Linux_搭建Samba服务(认证访问)
【RHEL8】—SMBserver;【RHEL7】—SMBclient
!!!测试环境我们首关闭防火墙和selinux(SMBserver和SMBclient都需要)
[root@localhost ~]# systemctl stop firewalld [root@localhost ~]# systemctl disable firewalld [root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config [root@localhost ~]# setenforce 0
关于Samba配置文件的说明,访问:https://www.cnblogs.com/520qiangge/p/13413414.html
一、Samba服务端配置
1、查看一下服务端IP
[root@SMBserver ~]# ifconfig ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.174.128 netmask 255.255.255.0 broadcast 192.168.174.255 inet6 fe80::fa13:32e0:3b9f:2196 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:cd:6a:1b txqueuelen 1000 (Ethernet) RX packets 1109 bytes 92293 (90.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 658 bytes 77689 (75.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 88 bytes 7600 (7.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 88 bytes 7600 (7.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2、SMBserver安装Samba服务,并设置开机自启
[root@SMBserver ~]# yum install -y samba [root@SMBserver ~]# rpm -qa samba samba-4.10.4-1.el8.x86_64 [root@SMBserver ~]# systemctl start smb nmb [root@SMBserver ~]# systemctl enable smb nmb Created symlink /etc/systemd/system/multi-user.target.wants/smb.service → /usr/lib/systemd/system/smb.service. Created symlink /etc/systemd/system/multi-user.target.wants/nmb.service → /usr/lib/systemd/system/nmb.service.
3、查看端口是否监听
[root@SMBserver ~]# netstat -tunlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1083/sshd tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 18363/smbd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 18363/smbd tcp6 0 0 :::22 :::* LISTEN 1083/sshd tcp6 0 0 :::445 :::* LISTEN 18363/smbd tcp6 0 0 :::139 :::* LISTEN 18363/smbd udp 0 0 0.0.0.0:68 0.0.0.0:* 1588/dhclient udp 0 0 192.168.174.255:137 0.0.0.0:* 18367/nmbd udp 0 0 192.168.174.128:137 0.0.0.0:* 18367/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 18367/nmbd udp 0 0 192.168.174.255:138 0.0.0.0:* 18367/nmbd udp 0 0 192.168.174.128:138 0.0.0.0:* 18367/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 18367/nmbd
4、创建认证用户(zhangsan),并为zhangsan用户创建smb共享密码
[root@SMBserver ~]# useradd -M zhangsan [root@SMBserver ~]# id zhangsan uid=1000(zhangsan) gid=1000(zhangsan) 组=1000(zhangsan) [root@SMBserver ~]# smbpasswd -a zhangsan New SMB password: //这里我设置密码123456 Retype new SMB password: Added user zhangsan.
5、创建共享资源,并给予完全共享的(给全部的权限)
[root@SMBserver ~]# mkdir -p /sambadir/share [root@SMBserver ~]# chmod 777 /sambadir/share/ [root@SMBserver ~]# ll /sambadir/ 总用量 0 drwxrwxrwx. 2 root root 6 8月 1 15:28 share
6、编辑配置文件
[root@SMBserver ~]# vim /etc/samba/smb.conf [root@SMBserver ~]# cat /etc/samba/smb.conf # See smb.conf.example for a more detailed config file or # read the smb.conf manpage. # Run 'testparm' to verify the config is correct after # you modified it. [global] workgroup = SAMBA security = user passdb backend = tdbsam printing = cups printcap name = cups load printers = yes cups options = raw [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @printadmin root force group = @printadmin create mask = 0664 directory mask = 0775 [share] comment = my first samba-file path = /sambadir/share browseable = yes public = yes writeable = yes write list = zhangsan //添加这句,允许zhangsan 用户访问该文件目录
7、测试smb.conf文件语法是否错误
[root@SMBserver ~]# testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions //这里提示这样的信息,叫你回车就会显示刚刚写的配置文件的内容,就代表没有语法错误,我就没回车了,节省时间
8、重启smb,nmb服务
