Samba File Sharing

Summary from the book "Linux O & M path" by Ding yiming

Samba is a GPL-based Open-source software that interacts with Linux, UNIX, and windows. The required software includes Samba (server software package), samba-client (client software package), and samba-common (Samba public file software package ). Samba consists of two Daemon Processes: smbd and nmbd. the startup scripts of these two processes are independent.

The smbd service process provides file sharing and printing services for clients. In addition, the process is also responsible for user permissions and lock functions. The default listening ports of smbd are tcp139 and 445. Samba starts the smbd process through the smb service and uses netstat-nutlp to view the process port information.

Some common netstat options:

Netstat-A -- display all connection and listening ports. Including established connections (established) and those that listen to the listening request.

Netstat-s -- displays statistics by protocol. By default, statistics of IP, IPv6, ICMP, ICMPv6, TCP, tcpv6, UDP, and udpv6 are displayed. If your applications (such as Web browsers) run slowly, or you cannot display data such as Web pages. You can use this option to view the information displayed. You need to carefully check the rows of the statistical data, find the keyword of the error, and then confirm the problem.

Netstat-e -- this option is used to display statistics about Ethernet. It lists items including the total number of bytes, number of errors, number of delimiters, number of datagram, and number of broadcasts. These statistics include both the number of sent and received data packets. This option can be used to count some basic network traffic.

Netstat-r -- this option displays information about the route table, similar to the information shown later when you use the route print command. In addition to valid routes, valid connections are also displayed.

Netstat-n -- display the address and port number in numbers.

Netstat-B -- display executable components that contain each connection or listening port.

Netstat-o -- displays the ID of the process associated with each connection.

Netstat-P Proto -- display the connection of the Protocol specified by proto; proto can be one of the following protocols: TCP, UDP, tcpv6 or udpv6. If used with the-s option, statistics by protocol can be displayed.

You can run the command to view the port number: lsof-I: port number.

The nmbd process provides the NetBIOS Name Service to meet the shared access environment based on the CIFS protocol. By default, the process uses the udp137 port.

Note that the default iptables and SELinux policies will prevent remote users from accessing sambd, so temporarily disable

[[Email protected] tempal] # setenforce 0

[[Email protected] tempal] # service iptables stop

Permanently close

[[Email protected] tempal] # sed-I "/SELinux =/C SELinux = Disable"/etc/sysconfig/SELinux

[[Email protected] tempal] # chkconfig iptables off

Install Samba Software

[[Email protected] Web] # Yum-y install samba

[[Email protected] tempal] # Yum-y install samba-Client

Set shared directory

[[Email protected] tempal] # cd ../..

[[Email protected]/] # pwd

/

[[Email protected]/] # ls

Bin Dev home lib media opt root SELinux sys USR

Boot etc KS lost + found MNT proc sbin srv tmp VaR

[[Email protected]/] # mkdir/common

[[Email protected]/] # chmod 777/common

[[Email protected]/] # echo "hello">/common/smb.txt

Modify the configuration file:/etc/samba/smb. conf and add

[Common] # Name of share

Comment = common share # share note

Path =/common # path

Browseable = yes # all people can see

Guest OK = No # reject ammony

Writable = yes # can write

 

After practice, it is recommended that you do not add comments later !!!!!!! If you add a comment

[[Email protected]/] $ smbclient-u smbuser // 192.168.118.253/common

Enter smbuser's password:

Domain = [mygroup] OS = [UNIX] Server = [Samba 3.6.9-168. el6_5]

Tree connect failed: nt_status_bad_network_name

Last changed

Change the configuration and add an access account. The default account and password file are stored in the/var/lib/samba/private directory.

[[Email protected]/] # useradd-S/sbin/nologin smbuser

[[Email protected]/] # smbpasswd-A smbuser

New smb password:

Retype new smb password:

Added user smbuser.

[[Email protected]/] # service SMB start

Starting SMB services: [OK]

[[Email protected]/] # chkconfig SMB on

The smbpasswd command is as follows: smbpasswd [Option] account name

-A: add an account and set the password.

-X delete an account

-D. Disable the SMB account.

