1
Samba簡介
Samba是一個能讓Linux系統應用Microsoft網絡通訊協議的軟件,而SMB是Server Message Block的縮寫,即爲服務器消息塊 ,SMB主要是作爲Microsoft的網絡通訊協議,後來Samba將SMB通信協議應用到了Linux系統上,就形成了現在的Samba軟件。後來微軟又把 SMB 改名爲 CIFS(Common Internet File System),即公共 Internet 文件系統,並且加入了許多新的功能,這樣一來,使得Samba具有了更強大的功能。
Samba最大的功能就是可以用於Linux與windows系統直接的文件共享和打印共享,Samba既可以用於windows與Linux之間的文件共享,也可以用於Linux與Linux之間的資源共享,由於NFS(網絡文件系統)可以很好的完成Linux與Linux之間的數據共享,因而 Samba較多的用在了Linux與windows之間的數據共享上面。
SMB是基於客戶機/服務器型的協議,因而一臺Samba服務器既可以充當文件共享服務器,也可以充當一個Samba的客戶端,例如,一臺在Linux 下已經架設好的Samba服務器,windows客戶端就可以通過SMB協議共享Samba服務器上的資源文件,同時,Samba服務器也可以訪問網絡中 其它windows系統或者Linux系統共享出來的文件。
Samba在windows下使用的是NetBIOS協議,如果你要使用Linux下共享出來的文件,請確認你的windows系統下是否安裝了NetBIOS協議。
組成Samba運行的有兩個服務,一個是SMB,另一個是NMB;SMB是Samba 的核心啓動服務,主要負責建立 Linux Samba服務器與Samba客戶機之間的對話, 驗證用戶身份並提供對文件和打印系統的訪問,只有SMB服務啓動,才能實現文件的共享,監聽139 TCP端口;而NMB服務是負責解析用的,類似與DNS實現的功能,NMB可以把Linux系統共享的工作組名稱與其IP對應起來,如果NMB服務沒有啓動,就只能通過IP來訪問共享文件,監聽137和138 UDP端口。
Samba服務器可實現如下功能:WINS和DNS服務; 網絡瀏覽服務; Linux和Windows域之間的認證和授權; UNICODE字符集和域名映射;滿足CIFS協議的UNIX共享等。
2
按下面的要求實做一個
通過 SMB 共享 /share 目錄
您的 SMB 服務器必須是 WORKGROUP 工作組的一個成員,共享名必須爲 public。
用戶 zxw 能夠讀取共享中的內容。
基本上首先是安裝、配置Samba共享目錄;第二是使用zxw用戶能夠訪問共享盤;第三是防火牆和se要配置爲能夠訪問Samba共享。
3
沒看出來samba裝沒裝
[root@beiigang ~]# rpm -qa | grep -i samba
samba-winbind-clients-3.6.9-164.el6.x86_64
samba-client-3.6.9-164.el6.x86_64
samba4-libs-4.0.0-58.el6.rc4.x86_64
samba-winbind-3.6.9-164.el6.x86_64
samba-common-3.6.9-164.el6.x86_64
有配置文件等
[root@beiigang ~]# find / -name samba
/etc/samba
/etc/sysconfig/samba
/usr/lib64/samba
/var/log/samba
/var/lib/samba
[root@beiigang ~]#
到底裝沒裝
裝完後如下,看來是先前沒裝
[root@beiigang ~]# rpm -qa | grep -i samba
samba-common-3.6.23-12.el6.x86_64
samba-3.6.23-12.el6.x86_64
samba4-libs-4.0.0-58.el6.rc4.x86_64
samba-winbind-3.6.23-12.el6.x86_64
samba-winbind-clients-3.6.23-12.el6.x86_64
samba-client-3.6.23-12.el6.x86_64
4
不管裝沒裝,先刪
[root@beiigang ~]# yum remove samba
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Remove Process
No Match for argument: samba
Loading mirror speeds from cached hostfile
* base: centos.ustc.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Package(s) samba available, but not installed.