[root@SMBserver ~]# systemctl restart smb [root@SMBserver ~]# systemctl restart nmb [root@SMBserver ~]# netstat -tunlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1083/sshd tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 24451/smbd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 24451/smbd tcp6 0 0 :::22 :::* LISTEN 1083/sshd tcp6 0 0 :::445 :::* LISTEN 24451/smbd tcp6 0 0 :::139 :::* LISTEN 24451/smbd udp 0 0 0.0.0.0:68 0.0.0.0:* 1588/dhclient udp 0 0 192.168.174.255:137 0.0.0.0:* 24462/nmbd udp 0 0 192.168.174.128:137 0.0.0.0:* 24462/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 24462/nmbd udp 0 0 192.168.174.255:138 0.0.0.0:* 24462/nmbd udp 0 0 192.168.174.128:138 0.0.0.0:* 24462/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 24462/nmbd
到这认证访问的服务端就配置完成
二、配置客户端
1、SMBclient查看是否有安装samba-client,cifs-utils软件包
[root@smbclient ~]# yum info samba-client cifs-utils 已加载插件:product-id, search-disabled-repos, subscription-manager This system is not registered with an entitlement server. You can use subscription-manager to register. 可安装的软件包 名称 :cifs-utils 架构 :x86_64 版本 :6.2 发布 :10.el7 大小 :85 k 源 :dvd 简介 : Utilities for mounting and managing CIFS mounts 网址 :http://linux-cifs.samba.org/cifs-utils/ 协议 : GPLv3 描述 : The SMB/CIFS protocol is a standard file sharing protocol widely deployed : on Microsoft Windows machines. This package contains tools for mounting : shares on Linux using the SMB/CIFS protocol. The tools in this package : work in conjunction with support in the kernel to allow one to mount a : SMB/CIFS share onto a client and use it as if it were a standard Linux : file system. 名称 :samba-client 架构 :x86_64 版本 :4.6.2 发布 :8.el7 大小 :597 k 源 :dvd 简介 : Samba client programs 网址 :http://www.samba.org/ 协议 : GPLv3+ and LGPLv3+ 描述 : The samba-client package provides some SMB/CIFS clients to complement : the built-in SMB/CIFS filesystem in Linux. These clients allow access : of SMB/CIFS shares and printing to SMB/CIFS printers.
2、安装samba-client,cifs-utils软件包
[root@smbclient ~]# yum install -y samba-client cifs-utils [root@smbclient ~]# rpm -qa samba-client cifs-utils cifs-utils-6.2-10.el7.x86_64 samba-client-4.6.2-8.el7.x86_64
3、客户端以zhangsan用户身份查看samba服务器有哪些共享资源
[root@smbclient ~]# smbclient -L //192.168.174.128 -U zhangsan Enter SAMBA\zhangsan's password: //输入刚刚给zhangsan用户创建的smb共享密码 Domain=[SMBSERVER] OS=[Windows 6.1] Server=[Samba 4.10.4] Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers share Disk my first samba-file IPC$ IPC IPC Service (Samba 4.10.4) zhangsan Disk Home Directories Domain=[SMBSERVER] OS=[Windows 6.1] Server=[Samba 4.10.4] Server Comment --------- ------- Workgroup Master --------- ------- SAMBA SMBSERVER
4、客户端创建挂载目录
[root@smbclient ~]# mkdir /smbdir
5、客户端以zhangsan用户身份挂载服务端共享的资源目录
[root@smbclient ~]# mount.cifs -o username=zhangsan,password=123456 //192.168.174.128/share /smbdir/ //这里不需要输入密码 如果密码错误会会提示报错 错误示例: [root@smbclient ~]# mount.cifs -o username=zhangsan,password=123 //192.168.174.128/share /smbdir/ mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) //这里就会显示拒绝访问
6、查看是否挂载成功
[root@smbclient ~]# df -h 文件系统 容量 已用 可用 已用% 挂载点 /dev/mapper/rhel-root 50G 1.1G 49G 3% / devtmpfs 901M 0 901M 0% /dev tmpfs 912M 0 912M 0% /dev/shm tmpfs 912M 8.7M 904M 1% /run tmpfs 912M 0 912M 0% /sys/fs/cgroup /dev/sr0 3.8G 3.8G 0 100% /mnt /dev/mapper/rhel-home 27G 33M 27G 1% /home /dev/sda1 1014M 143M 872M 15% /boot tmpfs 183M 0 183M 0% /run/user/0 //192.168.174.128/share 50G 2.0G 49G 4% /smbdir //最后一行说明挂载成功
三、测试
1、首先在客户端创建两个文件,然后在服务端查看
//SMBclient [root@smbclient ~]# cd /smbdir/ [root@smbclient smbdir]# ls [root@smbclient smbdir]# touch {file1,file2} [root@smbclient smbdir]# ls file1 file2 //SMBserver [root@SMBserver ~]# cd /sambadir/share/ [root@SMBserver share]# ls file1 file2
2、在windows的资源管理器上登录