centos6.5配置samba
來源:程序員人生 發(fā)布時(shí)間:2014-12-07 10:13:57 閱讀次數(shù):4282次
1
Samba簡(jiǎn)介
Samba是1個(gè)能讓Linux系統(tǒng)利用Microsoft網(wǎng)絡(luò)通訊協(xié)議的軟件,而SMB是Server Message Block的縮寫,即為
服務(wù)器消息塊 ,SMB主要是作為Microsoft的網(wǎng)絡(luò)通訊協(xié)議,后來Samba將SMB通訊協(xié)議利用到了Linux系統(tǒng)上,就構(gòu)成了現(xiàn)在的Samba軟件。后來微軟又把 SMB 改名為 CIFS(Common Internet File System),即公共 Internet 文件系統(tǒng),并且加入了許多新的功能,這樣1來,使得Samba具有了更強(qiáng)大的功能。
Samba最大的功能就是可以用于Linux與windows系統(tǒng)直接的文件同享和打印同享,Samba既可以用于windows與Linux之間的文件同享,也能夠用于Linux與Linux之間的資源同享,由于NFS(網(wǎng)絡(luò)文件系統(tǒng))可以很好的完成Linux與Linux之間的數(shù)據(jù)同享,因此 Samba較多的用在了Linux與windows之間的數(shù)據(jù)同享上面。
SMB是基于客戶機(jī)/
服務(wù)器型的協(xié)議,因此1臺(tái)Samba
服務(wù)器既可以充當(dāng)文件同享
服務(wù)器,也能夠充當(dāng)1個(gè)Samba的客戶端,例如,1臺(tái)在Linux 下已架設(shè)好的Samba
服務(wù)器,windows客戶端就能夠通過SMB協(xié)議同享Samba
服務(wù)器上的資源文件,同時(shí),Samba
服務(wù)器也能夠訪問網(wǎng)絡(luò)中 其它windows系統(tǒng)或Linux系統(tǒng)同享出來的文件。
Samba在windows下使用的是NetBIOS協(xié)議,如果你要使用Linux下同享出來的文件,請(qǐng)確認(rèn)你的windows系統(tǒng)下是不是安裝了NetBIOS協(xié)議。
組成Samba運(yùn)行的有兩個(gè)服務(wù),1個(gè)是SMB,另外一個(gè)是NMB;SMB是Samba 的核心啟動(dòng)服務(wù),主要負(fù)責(zé)建立 Linux Samba
服務(wù)器與Samba客戶機(jī)之間的對(duì)話, 驗(yàn)證用戶身份并提供對(duì)文件和打印系統(tǒng)的訪問,只有SMB服務(wù)啟動(dòng),才能實(shí)現(xiàn)文件的同享,監(jiān)聽139 TCP端口;而NMB服務(wù)是負(fù)責(zé)解析用的,類似與DNS實(shí)現(xiàn)的功能,NMB可以把Linux系統(tǒng)同享的工作組名稱與其IP對(duì)應(yīng)起來,如果NMB服務(wù)沒有啟動(dòng),就只能通過IP來訪問同享文件,監(jiān)聽137和138 UDP端口。
Samba
服務(wù)器可實(shí)現(xiàn)以下功能:WINS和DNS服務(wù); 網(wǎng)絡(luò)閱讀服務(wù); Linux和Windows域之間的認(rèn)證和授權(quán); UNICODE字符集和域名映照;滿足CIFS協(xié)議的UNIX同享等。
2
按下面的要求實(shí)做1個(gè)
通過 SMB 同享 /share 目錄
您的 SMB
服務(wù)器必須是 WORKGROUP 工作組的1個(gè)成員,同享名必須為 public。
用戶 zxw 能夠讀取同享中的內(nèi)容。
基本上首先是安裝、配置Samba同享目錄;第2是使用zxw用戶能夠訪問同享盤;第3是防火墻和se要配置為能夠訪問Samba同享。
3
沒看出來samba裝沒裝
[root@beiigang ~]# rpm -qa | grep -i samba
samba-winbind-clients⑶.6.9⑴64.el6.x86_64
samba-client⑶.6.9⑴64.el6.x86_64
samba4-libs⑷.0.0⑸8.el6.rc4.x86_64
samba-winbind⑶.6.9⑴64.el6.x86_64
samba-common⑶.6.9⑴64.el6.x86_64
有配置文件等
[root@beiigang ~]# find / -name samba
/etc/samba
/etc/sysconfig/samba
/usr/lib64/samba
/var/log/samba
/var/lib/samba
[root@beiigang ~]#
到底裝沒裝
裝完后以下,看來是先前沒裝
[root@beiigang ~]# rpm -qa | grep -i samba
samba-common⑶.6.23⑴2.el6.x86_64
samba⑶.6.23⑴2.el6.x86_64
samba4-libs⑷.0.0⑸8.el6.rc4.x86_64
samba-winbind⑶.6.23⑴2.el6.x86_64
samba-winbind-clients⑶.6.23⑴2.el6.x86_64
samba-client⑶.6.23⑴2.el6.x86_64
4
不管裝沒裝,先刪
[root@beiigang ~]# yum remove samba
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Remove Process
No Match for argument: samba
Loading mirror speeds from cached hostfile
* base: centos.ustc.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Package(s) samba available, but not installed.