No Packages marked for removal
5
安裝
[root@beiigang ~]# yum search samba
查一下相關包
[root@beiigang ~]# yum -y install samba
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.bit.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.bit.edu.cn
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:3.6.23-12.el6 will be installed
。。。
Installed:
samba.x86_64 0:3.6.23-12.el6
Dependency Updated:
libsmbclient.x86_64 0:3.6.23-12.el6 samba-client.x86_64 0:3.6.23-12.el6 samba-common.x86_64 0:3.6.23-12.el6
samba-winbind.x86_64 0:3.6.23-12.el6 samba-winbind-clients.x86_64 0:3.6.23-12.el6
Complete!
6
裝完後如下,多了個samba-3.6.23-12.el6.x86_64
[root@beiigang ~]# rpm -qa | grep -i samba
samba-common-3.6.23-12.el6.x86_64
samba-3.6.23-12.el6.x86_64
samba4-libs-4.0.0-58.el6.rc4.x86_64
samba-winbind-3.6.23-12.el6.x86_64
samba-winbind-clients-3.6.23-12.el6.x86_64
samba-client-3.6.23-12.el6.x86_64
7
查詢啓動方式
[root@beiigang ~]# rpm -ql samba | grep '/etc'
/etc/logrotate.d/samba
/etc/openldap/schema
/etc/openldap/schema/samba.schema
/etc/pam.d/samba
/etc/rc.d/init.d/nmb
/etc/rc.d/init.d/smb
/etc/samba/smbusers
[root@beiigang ~]# /etc/init.d/smb start
Starting SMB services: [ OK ]
[root@beiigang ~]# service nmb start
Starting NMB services: [ OK ]
設置開機自啓動
chkconfig --level | grep smb
chkconfig --level 35 smb on
chkconfig --level 35 nmb on
chkconfig --level | grep smb
查看端口
[root@beiigang ~]# netstat -tunpl | grep '[sn]mb'
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2071/smbd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 2071/smbd
tcp 0 0 :::139 :::* LISTEN 2071/smbd
tcp 0 0 :::445 :::* LISTEN 2071/smbd
udp 0 0 192.168.18.255:137 0.0.0.0:* 21924/nmbd
udp 0 0 192.168.18.99:137 0.0.0.0:* 21924/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 21924/nmbd
udp 0 0 192.168.18.255:138 0.0.0.0:* 21924/nmbd
udp 0 0 192.168.18.99:138 0.0.0.0:* 21924/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 21924/nmbd
8
查看samba的配置文件
[root@beiigang ~]# rpm -qc samba samba-common
/etc/logrotate.d/samba
/etc/pam.d/samba
/etc/samba/smbusers
/etc/samba/lmhosts
/etc/samba/smb.conf
/etc/sysconfig/samba
[root@beiigang ~]#
9
配置
[root@beiigang ~]# vi /etc/samba/smb.conf
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
public = yes
netbios name = ZXWSamba
lanman auth = yes
client lanman auth = yes
security = share
[public]
comment = Public Stuff
path = /share
public = yes
writable = yes
10
[root@beiigang ~]# /etc/init.d/smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@beiigang ~]# service nmb status
nmbd is stopped
[root@beiigang ~]# service nmb stop
Shutting down NMB services: [FAILED]
[root@beiigang ~]# service nmb start
Starting NMB services: [ OK ]
[root@beiigang ~]# service nmb stop
Shutting down NMB services: [ OK ]
11
測試
[root@beiigang ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
netbios name = ZXWSAMBA
server string = Samba Server Version %v
lanman auth = Yes
log file = /var/log/samba/log.%m
max log size = 50
idmap config * : backend = tdb
guest ok = Yes
cups options = raw
[homes]
comment = Home Directories
read only = No
[printers]
comment = All Printers
path = /var/spool/samba
guest ok = No
printable = Yes
print ok = Yes
browseable = No
[public]
comment = Public Stuff
path = /share
read only = No
12
[root@beiigang ~]# mkdir /share
[root@beiigang ~]# cd /share/
[root@beiigang share]# touch sambatest.txt
[root@beiigang share]# chown -R nobody:nobody /share/
[root@beiigang share]# chmod -R 777 /share/
[root@beiigang share]# ll
total 0
-rwxrwxrwx. 1 nobody nobody 0 Dec 2 17:34 sambatest.txt
13
[root@beiigang share]# smbclient //192.168.18.99/public
WARNING: The security=share option is deprecated
Enter root's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23-12.el6]
Server not using user level security and no password supplied.
