samba文件配置与访问权限

警告
本文最后更新于 2019-12-03,文中内容可能已过时。

注意,samba 在不同的操作系统下的服务名称是不一样的:

  • Ubuntu: smbd
  • CentOS: smb

安装

安装软件

1
2
3
4
5
6
## Ubuntu
sudo apt update
sudo apt-get install samba

## CentOS
yum install samba

查看状态

Ubuntu

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
apt show samba
Package: samba
Version: 2:4.7.6+dfsg~ubuntu-0ubuntu2.14
Priority: optional
Section: net
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 11.3 MB
Pre-Depends: dpkg (>= 1.15.6~)
Depends: adduser, libpam-modules, libpam-runtime (>= 1.0.1-11), lsb-base (>= 4.1+Debian), procps, python (<< 2.8), python-dnspython, python-samba, samba-common (= 2:4.7.6+dfsg~ubuntu-0ubuntu2.14), samba-common-bin (= 2:4.7.6+dfsg~ubuntu-0ubuntu2.14), tdb-tools, python (>= 2.7~), python2.7:any, python:any (<< 2.8), python:any (>= 2.7~), libattr1 (>= 1:2.4.46-8), libbsd0 (>= 0.0), libc6 (>= 2.14), libldb1 (>= 0.9.21), libpopt0 (>= 1.14), libpython2.7 (>= 2.7), libtalloc2 (>= 2.0.4~git20101213), libtdb1 (>= 1.2.7+git20101214), libtevent0 (>= 0.9.16), samba-libs (= 2:4.7.6+dfsg~ubuntu-0ubuntu2.14)
Recommends: attr, logrotate, samba-dsdb-modules, samba-vfs-modules
Suggests: bind9 (>= 1:9.5.1), bind9utils, ctdb, ldb-tools, ntp | chrony (>= 3.0-1), smbldap-tools, ufw, winbind
Enhances: bind9, ntp
Homepage: http://www.samba.org
Task: samba-server, ubuntu-budgie-desktop
Supported: 5y
Download-Size: 854 kB
APT-Manual-Installed: yes
APT-Sources: http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
Description: SMB/CIFS file, print, and login server for Unix
 Samba is an implementation of the SMB/CIFS protocol for Unix systems,
 providing support for cross-platform file and printer sharing with
 Microsoft Windows, OS X, and other Unix systems.  Samba can also function
 as an NT4-style domain controller, and can integrate with both NT4 domains
 and Active Directory realms as a member server.
 .
 This package provides the components necessary to use Samba as a stand-alone
 file and print server or as an NT4 or Active Directory domain controller.
 For use in an NT4 domain or Active Directory realm, you will also need the
 winbind package.
 .
 This package is not required for connecting to existing SMB/CIFS servers
 (see smbclient) or for mounting remote filesystems (see cifs-utils).

N: There is 1 additional record. Please use the '-a' switch to see it

Centos

1
2
3
4
5
6
7
rpm -qa |grep samba
samba-client-libs-4.8.3-4.el7.x86_64
samba-4.8.3-4.el7.x86_64
samba-common-libs-4.8.3-4.el7.x86_64
samba-common-tools-4.8.3-4.el7.x86_64
samba-common-4.8.3-4.el7.noarch
samba-libs-4.8.3-4.el7.x86_64

启动服务

Ubuntu

1
2
3
4
5
sudo systemctl start smbd
sudo systemctl status smbd

## 允许防火墙通过
sudo ufw allow 'Samba'

CentOS

1
2
## start/ stop/ restart
systemctl start smb

查看服务进程

Ubuntu

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
sudo systemctl status smbd
● smbd.service - Samba SMB Daemon
   Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-12-14 15:19:43 CST; 6min ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 4232 (smbd)
   Status: "smbd: ready to serve connections..."
    Tasks: 4 (limit: 4915)
   CGroup: /system.slice/smbd.service
           ├─4232 /usr/sbin/smbd --foreground --no-process-group
           ├─4236 /usr/sbin/smbd --foreground --no-process-group
           ├─4237 /usr/sbin/smbd --foreground --no-process-group
           └─4238 /usr/sbin/smbd --foreground --no-process-group

Dec 14 15:19:43 william-pc systemd[1]: Starting Samba SMB Daemon...
Dec 14 15:19:43 william-pc systemd[1]: Started Samba SMB Daemon.

CentOS

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
service smb status
Redirecting to /bin/systemctl status smb.service
● smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2019-12-03 10:34:47 CST; 17min ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 36896 (smbd)
   Status: "smbd: ready to serve connections..."
    Tasks: 5
   CGroup: /system.slice/smb.service
           ├─36896 /usr/sbin/smbd --foreground --no-process-group
           ├─36901 /usr/sbin/smbd --foreground --no-process-group
           ├─36902 /usr/sbin/smbd --foreground --no-process-group
           ├─36903 /usr/sbin/smbd --foreground --no-process-group
           └─37042 /usr/sbin/smbd --foreground --no-process-group

Dec 03 10:34:47 hicloud systemd[1]: Starting Samba SMB Daemon...
Dec 03 10:34:47 hicloud smbd[36896]: [2019/12/03 10:34:47.207282,  0] ../lib/util/become_daemon.c:1...ady)
Dec 03 10:34:47 hicloud smbd[36896]:   daemon_ready: STATUS=daemon 'smbd' finished starting up and ...ions
Dec 03 10:34:47 hicloud systemd[1]: Started Samba SMB Daemon.
Hint: Some lines were ellipsized, use -l to show in full.

设置开机启动

1
systemctl enable smb

临时关闭 SeLinux

需要关闭 SeLinux 才可以让 Windows 用户访问 samba

1
setenforce 0

查看 SeLinux 状态

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

永久关闭 SeLinux

修改配置文件/etc/selinux/config,将SELINU置为disabled

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
## SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

重启后可以查看SeLinux状态

1
2
sestatus
SELinux status:                 disabled

用户设置

添加用户

1
useradd fl

设置密码

1
smbpasswd -a fl

然后重启 samba

1
systemctl restart samba

设置访问

有关访问权限配置参数在

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
vim /etc/samba/smb.conf

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
	workgroup = SAMBA
	security = user

	passdb backend = tdbsam

	printing = cups
	printcap name = cups
	load printers = yes
	cups options = raw

[homes]
	comment = Home Directories
	valid users = %S, %D%w%S
	browseable = No
	read only = No
	inherit acls = Yes

[printers]
	comment = All Printers
	path = /var/tmp
	printable = Yes
	create mask = 0600
	browseable = No

[fl]
	comment= fl files
	path = /home/fl/
	browseable = yes
	writable = yes
	available = yes
	valid users = fl,root

[pc]
    comment= pc files
    path = /home/pc/
    browseable = yes
    writable = yes
    available = yes
    valid users = pc,root

[shared]
    comment = share files
    path = /shared/
    browseable = yes
    writable = yes
    available = yes
    valid users = root,fl,pc

一般而言,我们对某个用户进行设置

1
2
3
4
5
6
7
[fl]
	comment= fl files
	path = /home/fl/
	browseable = yes
	writable = yes
	available = yes
	valid users = fl,root

Windows 连接

  1. 网络连接
  2. 填写 \\192.168.1.199\fl (对应于以上的用户,直接访问 /home/fl),注意 Windows 使用 \\
  3. 然后使用账户、密码即可登录

Windows 没有权限访问的解决方法

有可能是 Centos 打开了 selinux, 需要关闭即可

1
setenforce 0

相关内容

william 支付宝支付宝
william 微信微信
0%