Construction of samba server
Article Directory
foreword
Linux samba server
First, let me introduce the origin of samba. Samba is a free software that implements the SMB protocol on Linux and UNIX systems, and is composed of server and client programs.
The original SMB protocol is a protocol for sharing resources between windows and windows (My Network Places). Linux found Microsoft and wanted to use the protocol for file sharing between windows and Linux, but Microsoft did not agree, so Linux implemented the SMB protocol through a reverse method, and named it the SAMBA protocol in order to distinguish it from SMB.
Let's start the installation and use of the samba server
1. Turn off the firewall and selinux
注意:systemctl stop firewalld.service中的.service可以省略写成systemctl stop firewalld
1.1 Turn off the firewall
Method 1: systemctl stop firewalld.service (Turn off the firewall service temporarily, and the firewall will open after the system restarts)
systemctl stop firewalld.service
Method 2: systemctl disable firewalld.service (by closing the firewall service and starting it automatically after booting, to permanently close the firewall service)
systemctl disable firewalld.service
View firewall status
systemctl status firewalld.service
Turn on the firewall
systemctl start firewalld
1.2 close selinux
Recently, I encountered the problem of Mysql data startup error reporting, so I found out that it was because SELinux was not closed, so this article simply records how SElinux was closed.
Preface
Baidu Encyclopedia: SELinux (Security-Enhanced Linux) is the implementation of mandatory access control by the US National Security Agency (NSA), and is the most outstanding new security subsystem in the history of Linux. The NSA, with the help of the Linux community, developed an access control system that restricts a process to only those files it needs for its mission. SELinux is installed by default on Fedora and Red Hat Enterprise Linux, and is also available as an easy-to-install package on other distributions.
SELinux is the Mandatory Access Control (MAC) system provided in version 2.6 of the Linux kernel. SELinux is the most comprehensive and well-tested of the Linux security modules available, building on 20 years of MAC research. SELinux incorporates multi-level security, or an optional multi-class policy, in a type-enforcing server, and employs the concept of role-based access control.
Most people who use SELinux use an SELinux-ready distribution such as Fedora, Red Hat Enterprise Linux (RHEL), Debian, or Centos. They all enable SELinux in the kernel, and provide a customizable security policy, and also provide many user-level libraries and tools, which can use SELinux functions.
SELinux is a mandatory access control (MAC) security system based on the domain-type model (domain-type). It is written by NSA and designed as a kernel module to be included in the kernel. Some security-related applications are also patched with SELinux, and finally there is a corresponding security policy. Any program has full control over its resources. Suppose a program intends to dump files containing potentially important information into the /tmp directory, then no one can stop it in the case of DAC. SELinux provides better access control than traditional UNIX permissions.
1.2.1 View the current status of SElinux
方法一:# cat /etc/selinux/config
If SELinux status is Enforcing, it is enabled (as shown in the figure below).
Method 2: #getenforce 0
If Enforcing is displayed, it is enabled (as shown in the figure below)
1.2.2 Close SElinux
1. Temporarily shut down (do not need to restart the server)
enter the command: setenforce 0
setenforce 0
Then enter the command: getenforce 0 to check, and it becomes Permissive at this time, which means that SElinux is closed successfully.
getenforce 0
2. Permanent shutdown (need to restart the server)
Step 1: Enter the command: vim /etc/selinux/config
vim /etc/selinux/config
Step 2: Edit selinux=disabled
Step 3: Restart the server
1. Installation of samba server
Enter yum -y install samba in the terminal to install
yum -y install samba
2. Start the samba server
Generally speaking, after installing samba, it will run automatically
systemctl start smb.service
shut down the samba server
systemctl stop smb.service
3. Configure samba
The samba configuration file is in smb.conf under /etc/samba. The location of the configuration file may be different for different Linux versions, and you can find it online.
What needs to be configured is which directory to share and the access rights of this directory
First enter the location of the configuration file
cd /etc/samba
Enter ls to view the contents of the directory
ls
lmhosts smb.conf smb.conf.example
You can see that there are three, namely lmhosts, smb.conf and smb.conf.example. Among them, smb.conf is the configuration file we need to modify. In order to avoid modification errors, it is best to make a backup
cp smb.conf bak_smb.conf
Edit the configuration file
If you are using the vi editor, you can press G in the command line mode to directly position the cursor to the last line, and then press i to edit) Add the following code at the end of smb.conf ( 注意:是writable不是writeable,没有e,然后前面是退格键Tab)
vim smb.conf
Explain the meaning of each line:
[linux_share]: In the configuration file, if you want to add a new function, use square brackets, and then write the name inside. Here, the shared file function is named linux_share
. : means
browseable
4. Configure samba user permissions
samba has its own set of users and passwords, command to add samba users
smbpasswd -a linux
//-a表示add,linux是虚拟机中已经有的用户名
//如果没有linux用户可以创建
mkdir -p /home/linux/lab
5. Restart the samba service
systemctl restart smb.service
6. Log in to samba under Windows
Below the SAMBA under Windows, enter the operation in the start menu, enter the \++IP
Linux end IP can enter ifconfig through the terminal to get click OK.
The
name that the network drives is to configure the name of the Chinese bracket in the third step. At this time, the information prompt can see the file in the sharing directory. You can also see EXAMPLE.C created on the Windows side in the Linux side, indicating that we have achieved file sharing. You can also see on the line of Linux. You can also see on the Windows side
.
7. Map a network drive
In order to better experience the function of sharing files, you can also add the shared file directory as a drive letter under Windows like Windows.
The operation is as follows:
Find the mapped network drive in this computer, click "Map Network Drive"
and then enter the following, click Finish
Just choose a drive letter (I chose the Z drive in advance), followed by linux_share (the function name you set in the third step), click OK, and you will find that there is an extra Z drive. Double-click the newly added drive, and you can operate the files under Linux just like operating the files under Windows
.
Summarize
The above is what I want to talk about today. This article only briefly introduces the construction of the Samba server. See you in the next chapter.