SAMBA可以实现在局域网内Linux/UNIX和Windows的文件共享和打印机共享
本文环境是CentOS Linux release 7.1.1503 (Core)
cat /etc/redhat-release
0x01 安装SAMBA
# 查看
yum list all samba*
# 安装
yum -y install samba.x86_64
0x02 配置SAMBA
# 配置文件路径
/etc/samba/
# 配置文件说明,samba的配置文件分段
grep -i 'Options -' /etc/samba/smb.conf
#======================= Global Settings =====================================
[global]
# ----------------------- Network-Related Options -------------------------
workgroup = MYGROUP
server string = Samba Server Version %v
; netbios name = MYSERVER
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
; hosts allow = 127. 192.168.12. 192.168.13.
; max protocol = SMB2
# --------------------------- Logging Options -----------------------------
# log files split per-machine:
log file = /var/log/samba/log.%m
# maximum size of 50KB per log file, then rotate:
max log size = 50
# ----------------------- Standalone Server Options ------------------------
security = user
passdb backend = tdbsam
# ----------------------- Domain Members Options ------------------------
; security = domain
; passdb backend = tdbsam
; realm = MY_REALM
; password server = <NT-Server-Name>
# ----------------------- Domain Controller Options ------------------------
# ----------------------- Browser Control Options ----------------------------
; local master = no
; os level = 33
; preferred master = yes
# --------------------------- Printing Options -----------------------------
load printers = yes
cups options = raw
; printcap name = /etc/printcap
# obtain a list of printers automatically on UNIX System V systems:
; printcap name = lpstat
; printing = cups
# --------------------------- File System Options ---------------------------
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
; valid users = %S
; valid users = MYDOMAIN\%S
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[shared name]
comments =
path =
browseable =
public = // guest ok =
read only =
writable = // read only与writable如果同时间出现,哪个严格遵从哪个
write list = user1, user2, @group1
valid users = // 白名单
invalid users = // 黑名单
# 测试配置文件是否OK
testparm
# 启动服务
systemctl start smb
# 查看端口 samba使用端口139/tcp,445/tcp
netstat -tunlp
# 将系统用户加入Samba账户(密码单独的)
smbpasswd -a ysai
0x03 配置SELinux
chcon -t samba_share_t /home/samba/share/test/
# setsebool -P samba_export_all_ro=1 samba_export_all_rw=1
# 这句有错getsebool –a | grep samba_export
# semanage fcontext –at samba_share_t "/home/samba/share/test(/.*)?"
# restorecon /home/samba/share/test/
0x04 配置FireWalld
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload
0x05 遇到的一些问题
# 将samba设置为开机自启
chkconfig --level 35 smb on //在3、5级别上自动运行samba服务
# 同这种一样systemctl enable smb.service
chkconfig --list | grep smb
# 查看selinux状态
sestatus
# 临时关闭selinux
setenforce 0
# 永久关闭selinux,修改如下文件,需要重启
cat /etc/selinux/config
#SELINUX=enforcing
SELINUX=disabled
# 关闭firewalld
systemctl stop firewalld
# samba权限是共享权限和用户权限的交集