环境:CentOS Linux release 7.3.1611 (Core)
安装:yum install samba samba-client
配置samba
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
vim
/etc/samba/smb
.conf
[global]
workgroup = WORKGROUP
server string = Samba Server Version %
v
netbios name = zhi
map to guest = bad user
log
file
=
/var/log/samba/log
.%m
max log size = 50
security = user
passdb backend = tdbsam
[share]
#无帐号密码即可访问
comment = share
path =
/data/share
browseable=
yes
create mask = 0644
directory mask = 0755
guest ok =
yes
#指定该共享是否允许guest账户访问即匿名访问 默认是no
[share1]
#需要帐号密码才能访问
comment = share1
path =
/data/share1
valid
users
= zhi
#白名单用户或组
write list = zhi
#可写用户或组列表
create mask = 0755
directory mask = 0755
|
share无需帐号即可访问,share1需要帐号才能访问。
samba的访问帐号需要设置,而且必须是系统用户。
创建系统用户
1
|
useradd
zhi -s
/sbin/nologin
|
设置samba帐号密码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
[root@jenkins samba]
# pdbedit -a -u zhi
new password:
retype new password:
Unix username: zhi
NT username:
Account Flags: [U ]
User SID: S-1-5-21-4122702104-983005384-4239704784-1000
Primary Group SID: S-1-5-21-4122702104-983005384-4239704784-513
Full Name:
Home Directory: \\zhi\zhi
HomeDir Drive:
Logon Script:
Profile Path: \\zhi\zhi\profile
Domain: ZHI
Account desc:
Workstations:
Munged dial:
Logon
time
: 0
Logoff
time
: 三, 06 2月 2036 23:06:39 CST
Kickoff
time
: 三, 06 2月 2036 23:06:39 CST
Password last
set
: 日, 12 3月 2017 18:21:24 CST
Password can change: 日, 12 3月 2017 18:21:24 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
查看Samba用户列表
1
2
3
|
[root@jenkins samba]
# pdbedit -L
zhi:1000:
test
:1001:
|
启动samba服务 systemctl start smb
共享目录的参数介绍
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
[MyShare]
comment = grind’s
file
#对共享备注
path =
/home/grind
#共享文件系统路径
allow hosts = host(subnet)
#允许访问的主机
deny hosts = host(subnet)
#禁止访问的主机
writable =
yes
|no
#是否可写
readonly
=
yes
|no
#是否只读
user = user(@group)
#可使用该资源的用户
valid
users
= user(@group)
#白名单用户或组
invalid
users
= user(@group)
#黑名单用户或组
read
list = user(@group)
#只读用户或组列表
write list = user(@group)
#可写用户或组列表
admin list = user(@group)
#指定能管理该共享资源(包括读写和权限赋予等)的用户和组
public =
yes
|no
#是否能给游客帐号访问
guest ok =
yes
|no
#是否能给游客账号访问
hide dot files =
yes
|no
#是否像unix那样隐藏以“.”号开头的文件
create mode = 0755
#指明新建立的文件的属性,一般是0755
directory mode = 0755
#指明新建立的目录的属性,一般是0755
sync
always =
yes
|no
#指明对该共享资源进行写操作后是否进行同步操作
short preserve
case
=
yes
|no
#指明是否区分文件名大小写。
preserve
case
=
yes
|no
#指明保持大小写。
case
sensitive =
yes
|no
#指明是否对大小写敏感,一般选no,不然可能引起错误。
mangle
case
=
yes
|no
#指明混合大小写
default
case
= upper|lower
#指明缺省的文件名是全部大写还是小写
force user = grind
#强制把建立文件的属主是谁
wide links =
yes
|no
#指明是否允许共享外符号连接
max connections = 100
#设定同时连接数
delete
readonly
=
yes
|no
#指明能否删除共享资源里面已经被定义为只读的文件
|
本文转自 irow10 51CTO博客,原文链接:http://blog.51cto.com/irow10/1906906,如需转载请自行联系原作者