samba
1.安装samba
[root@kvm ~]# yum install -y samba
tcp端口相对应的服务是smbd服务,其作用是提供对服务器中文件、打印资源的共享访问。
udp端口相对应的服务是nmbd服务,其作用是提供基于NetBIOS主机名称的解析。
TCP UDP
139 137
445 138
systemctl restart nmb
systemctl restart smb
[root@kvm ~]# netstat -tunpl |grep smb
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 3382/smbd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 3382/smbd
tcp6 0 0 :::445 :::* LISTEN 3382/smbd
tcp6 0 0 :::139 :::* LISTEN 3382/smbd
[root@kvm ~]# netstat -tunpl |grep nmb
udp 0 0 192.168.5.255:137 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.5.100:137 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.91.255:137 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.91.200:137 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.122.255:137 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.122.1:137 0.0.0.0:* 3352/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.5.255:138 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.5.100:138 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.91.255:138 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.91.200:138 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.122.255:138 0.0.0.0:* 3352/nmbd
udp 0 0 192.168.122.1:138 0.0.0.0:* 3352/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 3352/nmbd
2.修改配置文件
[root@kvm samba]# cat smb.conf
[cloud]
comment = cloud
path = /it
writeable = No
write list = admin11
hosts allow = 127. 192.168.12. 192.168.13.
描述信息
共享文件夹路径
关闭所有人可写
哪些人可以写
仅允许哪些网段访问
useradd admin11 创建admin11账号
smbpasswd -a admin11 给admin11设置密码
pdbedit -L 查看是否加入数据库中
testparm 检测配置文件语法
3.客户端验证
客户端安装包
[root@server1 ~]# yum install -y samba-client.x86_64
客户端测试
[root@server1 ~]# smbclient -L //192.168.5.100
Enter SAMBA\root's password:
Anonymous login successful
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
cloud Disk cloud
IPC$ IPC IPC Service (Samba 4.13.3)
SMB1 disabled -- no workgroup available
安装cifs驱动
[root@server1 ~]# yum install -y cifs-utils
挂载
[root@server1 ~]# mount -t cifs //192.168.5.100/cloud /mnt/cloud/ -o username=admin11
Password for admin11@//192.168.5.100/cloud: ***
服务端修改it文件夹权限
[root@kvm /]# chmod 777 it
客户端写入文件
[root@server1 cloud]# touch 1.txr
服务端查看
[root@kvm it]# ll
total 0
-rwxr--r--. 1 admin11 admin11 0 Nov 20 16:01 1.txr
修改客户端创建文件的权限
[root@kvm it]# cat /etc/samba/smb.conf
[cloud]
comment = cloud
path = /it
writeable = No
write list = admin11
create mask = 0644 创建文件的权限
directory mask = 0775 创建文件夹的权限
4.设置仅允许admin11可以挂载
修改配置文件
[cloud]
comment = cloud
path = /it
writeable = No
write list = admin11
create mask = 0644
directory mask = 0775
valid users = admin11
最后一行表示仅允许admin11可以挂载
[root@server1 ~]# mount -t cifs //192.168.5.100/cloud /mnt/cloud/ -o username=admin12
Password for admin12@//192.168.5.100/cloud: ***
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
5.写入/etc/fstab中
定义配置文件
[root@server1 samba]# cat cred.txt
username=admin11
password=123
[root@server1 samba]# chmod 400 cred.txt
写入挂载点
[root@server1 samba]# cat /etc/fstab |grep sam
//192.168.5.100/cloud /mnt/cloud cifs defaults,credentials=/etc/samba/cred.txt 0 0
mount -a 挂载
6.不同部门只能看到自己的共享
[root@kvm samba]# cat smb.conf
[cloud]
comment = cloud
path = /it
writeable = No
write list = admin11
create mask = 0644
browseable = No
directory mask = 0775
valid users = admin11
[hr]
comment = hr
path = /hr
writeable = No
write list = admin12
browseable = No #其他部门不能看到此文件夹
create mask = 0644
directory mask = 0775
valid users = admin12
浙公网安备 33010602011771号