samba:

    将文件系统或本地共享目录以文件系统接口的方式输出给客户端,客户端主机可以直接用mount挂载到服务端共享的目录到本地

    smb:Service Message Block;

    cifs:Common Internet File System

    samba:Andrew Tridgell;

    功能:

文件系统共享;

NetBIOS协议;

打印服务;

peer to peer(Work Group)

domain devel

LDAP:Lightweight Directory Access Protocol

安装samba:

    yum install -y samba samba-client

程序环境:

    配置文件:

/etc/samba/smb.conf

主程序:

nmbd:Network Naming Service,主要是为了完成 NetBIOS 名称解析 

smbd:SMB/CIFS Service;完成或者是实现文件共享能够成型的最基本的程序

Unit File:

/usr/lib/systemd/system/nmb.service

/usr/lib/systemd/system/smb.service

监听的端口:

137/udp, 138/udp 

139/tcp, 445/tcp 

客户端程序:

mount -t cifs = mount.cifs

smbclient:交互式命令行客户端工具;

mount -t cifs //10.1.68.13/wal /tmp -o username=doodle,password=2wsx*963. 

mount.cifs //10.1.68.13/wal /tmp -o user=doodle,password=2wsx*963.

samba的配置:

/etc/samba/smb.conf

#======================= Global Settings =====================================

# ----------------------- Network-Related Options -------------------------

# --------------------------- Logging Options -----------------------------

# ------------------- Standalone Server Options //独立服务选项------------------------

# ----------------------- Domain Members Options ------------------------

# ----------------------- Domain Controller Options ------------------------

# ---------------Browser Control Options //浏览器控制选项----------------------------

#----------------------------- Name Resolution -------------------------------

# ----------------- Printing Options //打印相关--------------------------

# --------------------------- File System Options ---------------------------

#============================ Share Definitions ==============================

两类配置段:

全局配置:

[global]

workgroup = MYGROUP//windows下的工作组是workgroup,所以这里改为workgroup

server string = Samba Server Version %v

interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24  指明要监听的地址或网络接口;

hosts allow = 127. 192.168.12. 192.168.13.

#访问控制,允许的主机

log file = /var/log/samba/log.%m

#每个客户端将使用单独的日志信息

max log size = 50 //单位为kB

security = user

share (depricated)

server (depricated)

domain

passdb backend = tdbsam

load printers = yes

cups options = raw

samba配置匿名访问

CentOS6中直接设置全局配置段

security = share

CentOS7中由于security = share已经被废弃需要全局配置段中添加

map to guest = bad user 

配置文件详细配置段:

workgroup = WORKGROUP  

server string = Samba Server %v  

netbios name = centos  

security = user  

map to guest = bad user  

dns proxy = no  

#============================ Share Definitions ==============================   

[Anonymous]  

path = /samba/anonymous  

browsable =yes  

writable = yes  

guest ok = yes  

read only = no  

配置完成后设置匿名共享目录:

cd /


mkdir samba/anonymous


cd /samba/


[root@localhost samba]# chmod -R 0755 anonymous/

[root@localhost samba]# chown -R nobody:nobody anonymous/

[root@localhost samba]# chcon -t samba_share_t anonymous/


启动samba:systemctl start smb.service  

共享文件系统:

[shared_ID] 

有三类:

[homes]:每个samba用户是否能够通过samba服务访问其家目录;

[printers]:打印服务;

[shared_FS]:用户自定义的共享目录;

常用指令:

comment:注释信息;

path:本地文件系统路径;

browseable:是否可浏览,是否为用户可见;

guest ok:是否允许来宾账号访问;

guest ok = yes 和 public = yes是一样的 

public:是否公开给所有来宾;

writable:是否可写;

read only = no

write list:拥有写权限的用户或组列表;

用户名 

@组名, +组名 

samba用户管理:

smbpasswd, pdbedit

smbpasswd [OPTIONS] USERNAME

-a:添加

-x:删除

-d:禁用

-e:启用

pdbedit:

-L:列出samba服务中的所有用户;

-a:添加用户为samba用户;

-u USERNAME:

-x:删除

-t:从标准输出接收密码;

访问服务:

(1) smbclient交互式客户端程序:

(1) 查看目标服务上的共享

smbclient -L SMB_SERVER [-U USERNAME]

(2) 访问共享服务

smbclient //SMB_SERVER[/SHARE_NAME] [-U USERNAME]

(2)mount.cifs 

mount -t cifs //SMB_SERVER/SHARED_ID  /MOUNT_POINT  -o username=USER,password=PASS

注意:挂载操作中的用户,与-o选项中指定的用户直接产生映射关系;访问挂载,是以-o选项指定的用户身份运行,与本地用户以ID产生映射;

自定义共享的方式:

[shared_ID]

comment =    

path =

guest ok =

read only = 

public = 

browseable = 

write list = 

注意:定义所用户在服务级的写权限write = yes (read only = no)不建议与write list同时使用;

smbstatus命令:

显示samba服务的相关共享的访问状态信息;

-b:显示简要格式信息;

-v:显示详细格式信息;