导读 | 目标:实现Samba文件共享服务 试验环境:两台主机服务端:192.168.56.11客户端:192.168.56.12 |
配置用户认证共享
服务端操作:
1.关闭防火墙,关闭selunix
[root@hejie ~]# setenforce 0 [root@hejie ~]# systemctl stop firewalld
2.安装软件包
[root@hejie ~]# yum install samba-* -y
3.启动smb服务并设置开机自启
[root@hejie ~]# systemctl start smb [root@hejie ~]# systemctl enable smb Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
关于Samba的配置文件
[root@hejie ~]# grep -Ev '^#|^$' /etc/samba/smb.conf [global] //全局参数 workgroup = SAMBA //工作组名称 非常重要 security = user //安全验证方式,总共四种 //share:无需验证身份,简单方便,安全性差 //user:需要验证用户密码才可以访问,安全性高 //server:需要通过三方服务器验证账号密码,(集中管理账户) //domain:使用域控制器进行身份验证 passdb backend = tdbsam //定义用户后台的类型,共有三种 //smbpasswd:为系统用户设置Samba服务程序的密码 //tdbsam:创建数据库文件并使用pdbedit命令建立Samba服务程序的用户 //ldapsam:基于LDAP服务进行账户验证 printing = cups //设置Samba共享打印机的类型 printcap name = cups //设置共享打印机的配置文件 load printers = yes //设置在Samba服务启动时是否共享打印机设备 cups options = raw //打印机的选项 [homes] //共享参数 comment = Home Directories //描述信息 valid users = %S, %D%w%S //允许访问该共享的用户 browseable = No //指定共享信息是否可见 read only = No inherit acls = Yes [printers] comment = All Printers 任意字符串 path = /var/tmp 共享目录路径 printable = Yes create mask = 0600 browseable = No 指定该共享是否可以浏览 [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = root 允许写入该共享的用户 create mask = 0664 directory mask = 0775
4.添加用户”zhengran”,不创建家目录,并设置密码。
[root@hejie ~]# useradd -M zhengran [root@hejie ~]# smbpasswd -a zhengran New SMB password: Retype new SMB password: Added user zhengran.
假设这里映射”zhengran”用户为share用户,那么就要在/etc/samba/smbusers文件中添加如下内容:
[root@hejie ~]# echo 'zhengran = share' > /etc/samba/smbusers
5.在全局配置中添加如下内容:
[root@hejie ~]# vim /etc/samba/smb.conf [global] workgroup = SAMBA security = user username map = /etc/samba/smbusers //添加此行内容 passdb backend = tdbsam
6.创建一个共享目录“zhengran”,并更改其属主属组为用户“zhengran”
[root@hejie ~]# mkdir /opt/zhengran [root@hejie ~]# chown -R zhengran.zhengran /opt/zhengran/ [root@hejie ~]# ll /opt/ total 0 drwxr-xr-x. 2 zhengran zhengran 6 Aug 7 17:22 zhengran
7.配置共享
[root@hejie ~]# cat >> /etc/samba/smb.conf <[zhengran] //共享名 > comment = zhengranwoaini //注释信息 > path = /opt/zhengran //共享目录路径 > browseable = yes //指定该共享是否可以浏览 > guest ok = yes //指定该共享是否允许guset账户访问 > writable = yes //指定目录是否可写 > write list = share //允许写入该共享的用户,组要用@表示,例如: write list = root,@root > public = yes //是否允许匿名访问 > EOF
8.用testparm检查配置文件是否有语法错误,可显示最终生效的配置
[root@hejie ~]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Processing section "[zhengran]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] workgroup = SAMBA printcap name = cups security = USER username map = /etc/samba/smbusers idmap config * : backend = tdb cups options = raw [homes] comment = Home Directories browseable = No inherit acls = Yes read only = No valid users = %S %D%w%S [printers] comment = All Printers path = /var/tmp browseable = No printable = Yes create mask = 0600 [print$] comment = Printer Drivers path = /var/lib/samba/drivers create mask = 0664 directory mask = 0775 write list = root [zhengran] comment = zhengranwoaini path = /opt/zhengran guest ok = Yes read only = No write list = share
