Samba

'Server Message Block(SMB信息服务块)是windows服务器和客户端之间实现文件共享的服务协议。'
'Samba是在linux和UNix系统上实现SMB协议的一个免费软件,由服务器及客户端程序构成'
'Samba的主要部分:两个守护程序:smbd和nmbd(对客户端提供NetBIOS名服务)'
'配置文件:/etc/smb.conf'

服务端软件包与客户端软件包

服务端软件包 samba
客户端软件包 cifs-utils

Samba监听端口

TCP UDP
139/445 137/138
'tcp端口相对应的服务是smbd服务,其作用是提供对服务器中文件、打印资源的共享访问'
'Udp端口相对应的服务是nmbd服务,其作用是提供基于NetBIOS主机名称的解析'

Samba服务配置

服务端IP 客户端IP
192.168.228.21 192.168.228.20
'关闭防火墙'
[root@yaoxiaorong ~]# setenforce 0
[root@yaoxiaorong ~]# systemctl stop firewalld

'安装Samba服务程序'
[root@yaoxiaorong ~]# yum install samba*

'启动Samba服务程序'
[root@yaoxiaorong ~]# systemctl start smb
'设置smb服务随系统启动而启动'
[root@yaoxiaorong ~]# systemctl enable smb

samba主配置文件

'通过过滤筛选Samba服务程序已注释的配置文件'
[root@yaoxiaorong ~]# egrep -v '^#|^$' /etc/samba/smb.conf
[global]            全局参数
	workgroup = SAMBA    工作组名称
	security = user           安全验证方式,总共有四种
	              ' share:无需验证身份,简单方便,安全性差      '
								'usr:需要验证用户密码才可访问,安全性高'
								'server:需要通过三方服务验证账号密码,(集中管理账户)'
								'domain:使用域控制器进行身份验证'
	passdb backend = tdbsam    定义用户后台的类型,共有3种
	                     'smbpasswd:为系统用户设置Samba服务程序的密码'
											 'tdbsam:创建数据库文件并哦使用pdbedit命令建立samba服务程序'
											  'ldapsam:基于ldap服务进行账户验证'
	printing = cups        设置Samba共享打印机的类型
	printcap name = cups    设置共享打印机的配置文件
	load printers = yes     设置在Samba服务启动时是否共享打印机设备
	cups options = raw       打印机的选项
[homes]      共享参数
	comment = Home Directories      描述信息
	valid users = %S, %D%w%S      允许访问该共享的用户
	browseable = No      指定共享信息是否在“网上邻居”中可见
	read only = No
	inherit acls = Yes
[printers]
	comment = All Printers
	path = /var/tmp
	printable = Yes
	create mask = 0600
	browseable = No
[print$]
	comment = Printer Drivers
	path = /var/lib/samba/drivers
	write list = @printadmin root
	force group = @printadmin
	create mask = 0664
	directory mask = 0775

创建映射共享目录

'创建用户tom’
[root@yaoxiaorong ~]# useradd -M tom
'为tom用户创建smb共享密码'
[root@yaoxiaorong ~]# smbpasswd -a tom
New SMB password:
Retype new SMB password:
Added user tom.
'假设这里映射tom用户为share用户,那么就要在/etc/samba/smbusers文件中添加如下内容:'
[root@yaoxiaorong ~]# echo 'tom = share' > /etc/samba/smbusers
'在/etc/samba/smb.conf添加如下内容:'
[root@yaoxiaorong ~]# vim /etc/samba/smb.conf

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
        workgroup = SAMBA
        security = user
        username map = /etc/samba/smbusers

'创建一个共享目录yaoxiaorong'

[root@yaoxiaorong ~]# mkdir /opt/yaoxiaorong
[root@yaoxiaorong ~]# chown -R tom.tom /opt/yaoxiaorong/
[root@yaoxiaorong ~]# ll /opt/
total 0
drwxr-xr-x. 2 tom tom 6 Aug  6 21:38 yaoxiaorong

配置共享

[root@yaoxiaorong ~]# cat >> /etc/samba/smb.conf <<EOF
> [yaoxiaorong]    共享名
> comment = Is very happy  描述信息,任意字符串
> path = /opt/yaoxiaorong/   共享目录路径
> browseable = yes    指定该共享是否可以浏览
> guest ok = yes     表示设置是否所有人均可访问共享目录  
> writable = yes    指定该共享路径是否可写
> write list = share   表示设置允许写的用户和组
> public = yes     表示设置是否允许匿名用户访问
> EOF
[root@yaoxiaorong ~]# tail -8 /etc/samba/smb.conf
[yaoxiaorong]
comment = Is very happy
path = /opt/yaoxiaorong/
browseable = yes
guest ok = yes
writable = yes
write list = share
public = yes


testparm

'测试配置文件是否有语法错误,以及显示最终生效的配置'
[root@yaoxiaorong ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

重新启动smb服务:

'重新启动smb服务'
[root@yaoxiaorong ~]# systemctl restart smb
'重新加载smb服务'
[root@yaoxiaorong ~]# systemctl reload smb

在客户机查看samba服务器有哪些共享资源

'yum查找smbclient软件包的绝对路径'
[root@yaoxiaorong ~]# yum provides *bin/smbclient
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.tuna.tsinghua.edu.cn
 * extras: mirrors.neusoft.edu.cn
 * updates: mirrors.nju.edu.cn
base/7/x86_64/filelists_db          | 6.9 MB     00:05     
samba-client-4.7.1-6.el7.x86_64 : Samba client programs
Repo        : base
Matched from:
Filename    : /usr/bin/smbclient



samba-client-4.7.1-6.el7.x86_64 : Samba client programs
Repo        : @base
Matched from:
Filename    : /usr/bin/smbclient
[root@yaoxiaorong ~]# yum install -y samba-client

'在客户机查看samba服务器有哪些共享资源'
[root@yaoxiaorong ~]# smbclient -L 192.168.228.21 -U share
Enter SAMBA\share's password: 

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	IPC$            IPC       IPC Service (Samba 4.7.1)
	yaoxiaorong     Disk      Is very happy
	tom             Disk      Home Directories
Reconnecting with SMB1 for workgroup listing.

