02-SAMBA文件共享服务

SAMBA

作用：windows和类unix系统文件共享服务

---

服务端linux

---

软件 samba samba-common
service nmb smb
daemon nmbd smbd
端口 137 138|139 445
配置文件 /etc/samba/smb.conf
数据文件 /var/lib/samba
日志文件 /var/log/samba

===========================================

客户端linux

软件 samba-client
命令 smbclient
smbclient -L ip -U username
smbpasswd -a username
smbpasswd username
smbclient //172.25.0.11/共享名
smbclient //172.25.0.11/共享名 -U student
mount -t cifs //172.25.15.11/共享名 /mnt guest
mount -t cifs //172.25.15.11/共享名 /mnt -o username=student

详细步骤

系统用户
服务器端rhel6
###########
[root@rhel6 ~]# yum install -y samba samba-common
[root@rhel6 ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@rhel6 ~]#
[root@rhel6 ~]# service smb start
Starting SMB services: [ OK ]
[root@rhel6 ~]# service nmb start
Starting NMB services: [ OK ]
[root@rhel6 ~]# id student
uid=500(student) gid=500(student) groups=500(student)
[root@rhel6 ~]# which smbpasswd
/usr/bin/smbpasswd
[root@rhel6 ~]# smbpasswd -a student
New SMB password:
Retype new SMB password:
Added user student.
[root@rhel6 ~]# getsebool -a|grep samba
samba_create_home_dirs –> off
samba_domain_controller –> off
samba_enable_home_dirs –> off
samba_export_all_ro –> off
samba_export_all_rw –> off
samba_portmapper –> off
samba_run_unconfined –> off
samba_share_fusefs –> off
samba_share_nfs –> off
sanlock_use_samba –> off
use_samba_home_dirs –> off
virt_use_samba –> off
[root@rhel6 ~]# setsebool -P samba_enable_home_dirs 1
[root@rhel6 ~]# getsebool -a|grep samba
samba_create_home_dirs –> off
samba_domain_controller –> off
samba_enable_home_dirs –> on
samba_export_all_ro –> off
samba_export_all_rw –> off
samba_portmapper –> off
samba_run_unconfined –> off
samba_share_fusefs –> off
samba_share_nfs –> off
sanlock_use_samba –> off
use_samba_home_dirs –> off
virt_use_samba –> off

客户端linux——类似ftp的方式访问

[root@rhel7 ~]# systemctl stop firewalld
[root@rhel7 ~]# yum install -y samba-client
[root@rhel7 ~]# smbclient -L 172.25.0.11
Enter root’s password:
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]

Sharename       Type      Comment---------       ----      -------IPC$            IPC       IPC Service (Samba Server Version 3.6.9-164.el6)

Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]

Server               Comment---------            -------RHEL6                Samba Server Version 3.6.9-164.el6Workgroup            Master---------            -------MYGROUP              RHEL6

[root@rhel7 ~]# smbclient -L 172.25.0.11 -U student
Enter student’s password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]

Sharename       Type      Comment---------       ----      -------IPC$            IPC       IPC Service (Samba Server Version 3.6.9-164.el6)student         Disk      Home Directories

Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]

Server               Comment---------            -------RHEL6                Samba Server Version 3.6.9-164.el6Workgroup            Master---------            -------MYGROUP              RHEL6

[root@rhel7 ~]# smbclient //172.25.0.11/student -U student
Enter student’s password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]
smb: >
smb: > ls
NT_STATUS_ACCESS_DENIED listing *
smb: > ls
. D 0 Thu Jul 2 04:01:16 2015
.. D 0 Thu Jul 2 03:57:29 2015
.ssh DH 0 Thu Jul 2 04:01:07 2015
.bashrc H 124 Tue Jul 9 09:24:50 2013
.bash_logout H 18 Tue Jul 9 09:24:50 2013
.mozilla DH 0 Thu Jul 2 03:36:20 2015
.bash_history H 5 Thu Jul 2 04:01:16 2015
.gnome2 DH 0 Wed Jul 14 11:55:40 2010
.bash_profile H 176 Tue Jul 9 09:24:50 2013