9.重启smb服务
[root@hejie ~]# systemctl restart smb
客户端上操作:
1.安装工具包
[root@hyj ~]# yum install samba-client cifs-utils -y
在客户机查看samba服务端有哪些共享资源
[root@hyj ~]# smbclient -L 192.168.56.11 -U share Enter SAMBA/share's password: Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers zhengran Disk zhengranwoaini IPC$ IPC IPC Service (Samba 4.6.2) Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- -------
3.创建目录,并将samba服务器的共享资源zhengran挂载到客户机本地
[root@hyj ~]# mkdir /opt/ran [root@hyj ~]# mount -t cifs //192.168.56.11/zhengran /opt/ran -o username=share,password=123 [root@hyj ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/CentOS-root 17G 1016M 16G 6% / devtmpfs 982M 0 982M 0% /dev tmpfs 993M 0 993M 0% /dev/shm tmpfs 993M 8.5M 984M 1% /run tmpfs 993M 0 993M 0% /sys/fs/cgroup /dev/sda1 1014M 125M 890M 13% /boot tmpfs 199M 0 199M 0% /run/user/0 //192.168.56.11/zhengran 47G 5.4G 42G 12% /opt/ran
4.在客户机挂载点创建新文件
[root@hyj ~]# cd /opt/ran/ [root@hyj ran]# touch 1 2 3 [root@hyj ran]# ls 1 2 3
5.在服务器上验证
[root@hejie ~]# cd /opt/zhengran/ [root@hejie zhengran]# ls 1 2 3
配置匿名共享
服务端
1.修改配置文件
[root@hejie ~]# vim /etc/samba/smb.conf [global] workgroup = SAMBA security = user map to guest = Bad User //添加此行
2.创建共享目录
[root@hejie ~]# mkdir /opt/ranran [root@hejie ~]# chmod 777 /opt/ranran/ [root@hejie ~]# ll /opt/ranran/ -d drwxrwxrwx. 2 root root 6 Aug 7 19:24 /opt/ranran/
3.配置共享
[root@hejie ~]# cat >> /etc/samba/smb.conf <[ran] > comment = ranranwoaini > path = /opt/ranran > browseable = yes > writable = yes > guest ok = yes > public = yes > EOF
4.重启服务
[root@hejie ~]# systemctl restart smb
5.在客户机上查看服务器端有哪些共享资源
[root@hyj ~]# smbclient -L 192.168.56.11 -U 'Bad User' Enter SAMBA/Bad User's password: // 这里直接敲回车,不用输入密码 Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers zhengran Disk zhengranwoaini ran Disk ranranwoaini IPC$ IPC IPC Service (Samba 4.6.2) Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- -------
6.将samba服务器的共享资源ran挂在到客户机上
[root@hyj ~]# mount -t cifs //192.168.56.11/ran /opt/ran -o username='Bad User' Password for Bad User@//192.168.56.11/ran: [root@hyj ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 17G 1016M 16G 6% / devtmpfs 982M 0 982M 0% /dev tmpfs 993M 0 993M 0% /dev/shm tmpfs 993M 8.5M 984M 1% /run tmpfs 993M 0 993M 0% /sys/fs/cgroup /dev/sda1 1014M 125M 890M 13% /boot tmpfs 199M 0 199M 0% /run/user/0 //192.168.56.11/ran 47G 5.4G 42G 12% /opt/ran
7.在客户机上进入共享目录创建新文件
[root@hyj ~]# cd /opt/ran/ [root@hyj ran]# ls [root@hyj ran]# touch a b c [root@hyj ran]# ls a b c
8.在服务端验证
[root@hejie ~]# cd /opt/ranran/ [root@hejie ranran]# ls a b c
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/122558.html