注意,samba 在不同的操作系统下的服务名称是不一样的:

  • Ubuntu: smbd
  • CentOS: smb

安装

安装软件

## Ubuntu
sudo apt update
sudo apt-get install samba

## CentOS
yum install samba

查看状态

Ubuntu

apt show samba
Package: samba
Version: 2:4.7.6+dfsg~ubuntu-0ubuntu2.14
Priority: optional
Section: net
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 11.3 MB
Pre-Depends: dpkg (>= 1.15.6~)
Depends: adduser, libpam-modules, libpam-runtime (>= 1.0.1-11), lsb-base (>= 4.1+Debian), procps, python (<< 2.8), python-dnspython, python-samba, samba-common (= 2:4.7.6+dfsg~ubuntu-0ubuntu2.14), samba-common-bin (= 2:4.7.6+dfsg~ubuntu-0ubuntu2.14), tdb-tools, python (>= 2.7~), python2.7:any, python:any (<< 2.8), python:any (>= 2.7~), libattr1 (>= 1:2.4.46-8), libbsd0 (>= 0.0), libc6 (>= 2.14), libldb1 (>= 0.9.21), libpopt0 (>= 1.14), libpython2.7 (>= 2.7), libtalloc2 (>= 2.0.4~git20101213), libtdb1 (>= 1.2.7+git20101214), libtevent0 (>= 0.9.16), samba-libs (= 2:4.7.6+dfsg~ubuntu-0ubuntu2.14)
Recommends: attr, logrotate, samba-dsdb-modules, samba-vfs-modules
Suggests: bind9 (>= 1:9.5.1), bind9utils, ctdb, ldb-tools, ntp | chrony (>= 3.0-1), smbldap-tools, ufw, winbind
Enhances: bind9, ntp
Homepage: http://www.samba.org
Task: samba-server, ubuntu-budgie-desktop
Supported: 5y
Download-Size: 854 kB
APT-Manual-Installed: yes
APT-Sources: http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
Description: SMB/CIFS file, print, and login server for Unix
 Samba is an implementation of the SMB/CIFS protocol for Unix systems,
 providing support for cross-platform file and printer sharing with
 Microsoft Windows, OS X, and other Unix systems.  Samba can also function
 as an NT4-style domain controller, and can integrate with both NT4 domains
 and Active Directory realms as a member server.
 .
 This package provides the components necessary to use Samba as a stand-alone
 file and print server or as an NT4 or Active Directory domain controller.
 For use in an NT4 domain or Active Directory realm, you will also need the
 winbind package.
 .
 This package is not required for connecting to existing SMB/CIFS servers
 (see smbclient) or for mounting remote filesystems (see cifs-utils).

N: There is 1 additional record. Please use the '-a' switch to see it

Centos

rpm -qa |grep samba
samba-client-libs-4.8.3-4.el7.x86_64
samba-4.8.3-4.el7.x86_64
samba-common-libs-4.8.3-4.el7.x86_64
samba-common-tools-4.8.3-4.el7.x86_64
samba-common-4.8.3-4.el7.noarch
samba-libs-4.8.3-4.el7.x86_64

启动服务

Ubuntu

sudo systemctl start smbd
sudo systemctl status smbd

## 允许防火墙通过
sudo ufw allow 'Samba'

CentOS

## start/ stop/ restart
systemctl start smb

查看服务进程

Ubuntu

sudo systemctl status smbd
● smbd.service - Samba SMB Daemon
   Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-12-14 15:19:43 CST; 6min ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 4232 (smbd)
   Status: "smbd: ready to serve connections..."
    Tasks: 4 (limit: 4915)
   CGroup: /system.slice/smbd.service
           ├─4232 /usr/sbin/smbd --foreground --no-process-group
           ├─4236 /usr/sbin/smbd --foreground --no-process-group
           ├─4237 /usr/sbin/smbd --foreground --no-process-group
           └─4238 /usr/sbin/smbd --foreground --no-process-group

Dec 14 15:19:43 william-pc systemd[1]: Starting Samba SMB Daemon...
Dec 14 15:19:43 william-pc systemd[1]: Started Samba SMB Daemon.

CentOS

service smb status
Redirecting to /bin/systemctl status smb.service
● smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2019-12-03 10:34:47 CST; 17min ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 36896 (smbd)
   Status: "smbd: ready to serve connections..."
    Tasks: 5
   CGroup: /system.slice/smb.service
           ├─36896 /usr/sbin/smbd --foreground --no-process-group
           ├─36901 /usr/sbin/smbd --foreground --no-process-group
           ├─36902 /usr/sbin/smbd --foreground --no-process-group
           ├─36903 /usr/sbin/smbd --foreground --no-process-group
           └─37042 /usr/sbin/smbd --foreground --no-process-group

Dec 03 10:34:47 hicloud systemd[1]: Starting Samba SMB Daemon...
Dec 03 10:34:47 hicloud smbd[36896]: [2019/12/03 10:34:47.207282,  0] ../lib/util/become_daemon.c:1...ady)
Dec 03 10:34:47 hicloud smbd[36896]:   daemon_ready: STATUS=daemon 'smbd' finished starting up and ...ions
Dec 03 10:34:47 hicloud systemd[1]: Started Samba SMB Daemon.
Hint: Some lines were ellipsized, use -l to show in full.

设置开机启动

systemctl enable smb

临时关闭 SeLinux

需要关闭 SeLinux 才可以让 Windows 用户访问 samba

setenforce 0

查看 SeLinux 状态

sestatus            
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

永久关闭 SeLinux

修改配置文件/etc/selinux/config,将SELINU置为disabled

cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
## SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

重启后可以查看SeLinux状态

sestatus
SELinux status:                 disabled

用户设置

添加用户

useradd fl

设置密码

smbpasswd -a fl

然后重启 samba

systemctl restart samba

设置访问

有关访问权限配置参数在

vim /etc/samba/smb.conf

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
    workgroup = SAMBA
    security = user

    passdb backend = tdbsam

    printing = cups
    printcap name = cups
    load printers = yes
    cups options = raw

[homes]
    comment = Home Directories
    valid users = %S, %D%w%S
    browseable = No
    read only = No
    inherit acls = Yes

[printers]
    comment = All Printers
    path = /var/tmp
    printable = Yes
    create mask = 0600
    browseable = No

[fl]
    comment= fl files
    path = /home/fl/
    browseable = yes
    writable = yes
    available = yes
    valid users = fl,root
    
[pc]
    comment= pc files
    path = /home/pc/
    browseable = yes
    writable = yes
    available = yes
    valid users = pc,root

[shared]
    comment = share files
    path = /shared/
    browseable = yes 
    writable = yes 
    available = yes 
    valid users = root,fl,pc

一般而言,我们对某个用户进行设置

[fl]
    comment= fl files
    path = /home/fl/
    browseable = yes
    writable = yes
    available = yes
    valid users = fl,root

Windows 连接

  1. 网络连接
  2. 填写 \\192.168.1.199\fl (对应于以上的用户,直接访问 /home/fl),注意 Windows 使用 \\
  3. 然后使用账户、密码即可登录

Windows 没有权限访问的解决方法

有可能是 Centos 打开了 selinux, 需要关闭即可

setenforce 0