    49584 blocks of size 8192. 45708 blocks available

smb: > exit

客户端windows

打开浏览器输入\172.25.0.11\
输入student和uplooking密码后就可以进入服务器中的用户家目录，创建目录aa，以及文件aa下的dd.txt

客户端linux

[root@rhel7 ~]# smbclient //172.25.0.11/student -U student
Enter student’s password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]
smb: > ls
. D 0 Thu Aug 4 04:30:31 2016
.. D 0 Thu Jul 2 03:57:30 2015
.ssh DH 0 Thu Jul 2 04:01:07 2015
aa D 0 Thu Aug 4 04:30:28 2016
.bashrc H 124 Tue Jul 9 09:24:50 2013
.bash_logout H 18 Tue Jul 9 09:24:50 2013
.mozilla DH 0 Thu Jul 2 03:36:20 2015
.bash_history H 5 Thu Jul 2 04:01:16 2015
.gnome2 DH 0 Wed Jul 14 11:55:40 2010
.bash_profile H 176 Tue Jul 9 09:24:50 2013

    49584 blocks of size 8192. 45707 blocks available

smb: > get aa
NT_STATUS_FILE_IS_A_DIRECTORY opening remote file \aa
smb: > cd aa
smb: \aa> ls
. D 0 Thu Aug 4 04:30:28 2016
.. D 0 Thu Aug 4 04:30:31 2016
dd.txt A 2 Thu Aug 4 04:31:01 2016

    49584 blocks of size 8192. 45707 blocks available

smb: \aa> get dd.txt
getting file \aa\dd.txt of size 2 as dd.txt (1.0 KiloBytes/sec) (average 1.0 KiloBytes/sec)
可以查看到了。

=====================================================================
服务器端rhel6

1.创建共享目录

/var/lib/samba/share

[root@rhel6 ~]# mkdir /var/lib/samba/share

2.修改配置文件

[root@rhel6 ~]# vim /etc/samba/smb.conf
[public]
comment = Public Stuff
path = /var/lib/samba/share
public = yes
writable = yes

3.重启服务

[root@rhel6 ~]# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@rhel6 ~]# service nmb restart
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]

4.修改共享目录的UGO权限

[root@rhel6 ~]# ll -d /var/lib/samba/share
drwxr-xr-x. 2 root root 4096 Aug 5 10:27 /var/lib/samba/share
[root@rhel6 ~]# grep nobody /etc/passwd
nobody:x:99:99:Nobody:/:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
[root@rhel6 ~]# chown nobody. /var/lib/samba/share
[root@rhel6 ~]# ll -d /var/lib/samba/share
drwxr-xr-x. 2 nobody nobody 4096 Aug 5 10:27 /var/lib/samba/share
[root@rhel6 ~]# touch /var/lib/samba/share
[root@rhel6 ~]# touch /var/lib/samba/share/smb-file{1..5}
[root@rhel6 ~]# chown nobody. /var/lib/samba/share -R

[root@rhel6 ~]# service smb stop
Shutting down SMB services: [ OK ]
[root@rhel6 ~]# service smb start
Starting SMB services: [ OK ]

客户端rhel7

[root@rhel7 ~]# smbclient -L 172.25.0.11
Enter root’s password:
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]

Sharename       Type      Comment---------       ----      -------public          Disk      Public StuffIPC$            IPC       IPC Service (Samba Server Version 3.6.9-164.el6)

Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]

Server               Comment---------            -------RHEL6                Samba Server Version 3.6.9-164.el6Workgroup            Master---------            -------MYGROUP              RHEL6

[root@rhel7 ~]# smbclient //172.25.0.11/public
Enter root’s password:
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.9-164.el6]
smb: > ls
. D 0 Thu Aug 4 22:32:12 2016
.. D 0 Thu Aug 4 22:30:52 2016
smb-file4 N 0 Thu Aug 4 22:32:12 2016
smb-file2 N 0 Thu Aug 4 22:32:12 2016
smb-file5 N 0 Thu Aug 4 22:32:12 2016
smb-file1 N 0 Thu Aug 4 22:32:12 2016
smb-file3 N 0 Thu Aug 4 22:32:12 2016

