Samba File Services for Linux

Last Update:2017-08-16 Source: Internet

Author: User

Tags chmod

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

I. Samba provides a CIFS protocol for shared files

1.SMB file sharing, common internal file system (CIFS), also known as Server Information Block (SMB), is a standard file and Printer Sharing system for Microsoft Windows Servers and clients.

2.Samba servers can be used to share Linux file systems as CIFS/SMB Network file shares and to share Linux printers as CIFS/SMB printer shares

Two. Installation Environment

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/9E/9B/wKiom1mTAFnxefPIAABqx8s_bd4774.png "style=" float : none; "title=" screenshot from 2017-08-15 11-36-23.png "alt=" Wkiom1mtafnxefpiaabqx8s_bd4774.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/9E/9B/wKiom1mTAFrA83kxAAAn6rwFU_A470.png "style=" float : none; "title=" screenshot from 2017-08-15 11-40-48.png "alt=" Wkiom1mtafra83kxaaan6rwfu_a470.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/9E/8A/wKioL1mTAFqzYdzHAAAtb_DG6d0441.png "style=" float : none; "title=" screenshot from 2017-08-15 11-42-46.png "alt=" Wkiol1mtafqzydzhaaatb_dg6d0441.png "/>

Support Files for Samba-common-samba

Samba-client-Client application

Samba-Server applications

Yum Install Samba Samba-common samba-client-y

Systemctl start SMB
Systemctl Enable SMB

Three. Adding an SMB user

1.SMB user must be local user when
Smbpasswd-a Student
New SMB Password: Enter the SMB current user password
Retype new SMB Password: Confirm password

Pdbedit-l Viewing SMB user information
Pdbedit-x SMB User Delete SMB user

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/9E/9B/wKiom1mTAQLw12U1AABTbF--tBQ025.png "title=" Screenshot from 2017-08-15 11-43-58.png "alt=" Wkiom1mtaqlw12u1aabtbf--tbq025.png "/>

2. Student login Unable to display shared content, mainly SELinux is not enabled for normal access

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/9E/9B/wKiom1mTAMHDw6UfAABWP5i3HxY195.png "style=" float : none; "title=" screenshot from 2017-08-15 12-13-41.png "alt=" Wkiom1mtamhdw6ufaabwp5i3hxy195.png "/>

In the case of SELinux open, modify the Sebool value, open access to home directory permissions, open to access

Setsebool-p enable_samba_home_dirs on in SELinux setting SMB users can access their home directory

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9E/9B/wKiom1mTAMLSHsjKAAGv4xorehY722.png "style=" float : none; "title=" screenshot from 2017-08-15 12-15-56.png "alt=" Wkiom1mtamlshsjkaagv4xorehy722.png "/>

Four. Basic settings for Shared directories

1. Basic Settings

Editing a configuration file vim/etc/samba/smb.conf

Workgroup = Westos Workgroup name

[Westos] Share name

Comment = Description of the shared directory
Path = absolute path to the shared directory

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M02/9E/8A/wKioL1mTAkfxLMk5AACQ2xgV1TU671.png "style=" float : none; "title=" screenshot from 2017-08-15 12-18-12.png "alt=" Wkiol1mtakfxlmk5aacq2xgv1tu671.png "/>

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9E/9B/wKiom1mTAkjx3k_dAABdgqQaV7o593.png "style=" float : none; "title=" screenshot from 2017-08-15 12-24-47.png "alt=" Wkiom1mtakjx3k_daabdgqqav7o593.png "/>

Smbclient-l//172.25.254.128-u Student You can see the shared directory you created

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/9E/8A/wKioL1mTAknwSDYCAADh6Fe3GpE494.png "style=" float : none; "title=" screenshot from 2017-08-15 12-25-53.png "alt=" Wkiol1mtaknwsdycaadh6fe3gpe494.png "/>

2. When a shared directory is a user-created directory, the context of the new directory needs to be modified
Semanage fcontext-a-t samba_share_t ' directory name (/.*)? '
RESTORECON-RVVF Directory Name

