samba文件共享服务的配置

时间:2024-03-09 22:49:59

samba文件共享服务的配置

服务端配置

一、安装samba软件包

命令:yum -y install samba

查看是否安装samba。

 1 [root@Centos7-Server haha]# 
 2 [root@Centos7-Server haha]# rpm -qa |grep "samba"
 3 samba-common-tools-4.8.3-4.el7.x86_64
 4 samba-client-libs-4.8.3-4.el7.x86_64
 5 samba-4.8.3-4.el7.x86_64
 6 samba-common-libs-4.8.3-4.el7.x86_64
 7 samba-client-4.8.3-4.el7.x86_64
 8 samba-libs-4.8.3-4.el7.x86_64
 9 samba-common-4.8.3-4.el7.noarch
10 [root@Centos7-Server haha]# 

二、修改配置文件/etc/samba/smb.conf

 1 [root@Centos7-Server haha]# vim /etc/samba/smb.conf
 2 
 3 
 4         passdb backend = tdbsam
 5 
 6         printing = cups
 7         printcap name = cups
 8         load printers = yes
 9         cups options = raw
10 
11 [homes]
12         comment = Home Directories
13         valid users = %S, %D%w%S
14         browseable = No
15         read only = No
16         inherit acls = Yes
17 
18 [printers]
19         comment = All Printers
20         path = /var/tmp
21         printable = Yes
22         create mask = 0600
23         browseable = No
24 
25 [print$]
26         comment = Printer Drivers
27         path = /var/lib/samba/drivers
28         write list = @printadmin root
29         force group = @printadmin
30         create mask = 0664
31         directory mask = 0775
32 [common]
33         path = /common
34         #read only =No
35         write list = yck
36 
37 [sharetest]                 #自定义名称
38         path = /sharetest             # 共享目录的路径
39         write list = yck              #允许yck用户具有写的权限,当用yck用户认证访问共享目录时,如果想在共享目录中创建删除,需要将认证的用户添加到这里。
40                                               

三、创建共享的目录/sharetest,并配置acl定制权限。yck用户可读可写可执行。为yck用户创建samba认证密码。

[root@Centos7-Server /]# 
[root@Centos7-Server /]# 
[root@Centos7-Server /]# pdbedit -a yck
new password:123
retype new password:123
Unix username:        yck
NT username:          
Account Flags:        [U          ]
User SID:             S-1-5-21-2724557272-74377362-1933674451-1000
Primary Group SID:    S-1-5-21-2724557272-74377362-1933674451-513
Full Name:            yck
Home Directory:       \\centos7-server\yck
HomeDir Drive:        
Logon Script:         
Profile Path:         \\centos7-server\yck\profile
Domain:               CENTOS7-SERVER
Account desc:         
Workstations:         
Munged dial:          
Logon time:           0
Logoff time:          Wed, 06 Feb 2036 23:06:39 CST
Kickoff time:         Wed, 06 Feb 2036 23:06:39 CST
Password last set:    Wed, 17 Apr 2019 13:57:43 CST
Password can change:  Wed, 17 Apr 2019 13:57:43 CST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@Centos7-Server /]# 
[root@Centos7-Server /]# 

 

 1 [root@Centos7-Server /]# mkdir sharetest                                           #创建sharetest目录 2 [root@Centos7-Server /]# setfacl -m u:yck:rwx sharetest/                           #配置acl,yck对sharetest目录具有rwx权限 3 [root@Centos7-Server /]# ll
 4 total 28
 5 lrwxrwxrwx.   1 root root    7 Apr 12 15:47 bin -> usr/bin
 6 dr-xr-xr-x.   5 root root 4096 Apr 17 10:56 boot
 7 drwxr-xr-x.   2 root root   21 Apr 17 10:48 common
 8 drwxr-xr-x.  19 root root 3200 Apr 17 10:55 dev
 9 drwxr-xr-x. 140 root root 8192 Apr 17 11:11 etc
10 drwxr-xr-x.   3 root root   17 Apr 12 15:59 home
11 lrwxrwxrwx.   1 root root    7 Apr 12 15:47 lib -> usr/lib
12 lrwxrwxrwx.   1 root root    9 Apr 12 15:47 lib64 -> usr/lib64
13 drwxr-xr-x.   2 root root    6 Apr 11  2018 media
14 drwxr-xr-x.   2 root root    0 Apr 17 10:48 mnt
15 drwxr-xr-x.   3 root root   16 Apr 12 15:52 opt
16 dr-xr-xr-x. 180 root root    0 Apr 17 10:55 proc
17 dr-xr-x---.  16 root root 4096 Apr 17 13:38 root
18 drwxr-xr-x.  42 root root 1320 Apr 17 11:16 run
19 lrwxrwxrwx.   1 root root    8 Apr 12 15:47 sbin -> usr/sbin
20 drwxrwxr-x+   3 root root   31 Apr 17 11:52 sharetest                               #+表示具有其他的权限配置
21 drwxr-xr-x.   2 root root    6 Apr 11  2018 srv
22 dr-xr-xr-x.  13 root root    0 Apr 17 10:55 sys
23 drwxrwxrwt.  26 root root 4096 Apr 17 13:39 tmp
24 drwxr-xr-x.  13 root root  155 Apr 12 15:47 usr
25 drwxr-xr-x.  22 root root 4096 Apr 12 16:56 var
26 [root@Centos7-Server /]# 

