samba文件共享服务的配置
samba文件共享服务的配置
服务端配置
一、安装samba软件包
命令:yum -y install samba
查看是否安装samba。
1 [root@Centos7-Server haha]# 2 [root@Centos7-Server haha]# rpm -qa |grep "samba" 3 samba-common-tools-4.8.3-4.el7.x86_64 4 samba-client-libs-4.8.3-4.el7.x86_64 5 samba-4.8.3-4.el7.x86_64 6 samba-common-libs-4.8.3-4.el7.x86_64 7 samba-client-4.8.3-4.el7.x86_64 8 samba-libs-4.8.3-4.el7.x86_64 9 samba-common-4.8.3-4.el7.noarch 10 [root@Centos7-Server haha]#
二、修改配置文件/etc/samba/smb.conf
1 [root@Centos7-Server haha]# vim /etc/samba/smb.conf 2 3 4 passdb backend = tdbsam 5 6 printing = cups 7 printcap name = cups 8 load printers = yes 9 cups options = raw 10 11 [homes] 12 comment = Home Directories 13 valid users = %S, %D%w%S 14 browseable = No 15 read only = No 16 inherit acls = Yes 17 18 [printers] 19 comment = All Printers 20 path = /var/tmp 21 printable = Yes 22 create mask = 0600 23 browseable = No 24 25 [print$] 26 comment = Printer Drivers 27 path = /var/lib/samba/drivers 28 write list = @printadmin root 29 force group = @printadmin 30 create mask = 0664 31 directory mask = 0775 32 [common] 33 path = /common 34 #read only =No 35 write list = yck 36 37 [sharetest] #自定义名称 38 path = /sharetest # 共享目录的路径 39 write list = yck #允许yck用户具有写的权限,当用yck用户认证访问共享目录时,如果想在共享目录中创建删除,需要将认证的用户添加到这里。 40
三、创建共享的目录/sharetest,并配置acl定制权限。yck用户可读可写可执行。为yck用户创建samba认证密码。
[root@Centos7-Server /]# [root@Centos7-Server /]# [root@Centos7-Server /]# pdbedit -a yck new password:123 retype new password:123 Unix username: yck NT username: Account Flags: [U ] User SID: S-1-5-21-2724557272-74377362-1933674451-1000 Primary Group SID: S-1-5-21-2724557272-74377362-1933674451-513 Full Name: yck Home Directory: \\centos7-server\yck HomeDir Drive: Logon Script: Profile Path: \\centos7-server\yck\profile Domain: CENTOS7-SERVER Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Wed, 06 Feb 2036 23:06:39 CST Kickoff time: Wed, 06 Feb 2036 23:06:39 CST Password last set: Wed, 17 Apr 2019 13:57:43 CST Password can change: Wed, 17 Apr 2019 13:57:43 CST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [root@Centos7-Server /]# [root@Centos7-Server /]#
1 [root@Centos7-Server /]# mkdir sharetest #创建sharetest目录 2 [root@Centos7-Server /]# setfacl -m u:yck:rwx sharetest/ #配置acl,yck对sharetest目录具有rwx权限 3 [root@Centos7-Server /]# ll 4 total 28 5 lrwxrwxrwx. 1 root root 7 Apr 12 15:47 bin -> usr/bin 6 dr-xr-xr-x. 5 root root 4096 Apr 17 10:56 boot 7 drwxr-xr-x. 2 root root 21 Apr 17 10:48 common 8 drwxr-xr-x. 19 root root 3200 Apr 17 10:55 dev 9 drwxr-xr-x. 140 root root 8192 Apr 17 11:11 etc 10 drwxr-xr-x. 3 root root 17 Apr 12 15:59 home 11 lrwxrwxrwx. 1 root root 7 Apr 12 15:47 lib -> usr/lib 12 lrwxrwxrwx. 1 root root 9 Apr 12 15:47 lib64 -> usr/lib64 13 drwxr-xr-x. 2 root root 6 Apr 11 2018 media 14 drwxr-xr-x. 2 root root 0 Apr 17 10:48 mnt 15 drwxr-xr-x. 3 root root 16 Apr 12 15:52 opt 16 dr-xr-xr-x. 180 root root 0 Apr 17 10:55 proc 17 dr-xr-x---. 16 root root 4096 Apr 17 13:38 root 18 drwxr-xr-x. 42 root root 1320 Apr 17 11:16 run 19 lrwxrwxrwx. 1 root root 8 Apr 12 15:47 sbin -> usr/sbin 20 drwxrwxr-x+ 3 root root 31 Apr 17 11:52 sharetest #+表示具有其他的权限配置 21 drwxr-xr-x. 2 root root 6 Apr 11 2018 srv 22 dr-xr-xr-x. 13 root root 0 Apr 17 10:55 sys 23 drwxrwxrwt. 26 root root 4096 Apr 17 13:39 tmp 24 drwxr-xr-x. 13 root root 155 Apr 12 15:47 usr 25 drwxr-xr-x. 22 root root 4096 Apr 12 16:56 var 26 [root@Centos7-Server /]#