No Packages marked for removal
5
安裝
[root@beiigang ~]# yum search samba
查1下相干包
[root@beiigang ~]# yum -y install samba
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.bit.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.bit.edu.cn
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:3.6.23⑴2.el6 will be installed
。。。
Installed:
samba.x86_64 0:3.6.23⑴2.el6
Dependency Updated:
libsmbclient.x86_64 0:3.6.23⑴2.el6 samba-client.x86_64 0:3.6.23⑴2.el6 samba-common.x86_64 0:3.6.23⑴2.el6
samba-winbind.x86_64 0:3.6.23⑴2.el6 samba-winbind-clients.x86_64 0:3.6.23⑴2.el6
Complete!
6
裝完后以下,多了個(gè)samba⑶.6.23⑴2.el6.x86_64
[root@beiigang ~]# rpm -qa | grep -i samba
samba-common⑶.6.23⑴2.el6.x86_64
samba⑶.6.23⑴2.el6.x86_64
samba4-libs⑷.0.0⑸8.el6.rc4.x86_64
samba-winbind⑶.6.23⑴2.el6.x86_64
samba-winbind-clients⑶.6.23⑴2.el6.x86_64
samba-client⑶.6.23⑴2.el6.x86_64
7
查詢啟動(dòng)方式
[root@beiigang ~]# rpm -ql samba | grep '/etc'
/etc/logrotate.d/samba
/etc/openldap/schema
/etc/openldap/schema/samba.schema
/etc/pam.d/samba
/etc/rc.d/init.d/nmb
/etc/rc.d/init.d/smb
/etc/samba/smbusers
[root@beiigang ~]# /etc/init.d/smb start
Starting SMB services: [ OK ]
[root@beiigang ~]# service nmb start
Starting NMB services: [ OK ]
設(shè)置開機(jī)自啟動(dòng)
chkconfig --level | grep smb
chkconfig --level 35 smb on
chkconfig --level 35 nmb on
chkconfig --level | grep smb
查看端口
[root@beiigang ~]# netstat -tunpl | grep '[sn]mb'
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2071/smbd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 2071/smbd
tcp 0 0 :::139 :::* LISTEN 2071/smbd
tcp 0 0 :::445 :::* LISTEN 2071/smbd
udp 0 0 192.168.18.255:137 0.0.0.0:* 21924/nmbd
udp 0 0 192.168.18.99:137 0.0.0.0:* 21924/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 21924/nmbd
udp 0 0 192.168.18.255:138 0.0.0.0:* 21924/nmbd
udp 0 0 192.168.18.99:138 0.0.0.0:* 21924/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 21924/nmbd
8
查看samba的配置文件
[root@beiigang ~]# rpm -qc samba samba-common
/etc/logrotate.d/samba
/etc/pam.d/samba
/etc/samba/smbusers
/etc/samba/lmhosts
/etc/samba/smb.conf
/etc/sysconfig/samba
[root@beiigang ~]#
9
配置
[root@beiigang ~]# vi /etc/samba/smb.conf
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
public = yes
netbios name = ZXWSamba
lanman auth = yes
client lanman auth = yes
security = share
[public]
comment = Public Stuff
path = /share
public = yes
writable = yes
10
[root@beiigang ~]# /etc/init.d/smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@beiigang ~]# service nmb status
nmbd is stopped
[root@beiigang ~]# service nmb stop
Shutting down NMB services: [FAILED]
[root@beiigang ~]# service nmb start
Starting NMB services: [ OK ]
[root@beiigang ~]# service nmb stop
Shutting down NMB services: [ OK ]
11
測(cè)試
[root@beiigang ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
netbios name = ZXWSAMBA
server string = Samba Server Version %v
lanman auth = Yes
log file = /var/log/samba/log.%m
max log size = 50
idmap config * : backend = tdb
guest ok = Yes
cups options = raw
[homes]
comment = Home Directories
read only = No
[printers]
comment = All Printers
path = /var/spool/samba
guest ok = No
printable = Yes
print ok = Yes
browseable = No
[public]
comment = Public Stuff
path = /share
read only = No
12
[root@beiigang ~]# mkdir /share
[root@beiigang ~]# cd /share/
[root@beiigang share]# touch sambatest.txt
[root@beiigang share]# chown -R nobody:nobody /share/
[root@beiigang share]# chmod -R 777 /share/
[root@beiigang share]# ll
total 0
-rwxrwxrwx. 1 nobody nobody 0 Dec 2 17:34 sambatest.txt
13
[root@beiigang share]# smbclient //192.168.18.99/public
WARNING: The security=share option is deprecated
Enter root's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23⑴2.el6]
Server not using user level security and no password supplied.