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9E/9B/wKiom1mTA2ehbzomAAFs4M88K8c486.png "style=" float : none; "title=" screenshot from 2017-08-15 12-31-50.png "alt=" Wkiom1mta2ehbzomaafs4m88k8c486.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/9E/8A/wKioL1mTA2jCf1xUAAC_53YkgpI012.png "style=" float : none; "title=" screenshot from 2017-08-15 12-32-28.png "alt=" Wkiol1mta2jcf1xuaac_53ykgpi012.png "/>

3. Modify the SELinux Sebool value when the shared directory is a directory for the system, in order not to affect the modification context to other services
Setsebool-p Samba_export_all_ro on read-only sharing
Setsebool-p SAMBA_EXPORT_ALL_RW on read/write sharing

System Catalogue Text Config/mnt

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/9E/9B/wKiom1mTA2iA4hFPAAAnmKVU5hU775.png "style=" float : none; "title=" screenshot from 2017-08-15 12-35-09.png "alt=" Wkiom1mta2ia4hfpaaanmkvu5hu775.png "/>

No changes, no files visible

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M01/9E/8A/wKioL1mTA2mwfOk4AACzZWni6iA286.png "style=" float : none; "title=" screenshot from 2017-08-15 12-36-57.png "alt=" Wkiol1mta2mwfok4aaczzwni6ia286.png "/>

The file can be read normally after modifying the Read permission of Samba

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9E/8A/wKioL1mTA2nRlGuAAADMgEYBn3I297.png "style=" float : none; "title=" screenshot from 2017-08-15 12-39-32.png "alt=" Wkiol1mta2nrlguaaadmgeybn3i297.png "/>

When read-only sharing is turned on: smbclient//172.25.254.128/config-u Student

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/9E/9B/wKiom1mTBIOwGEQuAADKDU0TaPo715.png "title=" Screenshot from 2017-08-15 12-41-13.png "alt=" Wkiom1mtbiowgequaadkdu0tapo715.png "/>

Five. Configuration parameters for Samba

1. Anonymous user access
Guest OK = yes
Map to Guest = Bad User Client Access anonymous

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9E/8A/wKioL1mTBSHSF9ExAAAqljF9fYk922.png "style=" float : none; "title=" screenshot from 2017-08-15 12-43-23.png "alt=" Wkiol1mtbshsf9exaaaqljf9fyk922.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9E/9C/wKiom1mTBSKzKe4dAAAw6XbYUAU109.png "style=" float : none; "title=" screenshot from 2017-08-15 12-44-40.png "alt=" Wkiom1mtbskzke4daaaw6xbyuau109.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M02/9E/9C/wKiom1mTBSLRoBgKAAC5xHanhFA776.png "style=" float : none; "title=" screenshot from 2017-08-15 12-48-00.png "alt=" Wkiom1mtbslrobgkaac5xhanhfa776.png "/>

2. Access control

Hosts Deny = Deny only

Deny 128 Login

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9E/8A/wKioL1mTBkXQ658IAAA_AtC1RtQ180.png "style=" float : none; "title=" screenshot from 2017-08-15 12-51-30.png "alt=" Wkiol1mtbkxq658iaaa_atc1rtq180.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/9E/8A/wKioL1mTBkSgR8Y5AABZP7HZtC8207.png "style=" float : none; "title=" screenshot from 2017-08-15 12-50-38.png "alt=" Wkiol1mtbksgr8y5aabzp7hztc8207.png "/>

Hosts allow = only allowed

Hosts allow =172.25.254.28, allows 28 login

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9E/9C/wKiom1mTBkXhBKa6AAC9wYhDEDg223.png "style=" float : none; "title=" screenshot from 2017-08-15 12-50-48.png "alt=" Wkiom1mtbkxhbka6aac9wyhdedg223.png "/>

Valid users = Active user currently shared
Valid users = Student A valid user for the current share is student

