smaba-阿里云开发者社区

samba

1samba作用

提供cifs协议实现共享文件

2安装

yum install samba samba-common samba-client -y

systemctl start smb nmb

systemctl enable smb nmb

3添加smb用户

首先系统中要有用户

[root@westos ~]# id student

uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)

[root@westos ~]# smbpasswd -a student 创建smb用户

New SMB password:

Retype new SMB password:

Added user student.

[root@westos ~]# pdbedit -L 查看smb用户信息

student:1000:Student User

[root@westos ~]# pdbedit -x student 删除smb用户

[root@westos ~]# pdbedit -L

[root@westos ~]# setsebool -P samba_enable_home_dirs on 在selinux中可以访问自己的家目录

测试

[root@westos ~]# smbclient //172.25.254.114/student -U student

Enter student's password:

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

. D 0 Thu Jul 10 19:06:52 2014

.. D 0 Thu Jul 10 18:19:09 2014

.bash_logout H 18 Wed Jan 29 07:45:18 2014

.bash_profile H 193 Wed Jan 29 07:45:18 2014

.bashrc H 231 Wed Jan 29 07:45:18 2014

.ssh DH 0 Thu Jul 10 18:19:10 2014

.config DH 0 Thu Jul 10 19:06:53 2014

40913 blocks of size 262144. 28544 blocks available

4共享目录

[root@westos ~]# vim /etc/samba/smb.conf

[jj] 共享名称

comment = local.public 对共享目录的描述

path = /mnt 共享目录的绝对路径

workgroup = WESTOS 共享目录的组

[root@westos mnt]# mkdir /smbshare

[root@westos mnt]# touch /smbshare/westosxxx

[root@westos mnt]# vim /etc/samba/smb.conf

[jj]

comment = local.public

path = /smbshare

[root@westos mnt]# setsebool -P samba_enable_home_dirs 0

[root@westos mnt]# semanage fcontext -a -t samba_share_t '/smbshare(/.*）？'

/etc/selinux/targeted/contexts/files/file_contexts.local: line 4 has invalid regex /smbshare(/.*）？: missing )

PCRE compilation failed for ^/smbshare(/.*）？$ at offset 21: missing )

libsemanage.sefcontext_compile: sefcontext_compile returned error code 255. Compiling /etc/selinux/targeted/contexts/files/file_contexts.local

/etc/selinux/targeted/contexts/files/file_contexts.local: line 4 has invalid regex /smbshare(/.*）？: missing )

PCRE compilation failed for ^/smbshare(/.*）？$ at offset 21: missing )

libsemanage.sefcontext_compile: sefcontext_compile returned error code 255. Compiling /etc/selinux/targeted/contexts/files/file_contexts.local

ValueError: Could not commit semanage transaction

[root@westos mnt]# restorecon -RvvF /smbshare

[root@westos mnt]# smbclient //172.25.254.114/jj -U student

Enter student's password:

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

. D 0 Sat Jun 3 02:36:48 2017

.. D 0 Sat Jun 3 02:36:38 2017

westosxxx N 0 Sat Jun 3 02:36:48 2017

40913 blocks of size 262144. 28544 blocks available

smb: \>

semanage fcontext -a -t samba_share_t '目录名称(/.*）？‘ 配置安全上下文

restorecon -RvvF 目录名称

[root@westos ~]# touch /mnt/file{1..10}

[root@westos ~]# cd /mnt

[root@westos mnt]# ls

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9

[root@westos mnt]# smbclient //172.25.254.114/jj -U student

Enter student's password:

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

. D 0 Thu Jul 10 19:06:52 2014

.. D 0 Thu Jul 10 18:19:09 2014

.bash_logout H 18 Wed Jan 29 07:45:18 2014

.bash_profile H 193 Wed Jan 29 07:45:18 2014

.bashrc H 231 Wed Jan 29 07:45:18 2014

.ssh DH 0 Thu Jul 10 18:19:10 2014

.config DH 0 Thu Jul 10 19:06:53 2014

40913 blocks of size 262144. 28545 blocks available

smb: \>

[root@westos mnt]# setsebool -P samba_export_all_ro on 只读共享

[root@westos mnt]# setsebool -P samba_export_all_rw on 读写共享

[root@westos ~]# setsebool -P samba_enable_home_dirs on

[root@westos mnt]# smbclient //172.25.254.114/jj -U student

Enter student's password:

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

. D 0 Sat Jun 3 02:28:28 2017

.. D 0 Sat Jun 3 01:30:28 2017

file1 N 0 Sat Jun 3 02:28:28 2017

file2 N 0 Sat Jun 3 02:28:28 2017

file3 N 0 Sat Jun 3 02:28:28 2017

file4 N 0 Sat Jun 3 02:28:28 2017

file5 N 0 Sat Jun 3 02:28:28 2017

file6 N 0 Sat Jun 3 02:28:28 2017

file7 N 0 Sat Jun 3 02:28:28 2017

file8 N 0 Sat Jun 3 02:28:28 2017

file9 N 0 Sat Jun 3 02:28:28 2017

file10 N 0 Sat Jun 3 02:28:28 2017

40913 blocks of size 262144. 28545 blocks available

smb: \>

匿名用户登陆

[root@westos mnt]# smbclient //172.25.254.114/jj

Enter root's password:

Anonymous login successful

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

tree connect failed: NT_STATUS_ACCESS_DENIED

[root@westos mnt]# vim /etc/samba/smb.conf

123 security = user

124 passdb backend = tdbsam

125 map to guest = bad user

321 [jj]

322 comment = local.public

323 path = /smbshare

324 guest ok = yes

[root@westos mnt]# systemctl restart smb.service

[root@westos mnt]# smbclient //172.25.254.114/jj

Enter root's password:

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

. D 0 Sat Jun 3 02:36:48 2017

.. D 0 Sat Jun 3 02:36:38 2017

westosxxx N 0 Sat Jun 3 02:36:48 2017

40913 blocks of size 262144. 28545 blocks available

smb: \>

访问控制

hosts allow = 域名仅允许

host deny = 域名仅拒绝

[jj]

comment = local.public

path = /smbshare

valid users = westos 当前共享有效用户

valid users = +westos 当前共享有效用户组

valid users = @westos 当前共享有效用户组

[root@westos mnt]# smbclient //172.25.254.114/jj -U student

Enter student's password:

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

tree connect failed: NT_STATUS_ACCESS_DENIED

所有用户均可写

服务器

[root@westos mnt]# vim /etc/samba/smb.conf

[jj]

comment = local.public

path = /mnt

writable = yes 是否可写

[root@westos mnt]# setsebool -P samba_export_all_rw on

[root@westos mnt]# chmod o+w /mnt

客机

[root@foundation14 ~]# mount -o username=student,password=westos //172.25.254.114/jj /mnt/ 【smb共享目录】【smb用户名以及密码】

[root@foundation14 ~]# cd /mnt

[root@foundation14 mnt]# ls

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9 jj

[root@foundation14 mnt]# touch kill

[root@foundation14 mnt]# ls

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9 jj kill

[root@foundation14 mnt]#

指定用户可写

write list = student 可写用户

write list = +student 可写用户组

write list = @student

admin users = westos 共享超级用户指定

smb多用户挂载

在客机上【不在服务器】

[root@foundation14 ~]# vim /root/westos

username=student

password=westos

[root@foundation14 ~]# chmod 600 /root/westos

[root@foundation14 ~]# yum install cifs-utils -y

[root@foundation14 ~]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.114/jj /mnt/

credentials=/root/westos 指定挂载时的认证文件

sec=ntlmssp smb认证方式

multiuser 支持多用户认证

测试

su - kiosk

ls /mnt

[kiosk@foundation14 ~]$ ls /mnt

ls: cannot access /mnt: Permission denied 没有认证无法访问

[kiosk@foundation14 ~]$ cifscreds add -u student 172.25.254.114 认证

Password:

[kiosk@foundation14 ~]$ ls /mnt

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9 jj kill

本文转自铁骑传说51CTO博客，原文链接：http://blog.51cto.com/ybzbfs/1933551 ，如需转载请自行联系原作者

smaba

热门文章

最新文章

相关电子书