	Server               Comment
	---------            -------

	Workgroup            Master
	---------            -------

将samba服务器的共享资源yaoxiaorong挂载到客户机本地

[root@yaoxiaorong ~]# mkdir /opt/smb
[root@yaoxiaorong ~]# mount -t cifs //192.168.228.21/yaoxiaorong /opt/smb -o username=share,password=1
[root@yaoxiaorong ~]# df -h
Filesystem                    Size  Used Avail Use% Mounted on
/dev/mapper/centos-root       5.0G  1.5G  3.5G  31% /
devtmpfs                      478M     0  478M   0% /dev
tmpfs                         489M     0  489M   0% /dev/shm
tmpfs                         489M  6.8M  482M   2% /run
tmpfs                         489M     0  489M   0% /sys/fs/cgroup
/dev/sda1                      10G  125M  9.9G   2% /boot
/dev/mapper/centos-var        5.0G  165M  4.9G   4% /var
tmpfs                          98M     0   98M   0% /run/user/0
//192.168.228.21/yaoxiaorong   17G  1.8G   16G  11% /opt/smb

验证

'在客户机上进入共享目录创建新文件'
[root@yaoxiaorong ~]# cd /opt/smb
[root@yaoxiaorong smb]# touch a
[root@yaoxiaorong smb]# mkdir b
[root@yaoxiaorong smb]# ls
a  b
'在服务端查看共享的目录里面是否存在客户端创建的文件和目录'
[root@yaoxiaorong ~]# cd /opt/yaoxiaorong/
[root@yaoxiaorong yaoxiaorong]# ls
a  b

配置匿名共享

服务器IP 客户端IP
192.168.228.20/24 192.168.228.21/24

配置匿名共享时,还是需要关闭防火墙

'使用yum命令安装samba服务器'
[root@yaoxiaorong ~]# yum install samba-* -y


'然后在全局配置中添加如下内容:红色字体就是添加的内容'
[root@yaoxiaorong ~]# vim /etc/samba/smb.conf
[root@yaoxiaorong ~]# vim /etc/samba/smb.conf

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
        workgroup = SAMBA
        security = user
        'map to guest = Bad User'   


创建一个共享目录,创建目录名为yaoxiaorong
[root@yaoxiaorong ~]# mkdir /opt/yaoxiaorong
[root@yaoxiaorong ~]# chmod 777 /opt/yaoxiaorong/
[root@yaoxiaorong ~]# ll /opt/
total 0
drwxrwxrwx. 2 root root 6 Aug  7 16:33 yaoxiaorong

'配置共享'
[root@yaoxiaorong ~]# cat >> /etc/samba/smb.conf <<EOF
> [yaoxiaorong]
> comment = yaoxiaorong
> path = /opt/yaoxiaorong/
> browseable = yes
> guest ok = yes
> writable = yes
> public = yes
> EOF


启动smb服务:
[root@yaoxiaorong ~]# systemctl start smb
[root@yaoxiaorong ~]# systemctl restart smb


'在客户机查看samba服务器有哪些共享资源'
[root@yaoxiaorong ~]# smbclient -L 192.168.228.20 -U 'Bad User'
Enter SAMBA\Bad User's password: 

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	yaoxiaorong     Disk      yaoxiaorong
	IPC$            IPC       IPC Service (Samba 4.7.1)
Reconnecting with SMB1 for workgroup listing.

	Server               Comment
	---------            -------

	Workgroup            Master
	---------            -------


'将samba服务器的共享资源yaoxiaorong挂载到客户机本地'
[root@yaoxiaorong ~]# mkdir /opt/smb
[root@yaoxiaorong ~]# mount -t cifs //192.168.228.20/yaoxiaorong /opt/smb -o username='Bad User'
[root@yaoxiaorong ~]# df -h
Filesystem                           Size  Used Avail Use% Mounted on
/dev/mapper/centos_yaoxiaorong-root   17G  1.7G   16G  10% /
devtmpfs                             478M     0  478M   0% /dev
tmpfs                                489M     0  489M   0% /dev/shm
tmpfs                                489M  6.7M  482M   2% /run
tmpfs                                489M     0  489M   0% /sys/fs/cgroup
/dev/sda1                           1014M  125M  890M  13% /boot
tmpfs                                 98M     0   98M   0% /run/user/0
//192.168.228.20/yaoxiaorong         5.0G  1.6G  3.5G  32% /opt/smb


在客户机上进入共享目录创建文件或目录验证一下,并在服务器上查看客户机创建的文件
'客户机'
[root@yaoxiaorong ~]# cd /opt/smb/
[root@yaoxiaorong smb]# touch yxr
[root@yaoxiaorong smb]# mkdir xxx
'服务器'
[root@yaoxiaorong ~]# cd /opt/yaoxiaorong/
[root@yaoxiaorong yaoxiaorong]# ls
xxx  yxr