Samba service configuration in RHEL6

Samba-related software package System-config-sambasamba graphical interface software package Samba-swatsamba web interface management software package Samba daemon/usr/sbin/nmbd/usr/sbin/smbdSamba script/etc /init. d/smbSamba Port Nmbd: 137138 smbd: 1...

 

Samba related software packages

System-config-samba graphic interface software package

Samba-swat

Samba web interface management software package

Samba daemon

/Usr/sbin/nmbd/usr/sbin/smbd

Samba script

/Etc/init. d/smb

Samba Port

Nmbd: 137 138

Smbd: 139 445

Samba configuration file

/Etc/smb *

Lmhosts name resolution

Smbusers name ing

Smb. conf main configuration file

Passdb. tdb user authentication information file

How to configure samba

Three samba configurations are available.

/Etc/samba. conf

Graphic configuration

System-config-samba

Web interface configuration

Http: // localhost: 901

Yum list samba -*

Smbclient-L localhost: displays local shares anonymously

Smbclient-L // ip: Allows you to view remote sharing anonymously.

Smbclient // 192.168.0.2/dir: Anonymous remote sharing

Smbclient-L localhost-U root

Smbclient // 192.168.0.4/dir-U root: the client uses the user to access the server file

Mount // 192.168.0.254/dir/sam cifs username = guest2001, password = password 0 0

Selinux's control over samba

When the following error occurs when connecting to the server:

Domain = [STATION4] OS = [Unix] Server = [Samba 3.0.33-3.14.el5]

Tree connect failed: NT_STATUS_BAD_NETWORK_NAME

Selinux has control, and the following operations should be performed:

Setsebool-P samba_enable_home_dirs on

 

Tcp: 139,445 udp: 137,138

/Etc/init. d/smb status: There are two processes

Testparm: syntax test

Account Management:

 

Smbpasswd-a root: add the system user to the samba user

Pdbedit-a username: Create a Samba account.

Pdbedit-x username: delete the Samba account.

Pdbedit-L: list Samba users and read the passdb. tdb database files.

Pdbedit-Lv: list detailed information about the Samba user list.

Pdbedit-c "[D]"-u username: suspend the account of this Samba user.

Pdbedit-c "[]"-u username: restore the Samba user's account.

 

Selinux settings

Chcon-R-t samba_share_t/sam

 

To sum up, if you want to allow users to write to directories,

1. open the permission of the directory itself (chmod 777/sda6; chmod o + t/sda6)

2. open the control permission of samba itself (writable = yes)

3. Solve the selinux problem and change the context value of the shared directory. (Chcon-t

Samba_share_t-R/sda6; root: object_r: samba_share_t)

Smbd_disable_trans --» off (when it is on, Selinux temporarily loses access to samba.

Effect ,)

Admin users = manager of the shared account

Description: admin users is used to specify the share administrator (with full control over the share ).

). In samba 3.0, if the user authentication method is set to "security = share ",

Effect.

For example, admin users = bobyuan and jane (multiple users are separated by commas ).

Invalid users = forbidden to access the shared user

Description: invalid users is used to specify users that are not allowed to access the shared resource.

For example, invalid users = root, @ bob (multiple users or groups are separated by commas .)

Shared system directory:

Setsebool-P samba_export_all_ro on

Or

Setsebool-P samba_export_all_rw on

 

 

Main configuration file/etc/samba/smb. conf

Workgroup = RHEL5

Public = yes allow anonymous access

Public = no prohibit anonymous access

Valid users = user name

Valid users = @ group name

Readonly = yes read-only

Readonly = no read/write

Writeable = yes (anonymous users and normal users can write, anonymous users create directories as nobody)

Writeable = no read-only

Write list = user name

Write list = @ group name

Browseable = no indicates hiding the Directory

Smbpasswd-a roc add the samba account of the roc user

The/etc/samba directory does not contain the smbpasswd file.

The reason is that passdb backend = tdbsam has enabled verification comment-out.

Add smb passwd file =/etc/samba/smbpasswd

Account ING:

Edit the master matching file/etc/samba/smb. conf

Add a field username map =/etc/samba/smbusers in global to enable user account ING.

Edit/etc/samba/smbusers

Samba account = virtual account

Host deny = 192.168.0.

Host allow = 192.168.0.24

Smbclient-L 192.168.0.254

 

Back up the shared files in windows to the local machine:

Smbtar-s 192.168.0.254-u administrator-x kugoo-t kugo.tar

Smbtar-s 192.168.0.254-u administrator-p passwd-x kugoo-t

Kugo.tar

Iptables-A-INPUT-p tcp -- dport 137: 139-j ACCEPT

Iptables-A-INPUT-p tcp -- dport 445-j ACCEP

 

This article is from the "linux O & M" blog