Server requested LANMAN password (share-level security) but 'client lanman auth = no' or 'client ntlmv2 auth = yes'
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@beiigang share]#
14
查看狀態(tài)
[root@beiigang share]# smbstatus
Samba version 3.6.23⑴2.el6
PID Username Group Machine
-------------------------------------------------------------------
<processes do not show up in anonymous mode>
Service pid machine Connected at
-------------------------------------------------------
public 2399 test-pc Tue Dec 2 17:05:09 2014
IPC$ 2399 test-pc Tue Dec 2 17:00:56 2014
Locked files:
Pid Uid DenyMode Access R/W Oplock SharePath Name Time
--------------------------------------------------------------------------------------------------
2399 99 DENY_NONE 0x100081 RDONLY NONE /home/share . Tue Dec 2 17:10:20 2014
15
[root@beiigang ~]# vi /etc/samba/smb.conf
security = user
[root@beiigang share]# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@beiigang share]# service nmb restart
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]
16
[root@beiigang share]# smbstatus
Samba version 3.6.23⑴2.el6
PID Username Group Machine
-------------------------------------------------------------------
2142 zxw zxw test-pc (192.168.18.101)
Service pid machine Connected at
-------------------------------------------------------
zxw 2142 test-pc Wed Dec 3 10:20:52 2014
zxw 2142 test-pc Wed Dec 3 10:20:52 2014
public 2142 test-pc Wed Dec 3 10:20:52 2014
IPC$ 2142 test-pc Wed Dec 3 10:20:52 2014
No locked files
看來是可以了
17
列出smb服務(wù)同享目錄
[root@beiigang share]# smbclient -L 192.168.18.99
Enter root's password:
session setup failed: NT_STATUS_LOGON_FAILURE
這是由于登陸的用戶沒有成為samba服務(wù)的用戶
[root@beiigang share]# smbpasswd -a zxw
New SMB password:
Retype new SMB password:
Added user zxw.
18
[root@beiigang share]# smbclient -L 192.168.18.99 -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23⑴2.el6]
Sharename Type Comment
--------- ---- -------
homes Disk Home Directories
public Disk Public Stuff
IPC$ IPC IPC Service (Samba Server Version 3.6.23⑴2.el6)
zxw Disk Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23⑴2.el6]
Server Comment
--------- -------
ZXWSAMBA Samba Server Version 3.6.23⑴2.el6
Workgroup Master
--------- -------
WORKGROUP
19
連接測(cè)試,連接成功,但看不了
[root@beiigang share]# smbclient //192.168.18.99/public -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23⑴2.el6]
smb: > dir
NT_STATUS_ACCESS_DENIED listing *
smb: > ls
NT_STATUS_ACCESS_DENIED listing *
smb: >
20
se的問題,關(guān)掉ok
[root@beiigang share]# setenforce 0
[root@beiigang share]# getenforce
Permissive
[root@beiigang share]# smbclient //192.168.18.99/public -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23⑴2.el6]
smb: > ls
. D 0 Tue Dec 2 17:34:59 2014
.. DR 0 Wed Dec 3 09:20:49 2014
sambatest.txt A 0 Tue Dec 2 17:34:59 2014
55119 blocks of size 131072. 25361 blocks available
smb: >
21
windows上看
22
查看、修改se設(shè)置
[root@beiigang share]# getenforce
Enforcing
[root@beiigang share]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@beiigang share]# setenforce 1
[root@beiigang share]# getenforce
Enforcing
[root@beiigang share]#
[root@beiigang share]# setsebool samba_export_all_ro 1
[root@beiigang share]# setsebool samba_export_all_rw 1
23
測(cè)試ok
[root@beiigang share]# smbclient //192.168.18.99/public -U zxw
Enter zxw's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.23⑴2.el6]
smb: > ls
. D 0 Tue Dec 2 17:34:59 2014
.. DR 0 Wed Dec 3 09:20:49 2014
sambatest.txt A 0 Tue Dec 2 17:34:59 2014
55119 blocks of size 131072. 25361 blocks available
smb: > dir
. D 0 Tue Dec 2 17:34:59 2014
.. DR 0 Wed Dec 3 09:20:49 2014
sambatest.txt A 0 Tue Dec 2 17:34:59 2014
55119 blocks of size 131072. 25361 blocks available
smb: >
24
windows上看
參考 《鳥哥私房菜》
-----------------
轉(zhuǎn)載請(qǐng)著明出處:
blog.csdn.net/beiigang
生活不易,碼農(nóng)辛苦
如果您覺得本網(wǎng)站對(duì)您的學(xué)習(xí)有所幫助,可以手機(jī)掃描二維碼進(jìn)行捐贈(zèng)
