
[[email protected] ~]# systemctl start SMB start service
[Email protected] ~]# netstat-antlupe | grep SMB View service port (two services)
[Email protected] ~]# netstat-antlupe | grep nmb
[Email protected] ~]# smbclient-l//172.25.12.12 view (anonymous)
Enter root ' s password: enter
Anonymous Login successful anonymous
*) Create SMB user #######################
To create an SMB user, the user must be an existing user of the system
[[email protected] ~]# pdbedit-l view SMB user
[Email protected] ~]#
[[email protected] ~]# smbpasswd-a student Create an SMB user
The system does not have users and cannot join, as follows
[Email protected] ~]# smbpasswd-a Westos
[[email protected] ~]# smbclient-l//172.25.12.12-u student view as a user
[[email protected] ~]# smbclient//172.25.12.12/student-u student Login
*) Implement Mount ############################
-12 Host---
[[email protected] yum.repos.d]# yum install samba-client-y installation Service
[Email protected] ~]# mount-o username=student,password=123//172.25.12.12/student/mnt/
*) Modify the name ########################
[[email protected] ~]# vim/etc/samba/smb.conf Edit configuration file
[[email protected] ~]# systemctl restart Smb.service Restart Service
[[Email protected]
The change was successful! As follows
*) Specify who is logged in smb#########################
[[email protected] ~]# vim/etc/samba/smb.conf Modify Configuration
[[email protected] ~]# systemctl restart Smb.service Restart Service
The following 10 host logins, 250 hosts cannot log on
*) Share your own directory #########################
Scenario 1:
[[email protected] ~]# Getenforce View firewall status
[[email protected] ~]# Mkdir/westos new directory
Disabled
[[email protected] ~]# vim/etc/samba/smb.conf Modify configuration file
[[email protected] ~]# systemctl restart Smb.service Restart Service
As below, login to see your own directory!
Situation Two:
[Email protected] ~]# Setenforce 1
[Email protected] ~]# Getenforce
Enforcing
You need to change the security context
[Email protected] ~]#ls-zd/westos/
Drwxr-xr-x. Root root unconfined_u:object_r:default_t:s0/westos/
[Email protected] ~]#semanage fcontext-a-T samba_share_t '/westos (/.*)? '
[Email protected] ~]# ls-zd/westos/
Drwxr-xr-x. Root root unconfined_u:object_r:default_t:s0/westos/
[Email protected] ~]#restorecon-fvvr/westos/
Restorecon Reset/westos Context Unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
Restorecon Reset/westos/file1 Context Unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
Restorecon Reset/westos/file2 Context Unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
Restorecon Reset/westos/file3 Context Unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
Mount
Permanent Mount
[Email protected] ~]# Vim/etc/fstab
Mount-a make policy effective
*) Anonymous User login #######################
[[email protected] ~]# vim/etc/samba/smb.conf Modify configuration file
[[email protected] ~]# systemctl restart Smb.service Restart Service
Mount:
[email protected] ~]# Mount//172.25.12.12/data/mnt/-o username=guest,password= ""
An error occurred due to a different version
Mount as below:
[Email protected] ~]# mount//172.25.12.12/data/mnt/-o username=guest Mount
[[email protected] ~]# smbclient-l/172.25.12.12 Anonymous login on
Permanent Mount
*) User can write ########################
Do not write as above!
[Email protected] ~]# vim/etc/samba/smb.conf
[Email protected] ~]# systemctl restart Smb.service
[Email protected] ~]# ls-ld/westos/
Drwxr-xr-x 2 Root 4 16:18/westos/View permissions
[[email protected] ~]# setfacl-m u:student:rwx/westos/ give the user read and write execution rights
As below, the user can write a
[[email protected] ~]# useradd westos New user
[[email protected] ~]# smbpasswd-a westos build SMB user
[[email protected] ~]# usermod-g student Westos The user into the S group
[[email protected] ~]# setfacl-m g:student:rwx/westos/give group permissions
326 Write list = @student @/+ for this group
[[email protected] ~]# useradd admin New user name for admin not real admin no admin right
Give him a super-family status as follows
The following admin can write!
*) Hide shared directory ######################
browseable = no defaults to Yes to hide this shared directory (not visible, can be used)
*) Specifies the use of SMB user #########################
vaild users = +student only student group with SMB
vaild users = Student only student user with SMB
[email protected] ~]# Mount//172.25.12.12/data/mnt/-o username=admin,password=123
Mount Error: Permission denied adimin cannot be mounted
Refer to the Mount.cifs (8) manual page (e.g. Mans mount.cifs)
--SMB User Change Password------
[Email protected] ~]# SMBPASSWD Student
New SMB Password: Enter a password
Retype new SMB Password: confirm the password
*) Certified ##################################
[[email protected] mnt]# Su-kiosk non-SMB user
[Email protected] ~]$ cd/mnt
[[email protected] mnt]$ ls to see unsafe
File File1 file2 file3
SMB Multi-user mounts
Client
[[email protected] ~]# yum install cifs-utils-y installation Service
[[email protected] ~]# vim/root/smbfile Edit File
SMB Multi-user authentication
[Email protected] ~]# mount-o CREDENTIALS=/ROOT/SMBFILE,MULTIUSER,SEC=NTLMSSP//172.25.12.12/data/mnt
[[email protected] mnt]$ cifscreds add-u westos 172.25.12.12 view as SMB user
Password:
[[email protected] mnt]$ ls
File file1 file2 file3 Liu
[[email protected] mnt]$ mkdir Huan build Directory
LINUX-SMB file Sharing