四、selinux配置samba的读写功能的开启

查看samba的读写功能是否开启。

 1 [root@Centos7-Server /]# 
 2 [root@Centos7-Server /]# getsebool -a |grep "samba"
 3 samba_create_home_dirs --> off
 4 samba_domain_controller --> off
 5 samba_enable_home_dirs --> off
 6 samba_export_all_ro --> off                        #读权限关闭
 7 samba_export_all_rw --> off                                      #写权限关闭
 8 samba_load_libgfapi --> off
 9 samba_portmapper --> off
10 samba_run_unconfined --> off
11 samba_share_fusefs --> off
12 samba_share_nfs --> off
13 sanlock_use_samba --> off
14 tmpreaper_use_samba --> off
15 use_samba_home_dirs --> off
16 virt_use_samba --> off
17 [root@Centos7-Server /]# 

开启读写功能

 1 [root@Centos7-Server /]# 
 2 [root@Centos7-Server /]# setsebool samba_export_all_ro on
 3 [root@Centos7-Server /]# setsebool samba_export_all_rw on
 4 [root@Centos7-Server /]# getsebool -a |grep "samba"
 5 samba_create_home_dirs --> off
 6 samba_domain_controller --> off
 7 samba_enable_home_dirs --> off
 8 samba_export_all_ro --> on
 9 samba_export_all_rw --> on
10 samba_load_libgfapi --> off
11 samba_portmapper --> off
12 samba_run_unconfined --> off
13 samba_share_fusefs --> off
14 samba_share_nfs --> off
15 sanlock_use_samba --> off
16 tmpreaper_use_samba --> off
17 use_samba_home_dirs --> off
18 virt_use_samba --> off
19 [root@Centos7-Server /]# 

五、防火墙(将默认区域设置为trusted)

1 [root@Centos7-Server /]# 
2 [root@Centos7-Server /]# firewall-cmd --set-default-zone=trusted 
3 success
4 [root@Centos7-Server /]# firewall-cmd --get-default-zone 
5 trusted
6 [root@Centos7-Server /]# 

六、挂载使用。

安装cifs-utils软件包,用于支持cifs协议。samba用cifs协议传输数据。

 1 [root@Centos7-Server /]# 
 2 [root@Centos7-Server /]# yum -y install cifs-utils
 3 [root@Centos7-Server /]# 
 4 [root@Centos7-Server /]# 
 5 [root@Centos7-Server /]# mount -t cifs -o user=yck,pass=123 //192.168.0.50/sharetest /mnt
 6 [root@Centos7-Server /]# df -h
 7 Filesystem                Size  Used Avail Use% Mounted on
 8 /dev/sda2                  36G  4.1G   32G  12% /
 9 devtmpfs                  895M     0  895M   0% /dev
10 tmpfs                     910M     0  910M   0% /dev/shm
11 tmpfs                     910M   11M  900M   2% /run
12 tmpfs                     910M     0  910M   0% /sys/fs/cgroup
13 tmpfs                     182M     0  182M   0% /run/user/0
14 tmpfs                     182M   12K  182M   1% /run/user/42
15 //192.168.0.251/linux      62G   33G   30G  53% /root/share
16 //192.168.0.50/common      36G  4.1G   32G  12% /mnt
17 //192.168.0.50/sharetest   36G  4.1G   32G  12% /mnt
18 [root@Centos7-Server /]# 
mount         -t            cifs      -o      user=yck,   pass=123    //192.168.0.50/sharetest       /mnt
命令 指定我文件系统类型 cifs文件系统 表示后面跟参数 用户名 密码 共享位置 挂载点

 永久挂载,科技自动挂载。

 1 root@yck-virtual-machine:/# 
 2 root@yck-virtual-machine:/# cat /etc/fstab 
 3 # /etc/fstab: static file system information.
 4 #
 5 # Use \'blkid\' to print the universally unique identifier for a
 6 # device; this may be used with UUID= as a more robust way to name devices
 7 # that works even if disks are added and removed. See fstab(5).
 8 #
 9 # <file system> <mount point>   <type>  <options>       <dump>  <pass>
10 # / was on /dev/sda1 during installation
11 UUID=231caf54-bdcd-4a5b-b3a0-116b3b97ef51 /               ext4    errors=remount-ro 0       1
12 /swapfile                                 none            swap    sw              0       0
13 #/dev/sdb5                                 /home/yck/part  ext4    defaults         0      0
14 #/dev/yck_vg/yck_data                      /home/yck/part   ext4    defaults        0       1
15 //192.168.0.50/sharetest                  /mnt            cifs    defaults,user=yck,pass=123,_netdev   0 0           #挂载网络共享文件夹
16 root@yck-virtual-machine:/# 
//192.168.0.50/sharetest                  /mnt            cifs    defaults,user=yck,pass=123,_netdev   0 0  
共享目录、共享位置 挂载点 文件系统 参数 用户名 密码 声明该挂载为网络设备 备份标记 不检测

测试、etc/fstab 里面的配置是否有误,挂载是否成功。
1 root@yck-virtual-machine:/# mount -a
2 root@yck-virtual-machine:/# 

mount -a  不报错表示配置文件无误,挂载成功。但必须先确保该挂载位置未事先挂载才能进行测试。不然不管怎么测都是不会报错的。