Samba服务搭建

Samba服务

smbd139 提供共享访问
nmbd445 提供基于域名的访问

Server：
1、确认server和client分别是哪两台主机：
server ： rhel7.3
client : windows10
2、实现两台主机的网络互联：
server: 192.168.200.10
ping 192.168.200.1
3、确认yum是否可用
[root@server ~]# yum clean all
[root@server ~]# yum repolist

先确认系统镜像是否连入虚拟机光驱（cd/dvd）

[root@server ~]#mount /dev/cdrom /media/
[root@server ~]# cd /media/
[root@server media]# ls
addons isolinux repodata
EFI LiveOS RPM-GPG-KEY-redhat-beta
EULA media.repo RPM-GPG-KEY-redhat-release
GPL Packages TRANS.TBL
images release-notes
[root@server media]# cd /etc/yum.repos.d/
[root@server yum.repos.d]# cat local.repo
[rhel]
name=rhel
baseurl=file:///media
enabled=1
gpgcheck=0
[root@server yum.repos.d]# vi /etc/fstab

/etc/fstab

Created by anaconda on Mon Mar 8 14:10:06 2021

Accessible filesystems, by reference, are maintained under '/dev/disk'

See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

/dev/mapper/rhel-root / xfs defaults 0 0
UUID=c3b452a2-90bd-475d-aaf6-9292396c7e74 /boot xfs defaults 0 0
/dev/mapper/rhel-swap swap swap defaults 0 0
/dev/cdrom /media iso9660 defaults 0 0
[root@server yum.repos.d]# umount /media/
[root@server yum.repos.d]# mount -a
mount: /dev/sr0 is write-protected, mounting read-only
[root@server ~]# yum -y install samba*
[root@server ~]# mkdir -p /opt/samba
[root@server samba]# touch flag
[root@server samba]# ls
flag
[root@server samba]# cd /etc/samba/
[root@server samba]# ls
lmhosts smb.conf smb.conf.example
[root@server samba]#vi /etc/samba/smb.conf.example

克隆会话进行下面selinux的配置

[root@server samba]#setsebool -P samba_domain_controller on
[root@server samba]#setsebool -P samba_enable_home_dirs on
[root@server samba]#chcon -t samba_share_t /opt/samba/
[root@server samba]#setsebool -P samba_export_all_rw on
[root@server opt]# cat /etc/samba/smb.conf

See smb.conf.example for a more detailed config file or

read the smb.conf manpage.

Run 'testparm' to verify the config is correct after

you modified it.

[global]
workgroup = SAMBA
security = user

​ passdb backend = tdbsam
​ printing = cups
​ printcap name = cups
​ load printers = yes
​ cups options = raw

[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes

[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root
create mask = 0664
directory mask = 0775
[chenglu]
comment = chenglu directories
path = /opt/samba
interfaces = 192.168.200.10/24
hosts allow = 192.168.200.
browseable = yes
valid users = luna,tom,jeccy
write list = luna
[root@server ~]#testparm #检测Samba配置文件格式正确与否
[root@server ~]# useradd luna #先创建系统用户
[root@server ~]#useradd tom
[root@server ~]# useradd jeccy
[root@server ~]#passwd luna
[root@server ~]#passwd tom
[root@server ~]#passwd jeccy
[root@server ~]#smbpasswd -a luna #再创建为Samba用户
[root@server ~]#smbpasswd -a tom
[root@server ~]#smbpasswd -a jeccy
[root@server ~]#pdbedit -L
[root@server ~]#systemctl restart smb
[root@server ~]#systemctl restart nmb
[root@server ~]#netstat -pant
[root@server ~]#systemctl stop firewalld
[root@server ~]#systemctl disable firewalld
[root@server ~]#chmod -R o+w samba/

client：
一、Windows作client：
CIFS特点：windows会自动记录上次访问的用户，所以第一次访问的用户，下一次仍旧默认使用该用户访问。解决用户切换的方法：进入cmd，输入net use * /del命令，等待若干分钟后，即可切换其他用户登录Samba服务器。
二、Linux作client：
1)单用户访问：
方法一：使用Samba的Linux客户端软件访问

[root@client ~]yum -y install samba-client
[root@client ~]smbclient -U barnet //192.168.100.10/common
smb: > mkdir aaa #测试barnet写权限
smb: > ls
[root@client ~]smbclient -U yoyo //192.168.100.10/common
smb: > mkdir bbb #测试yoyo写权限
smb: > ls

方法二：使用挂载方式访问

[root@client ~]mount -t cifs -o username=barnet,password=000000 //192.168.100.10/common /mnt
[root@client ~]cd /mnt
[root@client ~]ls
[root@client ~]touch abc #测试barnet写权限
[root@client ~]mount -t cifs -o username=yoyo,password=000000 //192.168.100.10/yoyo /mnt
[root@client ~]ls[root@client ~]touch abc #测试yoyo写权限
2)多用户访问：
[root@client ~]yum -y install samba-client cifs-utils
[root@client ~]mkdir -p /mnt/multi
[root@client ~]vim /etc/fstab
于末行添加：//192.168.100.10/common /mnt/multi cifs username=barnet,password=000000,multiuser,sec=ntlmssp 0 0
[root@client ~]mount -a #先使用barnet获取common的读权限，注意：如果这步做掉了，后面的yoyo就获取不到common内容
[root@client ~]cd /mnt/multi
[root@client ~]ls
[root@client ~]touch barnet
touch: cannot touch ‘barnet’: Permission denied #测试barnet写权限
[root@client ~]su - luna [luna@client ~]cifscreds add -u yoyo server #使用yoyo登录并临时获取写权限
[luna@client ~]cd /mnt/multi
[luna@client ~]ls
[luna@client ~]touch yoyo

方法二：使用挂载方式访问
[root@client ~]mount -t cifs -o username=barnet,password=000000 //192.168.100.10/common /mnt
[root@client ~]cd /mnt
[root@client ~]ls
[root@client ~]touch abc #测试barnet写权限
[root@client ~]mount -t cifs -o username=yoyo,password=000000 //192.168.100.10/yoyo /mnt
[root@client ~]ls
[root@client ~]touch abc #测试yoyo写权限
2)多用户访问：
[root@client ~]yum -y install samba-client cifs-utils
[root@client ~]mkdir -p /mnt/multi
[root@client ~]vim /etc/fstab
于末行添加：//192.168.100.10/common /mnt/multi cifs username=barnet,password=000000,multiuser,sec=ntlmssp 0 0
[root@client ~]mount -a #先使用barnet获取common的读权限，注意：如果这步做掉了，后面的yoyo就获取不到common内容
[root@client ~]cd /mnt/multi
[root@client ~]ls
[root@client ~]touch barnet
touch: cannot touch ‘barnet’: Permission denied #测试barnet写权限
[root@client ~]su - luna
[luna@client ~]cifscreds add -u yoyo server #使用yoyo登录并临时获取写权限
[luna@client ~]cd /mnt/multi
[luna@client ~]ls
[luna@client ~]touch yoyo

selinux 关掉 所有功能被默许