四、selinux配置samba的读写功能的开启
查看samba的读写功能是否开启。
1 [root@Centos7-Server /]# 2 [root@Centos7-Server /]# getsebool -a |grep "samba" 3 samba_create_home_dirs --> off 4 samba_domain_controller --> off 5 samba_enable_home_dirs --> off 6 samba_export_all_ro --> off #读权限关闭 7 samba_export_all_rw --> off #写权限关闭 8 samba_load_libgfapi --> off 9 samba_portmapper --> off 10 samba_run_unconfined --> off 11 samba_share_fusefs --> off 12 samba_share_nfs --> off 13 sanlock_use_samba --> off 14 tmpreaper_use_samba --> off 15 use_samba_home_dirs --> off 16 virt_use_samba --> off 17 [root@Centos7-Server /]#
开启读写功能
1 [root@Centos7-Server /]# 2 [root@Centos7-Server /]# setsebool samba_export_all_ro on 3 [root@Centos7-Server /]# setsebool samba_export_all_rw on 4 [root@Centos7-Server /]# getsebool -a |grep "samba" 5 samba_create_home_dirs --> off 6 samba_domain_controller --> off 7 samba_enable_home_dirs --> off 8 samba_export_all_ro --> on 9 samba_export_all_rw --> on 10 samba_load_libgfapi --> off 11 samba_portmapper --> off 12 samba_run_unconfined --> off 13 samba_share_fusefs --> off 14 samba_share_nfs --> off 15 sanlock_use_samba --> off 16 tmpreaper_use_samba --> off 17 use_samba_home_dirs --> off 18 virt_use_samba --> off 19 [root@Centos7-Server /]#
五、防火墙(将默认区域设置为trusted)
1 [root@Centos7-Server /]# 2 [root@Centos7-Server /]# firewall-cmd --set-default-zone=trusted 3 success 4 [root@Centos7-Server /]# firewall-cmd --get-default-zone 5 trusted 6 [root@Centos7-Server /]#
六、挂载使用。
安装cifs-utils软件包,用于支持cifs协议。samba用cifs协议传输数据。
1 [root@Centos7-Server /]# 2 [root@Centos7-Server /]# yum -y install cifs-utils 3 [root@Centos7-Server /]# 4 [root@Centos7-Server /]# 5 [root@Centos7-Server /]# mount -t cifs -o user=yck,pass=123 //192.168.0.50/sharetest /mnt 6 [root@Centos7-Server /]# df -h 7 Filesystem Size Used Avail Use% Mounted on 8 /dev/sda2 36G 4.1G 32G 12% / 9 devtmpfs 895M 0 895M 0% /dev 10 tmpfs 910M 0 910M 0% /dev/shm 11 tmpfs 910M 11M 900M 2% /run 12 tmpfs 910M 0 910M 0% /sys/fs/cgroup 13 tmpfs 182M 0 182M 0% /run/user/0 14 tmpfs 182M 12K 182M 1% /run/user/42 15 //192.168.0.251/linux 62G 33G 30G 53% /root/share 16 //192.168.0.50/common 36G 4.1G 32G 12% /mnt 17 //192.168.0.50/sharetest 36G 4.1G 32G 12% /mnt 18 [root@Centos7-Server /]#
mount -t cifs -o user=yck, pass=123 //192.168.0.50/sharetest /mnt
命令 指定我文件系统类型 cifs文件系统 表示后面跟参数 用户名 密码 共享位置 挂载点
永久挂载,科技自动挂载。
1 root@yck-virtual-machine:/# 2 root@yck-virtual-machine:/# cat /etc/fstab 3 # /etc/fstab: static file system information. 4 # 5 # Use 'blkid' to print the universally unique identifier for a 6 # device; this may be used with UUID= as a more robust way to name devices 7 # that works even if disks are added and removed. See fstab(5). 8 # 9 # <file system> <mount point> <type> <options> <dump> <pass> 10 # / was on /dev/sda1 during installation 11 UUID=231caf54-bdcd-4a5b-b3a0-116b3b97ef51 / ext4 errors=remount-ro 0 1 12 /swapfile none swap sw 0 0 13 #/dev/sdb5 /home/yck/part ext4 defaults 0 0 14 #/dev/yck_vg/yck_data /home/yck/part ext4 defaults 0 1 15 //192.168.0.50/sharetest /mnt cifs defaults,user=yck,pass=123,_netdev 0 0 #挂载网络共享文件夹 16 root@yck-virtual-machine:/#
//192.168.0.50/sharetest /mnt cifs defaults,user=yck,pass=123,_netdev 0 0
共享目录、共享位置 挂载点 文件系统 参数 用户名 密码 声明该挂载为网络设备 备份标记 不检测
测试、etc/fstab 里面的配置是否有误,挂载是否成功。
1 root@yck-virtual-machine:/# mount -a 2 root@yck-virtual-machine:/#
mount -a 不报错表示配置文件无误,挂载成功。但必须先确保该挂载位置未事先挂载才能进行测试。不然不管怎么测都是不会报错的。
