安装服务
使用yum将会自动安装samba服务程序包,也可使用其他工具安装,samba服务程序的名字也即是软件包名字。samba-client用于测试共享目录的客户端程序,就一并安装了。
[root@localhost ~]# yum install samba samba-client
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 9.9 kB 00:00:00
* base: mirrors.aliyun.com
* centos-qemu-ev: mirrors.aliyun.com
* centos-sclo-rh: mirrors.aliyun.com
* centos-sclo-sclo: mirrors.aliyun.com
* epel: hkg.mirror.rackspace.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
base | 3.6 kB 00:00:00
centos-qemu-ev | 3.0 kB 00:00:00
centos-sclo-rh | 3.0 kB 00:00:00
centos-sclo-sclo | 3.0 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/2): epel/x86_64/primary_db | 6.9 MB 00:00:01
(2/2): epel/x86_64/updateinfo | 1.0 MB 00:00:04
Package samba-4.10.16-13.el7_9.x86_64 already installed and latest version
Package samba-client-4.10.16-13.el7_9.x86_64 already installed and latest version
Nothing to do
[root@localhost ~]#
安装完毕后,打开samba服务程序的主配置文件,删除其余内容,保留如下所示的信息即可。注:四种安全验证分别为;share:无需验证口令;user:账号密码登录;domain:域控制器进行身份验证;server:独立主机验证来访用户的口令。
[root@localhost ~]# vi /etc/samba/smb.conf
#注释信息
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global] #全局参数
workgroup = SAMBA #工作组名称
security = user #安全验证方式
passdb backend = tdbsam #定义用户后台的类型
[root@localhost ~]#
配置共享资源
创建用于访问共享资源的账户信息,且samba服务程序要求账户必须在当前系统中已存在。samba服务程序的账户信息可以使用pdbedit命令管理,在第一次导入账户信息过程中需加-a,之后操作则不需要。
pdbedit命令简介:
-a username 建立用户
-x username 删除用户
-L 列出用户列表
[root@localhost ~]# id admin
uid=1000(admin) gid=1000(admin) groups=1000(admin)
[root@localhost ~]# pdbedit -a -u admin
new password: #输入密码
retype new password: #再次输入,回车后,即可
Unix username: admin
NT username:
Account Flags: [U ]
User SID: S-1-5-21-621387107-3014415031-1596342661-1000
Primary Group SID: S-1-5-21-621387107-3014415031-1596342661-513
Full Name: admin
Home Directory: \\localhost\admin
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\admin\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 23:06:39 CST
Kickoff time: Wed, 06 Feb 2036 23:06:39 CST
Password last set: Wed, 26 May 2021 09:30:11 CST
Password can change: Wed, 26 May 2021 09:30:11 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]#
创建共享目录(或者其他目录,但目录需为空),配置SELinux安全上下文立即生效。
[root@localhost ~]# mkdir /home/database
[root@localhost ~]# chown -Rf admin:admin /home/database
[root@localhost ~]# semanage fcontext -a -t samba_share_t /home/database
[root@localhost ~]# restorecon -Rv /home/database
[root@localhost ~]#
设置SELinux服务,使其允许通过samba服务程序访问目录。执行getsebool命令,筛选samba相关信息,只需找到samba_enable_home_dirs --> off这一项,并修改成on(本文字我将SELinux关闭了,所以不会显示samba信息)。修改完成之后,将samba主配置文件打开,在末尾添加如下信息,重启服务。
[root@localhost ~]# getsebool -a | grep samba #
getsebool: SELinux is disabled
[root@localhost ~]# cat /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
[database]
comment = Do not arbitrarily modify the database file
path = /home/database #共享目录为/home/database
public = no #关闭所有人可见
writable = yes #允许写入
[root@localhost ~]# systemctl restart smb
[root@localhost ~]# systemctl enable smb
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
[root@localhost ~]#
避免防火墙限制,将防火墙清空,再把samba服务添加进去。之后可在本地检查samba服务是否启动,可用“systemctl status smb”,也可使用smbclient命令查看,如下。
[root@localhost ~]# iptables -F
[root@localhost ~]# iptables-save
# Generated by iptables-save v1.4.21 on Wed May 26 09:35:45 2021
......
COMMIT
# Completed on Wed May 26 09:35:45 2021
[root@localhost ~]# firewall-cmd --zone=public --permanent --add-service=samba
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# smbclient -U admin -L 192.168.3.88
Enter SAMBA\admin's password:
Sharename Type Comment
--------- ---- -------
database Disk Do not arbitrarily modify the database file
IPC$ IPC IPC Service (Samba 4.10.16)
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
配置完成之后,可以使用Windows系统,找到搜索框,在里面输入Linux系统的IP“\192.168.3.88”回车,输入账户密码,即可使用共享资源。
~文章已经结束了~
声明:本人所写的只是本人在使用中遇到的问题做个记录总结,很多内容也是百度,或者查阅官方文档,若与他人有重复;若需按照本文配置,请认真确认是否适合你的情况,造成一切损失;本人概不负责。
