centos7.4安装samba服务

匿名访问samba服务器

查看windows所属的工作组,修改hosts文件(客户端 192.168.221.1的配置)

C:\Users\Administrator>net config workstation
notepad C:\Windows\System32\drivers\etc\hosts
192.168.221.20 apenglinux-002  //共享服务器ip与主机名

samba服务器(192.168.221.20)安装关于samba的一些服务

[root@apenglinux-002 ~]# yum install samba samba-client samba-common -y

配置/etc/samba/smb.conf

[root@apenglinux-002 ~]# cd /etc/samba/
[root@apenglinux-002 samba]# cp smb.conf smb.conf.bak
[root@apenglinux-002 samba]# vim smb.conf
[global]
        workgroup = workgroup
        server string = Samba Server %v
        netbios name = apenglinux-002
        security = user
        map to guest = bad user
        dns proxy = no
 
[anonymous]
        comment = This is a directory of anonymous.
        path = /samba/anonymous
        browseable = yes
        writeable = yes
        guest ok = yes
        read only = no

创建共享目录,并开启服务

[root@apenglinux-002 samba]# mkdir -p /samba/anonymous
[root@apenglinux-002 samba]# systemctl enable smb.service
[root@apenglinux-002 samba]# systemctl enable nmb.service
[root@apenglinux-002 samba]# systemctl start smb.service 
[root@apenglinux-002 samba]# systemctl start nmb.service 

firewalld放行samba

[root@apenglinux-002 samba]# firewall-cmd --permanent --zone=public --add-service=samba
[root@apenglinux-002 samba]# firewall-cmd --reload

在windows客户端上访问共享 \\apenglinux-002

设置共享目录的本地权限,属主,属组

[root@apenglinux-002 samba]# cd /samba/
[root@apenglinux-002 samba]# chmod 777 anonymous/
[root@apenglinux-002 samba]# chown -R nobody:nobody anonymous/

再次访问还是与上图一样没有权限

此时需要设置selinux

[root@apenglinux-002 samba]# chcon -t samba_share_t anonymous/

此时就可以访问共享了,并可以在共享目录下创建文件了

通过用户名密码访问samba服务器

创建组和用户通过认证来访问samba服务器

[root@apenglinux-002 samba]# groupadd smbgrp
[root@apenglinux-002 samba]# useradd -s /sbin/nologin smbusr
[root@apenglinux-002 samba]# usermod -a smbusr -G smbgrp
[root@apenglinux-002 samba]# smbpasswd -a smbusr

创建共享目录,设定权限

[root@apenglinux-002 samba]# mkdir -p /samba/security
[root@apenglinux-002 samba]# chmod 777 /samba/security
[root@apenglinux-002 samba]# chown -R smbusr:smbgrp /samba/security/

修改配置文件

[root@apenglinux-002 samba]# vim /etc/samba/smb.conf
[security]
        path = /samba/security
        valid users = @smbgrp
        guest ok = no
        writeable = yes
        browseable = yes

重启服务,测试

[root@apenglinux-002 samba]# systemctl restart smb.service 
[root@apenglinux-002 samba]# systemctl restart nmb.service 
[root@apenglinux-002 samba]# testparm

设置selinux

[root@apenglinux-002 samba]# chcon -t samba_share_t /samba/security/

在windows客户端访问 \\apenglinux-002\securiy

linux客户端访问

[root@localhost ~]# yum install samba-client -y
[root@localhost ~]# smbclient -L 192.168.221.20 -U smbusr%123
Domain=[APENGLINUX-002] OS=[Windows 6.1] Server=[Samba 4.6.2]

	Sharename       Type      Comment
	---------       ----      -------
	anonymous       Disk      This is a directory of anonymous.
	security        Disk      
	IPC$            IPC       IPC Service (Samba Server 4.6.2)
Domain=[APENGLINUX-002] OS=[Windows 6.1] Server=[Samba 4.6.2]

	Server               Comment
	---------            -------

	Workgroup            Master
	---------            -------
	WORKGROUP            APENGLINUX-002
# smbclient //samba服务器ip/共享目录 -U 用户名%密码

补充:

vim /etc/samba/smb.conf
security = user  //用户需要认证才能访问共享资源
map to guest = bad user //将匿名用户映射为nobody用户
guest user = nobody
server string = Samba Server Version %v //服务器说明 
comment =   //注释说明 
path =      //共享目录
writeable = yes|no  //
guest ok = yes|no
browseable = yes|no
security = share //不需要用户名密码直接访问
workgroup = 
hosts allow =   //allow优先级高于deny
hosts deny = 192.168.0. 
valid users =
write list = 用户名,@组名
netbios name =  
log file = /var/log/samba/log.%m
read only = yes|no
passdb backend = smbpasswd
smb passwd file = /etc/samba/smbpasswd
[global]
config file = /etc/samba/smb.conf.%U

# cp /etc/samba/smb.conf /etc/samba/smb.conf.manager
# vim /etc/samba/smb.conf // 加上 browseable = no
# vim /etc/samba/smb.conf.manager // browseable = yes

linux客户端挂载共享目录

[root@apenglinux-002 ~]# yum install cifs-utils -y
[root@apenglinux-002 ~]# mount -t cifs //192.168.221.10/boss/ /cifs/ -o username=boss  //输入密码
[root@apenglinux-002 ~]# mount -t cifs //192.168.221.10/boss/ /cifs/ -o username=boss,password=123