-E. Start the SMB account

Access in win7, start-> Run, enter \ IP

 

Display and log on to the Linux Client

Mounting in Linux:

[Email protected]:/# mkdir/COM

[Email protected]: // # Mount-t cifs // 192.168.118.253/common/com-O username = smbuser, password = 123

[Email protected]:/# ls-L/COM

Total usage 1024

-Rwxrwxrwx 1 Root 6 June 22 12:30 smb.txt

Start

[Email protected]: // echo "// 192.168.118.253/common/COM/smb cifs ults, username = smbuser, password = 123 0 0">/etc/fstab

Samba case: the design company ABC has four departments: Department of Commerce, Department of page design, Department of Development, and Department of O & M. a Samba server is established to meet the needs of various departments. Their departments have their respective directories.

[[Email protected] ~] # Mkdir-P/ABC/{sales, design, develop, OPS, share/{sales, design, develop, OPS }}

[[Email protected] ~] # Tree/ABC/

/ABC/

── Design

── Develop

── Ops

── Sales

── Share

── Design

── Develop

── Ops

── Sales

Add account

[[Email protected] ~] # Vim user. Sh

[[Email protected] ~] # Cat user. Sh

#! /Bin/bash

# Add users for share

Depart = (sales design develop OPS)

For g in $ {depart [@]}

Do

Groupadd $ G

For u in $ (SEQ 1 2)

Do

Useradd-m-S/sbin/nologin-G $ {g }$ {g} $ u

Done

Done

[[Email protected] ~] # Chmod A + x user. Sh

[[Email protected] ~] #./User. Sh

[[Email protected] ~] # Smbpasswd-A sales1

New smb password:

Retype new smb password:

Added user sales1.

[[Email protected] ~] # Smbpasswd-A sales2

New smb password:

Retype new smb password:

Added user sales2.

[[Email protected] ~] # Smbpasswd-A design1

New smb password:

Retype new smb password:

Added user design1.

[[Email protected] ~] # Smbpasswd-A design2

New smb password:

Retype new smb password:

Added user design2.

[[Email protected] ~] # Smbpasswd-A develop1

New smb password:

Retype new smb password:

Added user develop1.

[[Email protected] ~] # Smbpasswd-A develop2

New smb password:

Retype new smb password:

Added user develop2.

[[Email protected] ~] # Smbpasswd-A ops1

New smb password:

Retype new smb password:

Added user ops1.

[[Email protected] ~] # Smbpasswd-A OPS2

New smb password:

Retype new smb password:

Added user ops2.

[[Email protected] ~] #

Configuration File

[[Email protected] ~] # Vim/etc/samba/smb. conf

[[Email protected] ~] # Cat/etc/samba/smb. conf

[Global]

Workgroup = Staff

Server String = ABC. Corp share

Log File =/var/log/samba/log. % m

Max log size = 50

Security = user

Passdb backend = tdbsam

Load printers = Yes

Cups Options = raw

[Homes]

Comment = Home Directories

Browseable = No

Writable = Yes

[Sales]

Comment = sale share

Path =/ABC/sales

Browseable = Yes

Guest OK = No

Writable = No

Write list = @ sales

[Design]

Comment = design share

Path =/ABC/Design

Browseable = Yes

Guest OK = No

Writable = No

Write list = @ Design

[Develop]

Comment = develop share

Path =/ABC/develop

Browseable = Yes

Guest OK = No

Writable = No

Write list = @ develop

[OPs]

Comment = ops share

Path =/ABC/OPS

Browseable = Yes

Guest OK = No

Writable = No

Write list = @ Ops

[Share]

Comment = common share

Path =/ABC/share

Browseable = Yes

Guest OK = No

Writable = Yes

Writable = Yes

Modify permissions and restart the service

[[Email protected] ~] # Chmod 1770/ABC/{design, develop, OPS, sales}

[[Email protected] ~] # Chmod 1777/ABC/share

[[Email protected] ~] # Chown: Design/ABC/Design

[[Email protected] ~] # Chown: Develop/ABC/develop

[[Email protected] ~] # Chown: OPS/ABC/OPS

[[Email protected] ~] # Chown: Sales/ABC/sales

[[Email protected] ~] # Service SMB restart

Run the command on the test client to view the result.

You can see in win7

You can see the permission issues during connection: