CentOS 7 installation and configuration of Samba

 

 

 

I recently learned Linux and wanted to use RedHat Linux as a learning platform, but found that the RedHat Linux ISO file is too difficult to download. Because CentOS and RedHat Linux are very similar, I chose to download the CentOS Linux 7 DVD ISO. This image is more than 4 GB, but the download only took more than 30 minutes.

There are a lot of articles on configuring samba on the Internet, but I found that none of them can be implemented. So I decided to write a complete configuration. Although the security cannot be guaranteed, the function can be realized, and the security will be studied later.

1. Install

I will not write the installation process in detail. Baidu has a lot of documents. I believe that anyone with a little Linux foundation can install it. I installed it twice. The first time I used min install, I found that the ifconfig command could not run after the installation.

Running which ifconfig or find / -name "ifconfig*.*" did not find the file.

I have found a lot on the Internet, and some say that there are no environment variables, and the files are under bin or sbin.

The correct solution is to run the following command:

# yum install net-tools

The reason is that ifconfig is outdated, you can use ip addr or ip link to query.

Because I am a new learner, in order to eliminate interference, I re-selected the file and printer server mode to install. The install ifconfig command can be run in this mode.

2. Install samba

Run the following command:

# yum -y install samba samba-client samba-common

After the installation is complete, run rpm -qa | grep "samba" to ensure that the installation is successful.

3. Configure samba

Suppose we have such a scenario

 

share name	path	permission
SHAREDOC	/smb/docs	Accessible to all personnel including guests
RDDOCS	/smb/tech	Allow read and write access only to specific groups of users

准备工作：

创建共享目录（假设共享/smb目录下的文件）

# mkdir -p /smb/docs

# mkdir -p /smb/tech

 

//创建操作系统用户

# useraddalice

# useraddjack

# useradd tom

# useradd RD

  

//修改用户的组

# usermod -a-G RD alice

# usermod -a-G RD jack

# usermod -a-G RD tom

账号创建完以后检查用户所属组,确保每个用户所属组都有1003 RD 

# id alice

uid=1000(alice) gid=1000(alice)groups=1000(alice),1003(RD)

# id jack

 

uid=1001(jack) gid=1001(jack)groups=1001(jack),1003(RD)

# id tom

 

uid=1002(tom) gid=1002(tom)groups=1002(tom),1003(RD)

# id RD

 

uid=1003(RD) gid=1000(RD)groups=1003(RD)

 

//修改目录权限

# chgrp RD /smb/tech

# chgrp RD /smb/docs

# chown RD /smb/tech

# chown RD /smb/docs

# chmod 770 /smb/tech

# chmod 770 /smb/docs

 

修改完成后再检查一下文件夹权限

# ls /smb -l

 

//备份原有的配置文件在原目录下

# cd /etc/samba

# cp smb.conf smb.conf.origin

 

 

# vi/etc/samba/smb.conf

删除原有所有内容，添加如下内容：

[global]

  workgroup=BIGCLOUD

  netbios name=ZZSRV2

  server string=Samba Server

  #security=share

  security=user

  map to guest = Bad User

[SHAREDOCS]

  path=/smb/docs

  readonly=yes

  browseable=yes

  guest ok=yes

[RDDOCS]

  path = /smb/tech/

  public = no

  writable = yes

 

  write list = @RD

  validusers = @RD

4. Restart the service

RedHat Liunx is restarted with service restart smb, and the operation of services in CentOS is completed with systemctl.

Run the following command:

#  systemctl restart smb

# systemctl reload smb

# systemctl status smb

The last command is to check the status.

 

5. Firewalls and SELinux

There are basically no articles on the Internet that mention this, so I have been testing unsuccessfully, and finally found that I can access it after turning off SELinux and firewall.

turn off firewall

Turn off SELinux

 

7. The group the client belongs to

The machine I successfully tested is a Windows 7 in the WORKGROUP workgroup, and the machine joined to the domain cannot be accessed. This may be related to the workgroup we set up in Samba before.