    34505 blocks of size 524288. 26941 blocks available

smb: > get smb-file1
getting file \smb-file1 of size 0 as smb-file1 (0.0 KiloBytes/sec) (average 0.0 KiloBytes/sec)
smb: > put rhel7
putting file rhel7 as \rhel7 (0.0 kb/s) (average 0.0 kb/s)
smb: > ls
. D 0 Thu Aug 4 22:34:46 2016
.. D 0 Thu Aug 4 22:30:52 2016
smb-file4 N 0 Thu Aug 4 22:32:12 2016
rhel7 A 0 Thu Aug 4 22:34:46 2016
smb-file2 N 0 Thu Aug 4 22:32:12 2016
smb-file5 N 0 Thu Aug 4 22:32:12 2016
smb-file1 N 0 Thu Aug 4 22:32:12 2016
smb-file3 N 0 Thu Aug 4 22:32:12 2016

    34505 blocks of size 524288. 26941 blocks available

smb: > exit

客户端windows

打开浏览器输入\172.25.0.11\
就能看到public了

=================================================================
以类似nfs挂接的方式来共享samba

客户端

mount -t cifs //172.25.0.11/student /mnt -o username=student
uplooking

1.安装软件cifs-utils

[root@rhel7 ~]# yum install -y cifs-utils

2.mount挂载

[root@rhel7 ~]# mount -t cifs //172.25.0.11/student /mnt -o username=student
Password for student@//172.25.0.11/student: ***
[root@rhel7 ~]# mount|tail -n 1
//172.25.0.11/student on /mnt type cifs (rw,relatime,vers=1.0,cache=strict,username=student,domain=RHEL6,uid=0,noforceuid,gid=0,noforcegid,addr=172.25.0.11,unix,posixpaths,serverino,acl,rsize=1048576,wsize=65536,actimeo=1)
[root@rhel7 ~]# cd /mnt
[root@rhel7 mnt]# ll
total 1024
-rwxrw-r–. 1 500 500 8 Aug 4 22:15 file-student.txt
drwxr-xr-x. 2 500 500 0 Aug 4 22:19 windows

3.可以设置开机自动挂载

/etc/bashrc或者/etc/profile中

===================================================================================
总结文件共享服务

          FTP     NFS      SAMBA

软件
service
daemon
端口
配置文件
数据文件

权限
配置文件
文件目录
SELINUX

==================================================================================

Samba的主配置文件/etc/samba/smb.conf详细解析

首先是全局配置

【global】

    workgroup = MYGROUP     -->工作组，工作组是windows上的概念    server string = Samba Server Version %v   -->关于samba的说明    netbios name = MYSERVER   -->网络名称

; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 –>接口网段信息
; hosts allow = 127. 192.168.12. 192.168.13. –>允许哪些机器来访问共享

; max protocol = SMB2

【logging options】 关于日志的配置

log file = /var/log/samba/log.%m        日志存放的位置，%m代表日期max log size = 50           日志的大小限制为50K

【 Standalone Server Options 】 关于安全级别的相关配置

    security = user    --> user代表需要用户名和密码，密码与下面的passdb backend有关，share代表任何来都可以直接访问，server指的是使用外部的密码，需要提供password server = IP的设置值才行。    passdb backend = tdbsam   -->数据库格式，默认的格式是tdbsam，文职被放置到/var/lib/samba/private/passwd.tdb

【 Share Definitions 】

[homes] –>默认情况用户家目录的共享信息

    comment = Home Directories    browseable = no    writable = yes

; valid users = %S
; valid users = MYDOMAIN\%S

[printers] –>关于打印机的配置，这是一些例子。下面跟上了一些选项。

    path = /var/spool/samba    browseable = no    guest ok = no    writable = no    printable = yes

[sharesmb] –>共享目录名

    comment = 说明    path = /test    -->共享路径    public = yes    -->是否所有人都能够访问    writable = yes  -->是否可以写    printable = no  -->是否打印，默认是no，写了yes会直接被传递到打印机，可以省略该行    write list = +staff  -->可写用户列表。我们这里先把这行删掉。    browsable=no    -->是否可浏览，如果是yes则默认隐藏。    hosts allow= 用来限制主机和网段。谁可以访问。