The shared valid user student is not added and cannot be accessed

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9E/9C/wKiom1mTBkagU7gcAACLPNHnZv8585.png "style=" float : none; "title=" screenshot from 2017-08-15 12-51-53.png "alt=" Wkiom1mtbkagu7gcaaclpnhnzv8585.png "/>

Edit Profile vim/etc/samba/smb.conf, add a shared active user, and then access

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9E/8A/wKioL1mTBkbyNM3LAAA8Y4X0xkw965.png "style=" float : none; "title=" screenshot from 2017-08-15 12-55-04.png "alt=" Wkiol1mtbkbynm3laaa8y4x0xkw965.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9E/8A/wKioL1mTB9DxCnTdAADxmWuyfcI273.png "style=" float : none; "title=" screenshot from 2017-08-15 12-55-20.png "alt=" Wkiol1mtb9dxcntdaadxmwuyfci273.png "/>

Valid users = @student A valid user for the current share is the student group
Valid users = +student Current shared valid user is student group

New user Lee, belonging to the student group, who belongs to the active access group

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M02/9E/9C/wKiom1mTCD-wMpPYAAASQ4L64yU994.png "title=" Screenshot from 2017-08-15 13-02-52.png "alt=" Wkiom1mtcd-wmppyaaasq4l64yu994.png "/>

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9E/9C/wKiom1mTCE2zU1_vAABep8iGaLQ843.png "title=" Screenshot from 2017-08-15 13-03-01.png "alt=" Wkiom1mtce2zu1_vaabep8igalq843.png "/>

After editing the profile vim/etc/samba/smb.conf to +student, Lee users can access

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9E/9C/wKiom1mTB9Hzj6O2AAA_184TSJQ688.png "style=" float : none; "title=" screenshot from 2017-08-15 12-56-03.png "alt=" Wkiom1mtb9hzj6o2aaa_184tsjq688.png "/>

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9E/8A/wKioL1mTB9HQGUkYAADu_SH57EQ976.png "style=" float : none; "title=" screenshot from 2017-08-15 13-02-04.png "alt=" Wkiol1mtb9hqgukyaadu_sh57eq976.png "/>

3. Read/write Control
All users can write
chmod o+w/mnt
Setsebool-p SAMBA_EXPORT_ALL_RW on
Vim/etc/samba/smb.conf
writable = yes

Mount-o username=student,password=123//172.25.254.128/config/mnt/on the client as student to mount the 172.25.254.128/config to /mnt on

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M02/9E/8A/wKioL1mTCh6gDmq_AADOhY7kzao337.png "style=" float : none; "title=" screenshot from 2017-08-15 13-11-58.png "alt=" Wkiol1mtch6gdmq_aadohy7kzao337.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9E/8A/wKioL1mTCh-hzNmFAAAXcN4nMgg088.png "style=" float : none; "title=" screenshot from 2017-08-15 13-16-21.png "alt=" Wkiol1mtch-hznmfaaaxcn4nmgg088.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/9E/9C/wKiom1mTCiOzBpK7AAArHYilJ5c316.png "style=" float : none; "title=" screenshot from 2017-08-15 13-50-33.png "alt=" Wkiom1mtciozbpk7aaarhyilj5c316.png "/>

Sets the specified user-writable
Write list = student #可写用户
Write list = +student #可写用户组
Write list = @student
Admin users = Westos #共享的超级用户指定

6.SMB Multi-User mount
On the client
Vim/root/haha
Username=student
Password=lee

chmod 600/root/haha

Yum Install Cifs-utils-y

Mount-o CREDENTIALS=/ROOT/HAHA,MULTIUSER,SEC=NTLMSSP//172.25.254.100/haha/mnt/

#credentials =/root/haha The user files that are used when the mount is specified
#multiuser support multi-user authentication
#sec =NTLMSSP authentication method for standard SMB authentication

Su-kiosk
Ls/mnt
Ls:cannot Access/mnt:permission denied #因为没有作smb的认证所以无法访问smb共享
Cifscreds add-u Westos 172.25.254.100
Password: # #smb用户westos的密码
Ls/mnt

Samba File Services for Linux

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More