Server requested LANMAN password (share-level security) but 'client lanman auth = no' or 'client ntlmv2 auth = yes'
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@beiigang share]#
14
查看狀態
[root@beiigang share]# smbstatus
Samba version 3.6.23-12.el6
PID Username Group Machine
-------------------------------------------------------------------
<processes do not show up in anonymous mode>
Service pid machine Connected at
-------------------------------------------------------
public 2399 test-pc Tue Dec 2 17:05:09 2014
IPC$ 2399 test-pc Tue Dec 2 17:00:56 2014
Locked files:
Pid Uid DenyMode Access R/W Oplock SharePath Name Time
--------------------------------------------------------------------------------------------------
2399 99 DENY_NONE 0x100081 RDONLY NONE /home/share . Tue Dec 2 17:10:20 2014
15
[root@beiigang ~]# vi /etc/samba/smb.conf
security = user
[root@beiigang share]# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@beiigang share]# service nmb restart
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]
16
[root@beiigang share]# smbstatus
Samba version 3.6.23-12.el6
PID Username Group Machine
-------------------------------------------------------------------
2142 zxw zxw test-pc (192.168.18.101)
Service pid machine Connected at
-------------------------------------------------------
zxw 2142 test-pc Wed Dec 3 10:20:52 2014
zxw 2142 test-pc Wed Dec 3 10:20:52 2014
public 2142 test-pc Wed Dec 3 10:20:52 2014
IPC$ 2142 test-pc Wed Dec 3 10:20:52 2014
No locked files
看來是可以了
17
列出smb服務共享目錄
[root@beiigang share]# smbclient -L 192.168.18.99
Enter root's password:
session setup failed: NT_STATUS_LOGON_FAILURE
這是因爲登陸的用戶沒有成爲samba服務的用戶
[root@beiigang share]# smbpasswd -a zxw
New SMB password:
Retype new SMB password:
Added user zxw.
18
[root@beiigang share]# smbclient -L 192.168.18.99 -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23-12.el6]
Sharename Type Comment
--------- ---- -------
homes Disk Home Directories
public Disk Public Stuff
IPC$ IPC IPC Service (Samba Server Version 3.6.23-12.el6)
zxw Disk Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23-12.el6]
Server Comment
--------- -------
ZXWSAMBA Samba Server Version 3.6.23-12.el6
Workgroup Master
--------- -------
WORKGROUP
19
連接測試,連接成功,但看不了
[root@beiigang share]# smbclient //192.168.18.99/public -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23-12.el6]
smb: \> dir
NT_STATUS_ACCESS_DENIED listing \*
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \*
smb: \>
20
se的問題,關掉ok
[root@beiigang share]# setenforce 0
[root@beiigang share]# getenforce
Permissive
[root@beiigang share]# smbclient //192.168.18.99/public -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23-12.el6]
smb: \> ls
. D 0 Tue Dec 2 17:34:59 2014
.. DR 0 Wed Dec 3 09:20:49 2014
sambatest.txt A 0 Tue Dec 2 17:34:59 2014
55119 blocks of size 131072. 25361 blocks available
smb: \>
21
windows上看
查看、修改se設置
[root@beiigang share]# getenforce
Enforcing
[root@beiigang share]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@beiigang share]# setenforce 1
[root@beiigang share]# getenforce
Enforcing
[root@beiigang share]#
[root@beiigang share]# setsebool samba_export_all_ro 1
[root@beiigang share]# setsebool samba_export_all_rw 1
23
測試ok
[root@beiigang share]# smbclient //192.168.18.99/public -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23-12.el6]
smb: \> ls
. D 0 Tue Dec 2 17:34:59 2014
.. DR 0 Wed Dec 3 09:20:49 2014
sambatest.txt A 0 Tue Dec 2 17:34:59 2014
55119 blocks of size 131072. 25361 blocks available
smb: \> dir
. D 0 Tue Dec 2 17:34:59 2014
.. DR 0 Wed Dec 3 09:20:49 2014
sambatest.txt A 0 Tue Dec 2 17:34:59 2014
55119 blocks of size 131072. 25361 blocks available
smb: \>
24
windows上看
參考 《鳥哥私房菜》
-----------------
blog.csdn.net/beiigang