samba:
將文件系統或本地共享目錄以文件系統接口的方式輸出給客戶端,客戶端主機可以直接用mount掛載到服務端共享的目錄到本地
smb:Service Message Block;
cifs:Common Internet File System
samba:Andrew Tridgell;
功能:
文件系統共享;
NetBIOS協議;
打印服務;
peer to peer(Work Group)
domain devel
LDAP:Lightweight Directory Access Protocol
安裝samba:
yum install -y samba samba-client
程序環境:
配置文件:
/etc/samba/smb.conf
主程序:
nmbd:Network Naming Service,主要是爲了完成 NetBIOS 名稱解析
smbd:SMB/CIFS Service;完成或者是實現文件共享能夠成型的最基本的程序
Unit File:
/usr/lib/systemd/system/nmb.service
/usr/lib/systemd/system/smb.service
監聽的端口:
137/udp, 138/udp
139/tcp, 445/tcp
客戶端程序:
mount -t cifs = mount.cifs
smbclient:交互式命令行客戶端工具;
mount -t cifs //10.1.68.13/wal /tmp -o username=doodle,password=2wsx*963.
mount.cifs //10.1.68.13/wal /tmp -o user=doodle,password=2wsx*963.
samba的配置:
/etc/samba/smb.conf
#======================= Global Settings =====================================
# ----------------------- Network-Related Options -------------------------
# --------------------------- Logging Options -----------------------------
# ------------------- Standalone Server Options //獨立服務選項------------------------
# ----------------------- Domain Members Options ------------------------
# ----------------------- Domain Controller Options ------------------------
# ---------------Browser Control Options //瀏覽器控制選項----------------------------
#----------------------------- Name Resolution -------------------------------
# ----------------- Printing Options //打印相關--------------------------
# --------------------------- File System Options ---------------------------
#============================ Share Definitions ==============================
兩類配置段:
全局配置:
[global]
workgroup = MYGROUP//windows下的工作組是workgroup,所以這裏改爲workgroup
server string = Samba Server Version %v
interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 指明要監聽的地址或網絡接口;
hosts allow = 127. 192.168.12. 192.168.13.
#訪問控制,允許的主機
log file = /var/log/samba/log.%m
#每個客戶端將使用單獨的日誌信息
max log size = 50 //單位爲kB
security = user
share (depricated)
server (depricated)
domain
passdb backend = tdbsam
load printers = yes
cups options = raw
samba配置匿名訪問
CentOS6中直接設置全局配置段
security = share
CentOS7中由於security = share已經被廢棄需要全局配置段中添加
map to guest = bad user
配置文件詳細配置段:
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = centos
security = user
map to guest = bad user
dns proxy = no
#============================ Share Definitions ==============================
[Anonymous]
path = /samba/anonymous
browsable =yes
writable = yes
guest ok = yes
read only = no
配置完成後設置匿名共享目錄:
cd /
mkdir samba/anonymous
cd /samba/
[root@localhost samba]# chmod -R 0755 anonymous/
[root@localhost samba]# chown -R nobody:nobody anonymous/
[root@localhost samba]# chcon -t samba_share_t anonymous/
啓動samba:systemctl start smb.service
共享文件系統:
[shared_ID]
有三類:
[homes]:每個samba用戶是否能夠通過samba服務訪問其家目錄;
[printers]:打印服務;
[shared_FS]:用戶自定義的共享目錄;
常用指令:
comment:註釋信息;
path:本地文件系統路徑;
browseable:是否可瀏覽,是否爲用戶可見;
guest ok:是否允許來賓賬號訪問;
guest ok = yes 和 public = yes是一樣的
public:是否公開給所有來賓;
writable:是否可寫;
read only = no
write list:擁有寫權限的用戶或組列表;
用戶名
@組名, +組名
samba用戶管理:
smbpasswd, pdbedit
smbpasswd [OPTIONS] USERNAME
-a:添加
-x:刪除
-d:禁用
-e:啓用
pdbedit:
-L:列出samba服務中的所有用戶;
-a:添加用戶爲samba用戶;
-u USERNAME:
-x:刪除
-t:從標準輸出接收密碼;
訪問服務:
(1) smbclient交互式客戶端程序:
(1) 查看目標服務上的共享
smbclient -L SMB_SERVER [-U USERNAME]
(2) 訪問共享服務
smbclient //SMB_SERVER[/SHARE_NAME] [-U USERNAME]
(2)mount.cifs
mount -t cifs //SMB_SERVER/SHARED_ID /MOUNT_POINT -o username=USER,password=PASS
注意:掛載操作中的用戶,與-o選項中指定的用戶直接產生映射關係;訪問掛載,是以-o選項指定的用戶身份運行,與本地用戶以ID產生映射;
自定義共享的方式:
[shared_ID]
comment =
path =
guest ok =
read only =
public =
browseable =
write list =
注意:定義所用戶在服務級的寫權限write = yes (read only = no)不建議與write list同時使用;
smbstatus命令:
顯示samba服務的相關共享的訪問狀態信息;
-b:顯示簡要格式信息;
-v:顯示詳細格式信息;