How to configure and manage samba server on Linux/centos?
1 Knowledge related to samba service
samba
The server enables users to share file systems between heterogeneous network operating systems;samba
The server provides a tool forWindows
sharing user directories in the environment ;Linux
linux
After installing it in ,samba
you just need towindows
do some login in to access it.
1.1 SMB protocol
Windows
The system usesTCP/IP
the underlying protocol to sendNetBOIS
requests, and inNetBOIS
the upper layer, it usesSMB(server message block)
the protocol as a high-level interface to realizewindows
resource sharing such as files and printing in the network environment;SMB
NetBOIS
The application program interface usedAPI
, the port is generally139,445
;- It is an open protocol, allowing protocol expansion;
- There are approximately 65 top-level jobs, each with over 120 functions;
CIFS(common Internet File system)
It is an enhanced version ofSMB
the protocol.
1.2 How samba works
1.2.1 Related processes
samba
The server consistssmbd
ofnmbd
two daemon processes. Each process can be started independently or using/etc/rc.d/init.d/smb
startup;
smbd : Provides file and print sharing services for Windows users;
nmbd : Performs NetBIOS name resolution and maps the NetBIOS name in the information in the Windows SMB request to an IP address in Linux.
1.2.2 samba workflow
1.2.3 samba function
- file and printer sharing;
- Authentication and permission settings;
- name resolution;
- Browse services.
2 samba server installation
2.1 Installation using CD-ROM drive
centos
Do the following :
- Insert
linux
the system's installation CD into the CD-ROM drive and create:
mkdir /mnt/cdrom
- Mount the CD in read-write mode in the following directory:
mount /dev/cdrom /mnt/cdrom
- Make yum source file
/etc/yum.repos.d/cdrom.repo
:
[cdrom]
name = cdrom
baseurl = file:///mnt/cdrom
gpgcheck = 0
enabled = 1
2.2 Using CD mapping files
Do the following centos
(I use this method):
-
If there is no optical drive, just use the operating system's mapping file;
-
Upload the mapping file
.iso
to the bottomlinux
of the toproot
, for exampleCentOS-7-x86_64-Everything-2003.iso
;
-
Create a new
iso
directory and hang the mapping file in this directory:
mkdir /mnt/iso
mount -o loop /root/CentOS-7-x86_64-Everything-2003.iso /mnt/iso
- Make yum
源
file/etc/yum.repos.d/iso.repo
:
[iso]
name = iso
baseurl = file:///mnt/iso
gpgcheck = 0
enabled = 1
- Just install using the following naming:
yum -y install samba
- You can use the command to check the installation status:
rpm -qa | grep samba
3 Start and stop the samba service
- Start
samba
the service:
systemctl start smb.service
- Stop the samba service:
systemctl stop smb.service
- Restart
samba
the service:
systemctl restart smb.service
- Reload
samba
service:
systemctl reload smb.service
- Self-starting
samba
service at boot:
systemctl enable smb.service
# 查看是否开机自启
systemctl list-unit-files | grep smb
- Cancel the auto-start
samba
service at boot:
systemctl disable smb.service
- Check
samba
service status:
systemctl status smb.service
4 Configure samba server
4.1 samba main configuration file smb.conf
4.1.1 Introduction to samba configuration
- The configuration file
/etc/samba
is below :
- The configuration information is as follows:
- illustrate:
① The beginning mainly introduces the function of samba;
② #: for comments;
③;: format example;
4.1.2 Global variables
global
Mainly global variables;
[global]
workgroup = SAMBA # 设置samba的工作组
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
- Partial field analysis:
Field | method | illustrate |
---|---|---|
workgroup |
workgroup=<workgroup> | Set up samba server workgroup |
server string |
server string=<description> | Set samba server comments |
host allow |
host allow= <IP> address |
Limit samba server the machines you are allowed to link to |
security |
security=<level> | Set security level for access |
password level |
password level=<digits> | Password length |
username level |
username level=<number of digits> | Username length |
encrypt passwords |
encrypt passwords=<yes/no> | Set whether to samba encrypt passwords |
smd password file |
smd password file=<password file> | Set samba password file |
4.1.3 Shared services
- The sharing part includes [
home
], [printer
], [custom share name]; samba
[home
], [printer
] sharing is enabled by default;- You can create a shared directory yourself with the following format:
[共享名]
字段 = 设置值
......
- Field description:
Field | illustrate |
---|---|
comment |
Notes |
path |
Full path to shared resource |
browseable |
Set whether to display the shared directory when browsing resources |
public |
Set whether to allow anonymous access |
read only |
Whether to access shared resources in read-only mode |
writeable |
Whether to allow users to write operations |
vaild users |
Set up a specific user |
write list |
User or group allowed to write |
4.2 Logs and accounts of samba service
4.2.1 samba service log file
- Table of contents:
/var/log/samba
- The storage path and capacity of the log file can be set by modifying the following files:
# smb.conf
log file = /var/log/samba/log.%m
max log size = 50
4.2.2 samba service password file
- Table of contents:
/etc/samba/smbpasswd
samba
The command to add an account is:
smbpasswd -a 用户名
5 Configure samba client
5.1 Test samba server in linux
smbclient
Order:
smbclient -L 目标IP地址或主机名 -U 登陆用户名%密码
mount
Order:
mount -t cifs //目标IP地址或主机名/共享目录名 挂载点 -o username=用户名,password=密码
5.2 Test the samba server in windows
- Start-Run, enter
linux
the shared directory; linux
You can also open the shared directory entered in the file browser ;
6 Practical examples
6.1 Example description
Shared file server, the file name is workgroup; the directory is /mnt/public; the share name is public; everyone is allowed to ask questions.
6.2 Implementation process
- Create a new directory:
mkdir /mnt/public
touch /mnt/public/test1.txt /mnt/public/test2.txt
- Modify
smb.conf
file:
[public]
comment = Public
path = /mnt/public
public = yes
browseable = yes
guest ok = yes
- Open the graphical interface to allow the firewall
samba
service to pass (Applications-Miscellaneous-Firewall); - Settings
Selinux
are set toPermissive
:
getenforce
setenforce 0
getenforce
- Visit via
linux
:
smbclient //192.168.0.190/public -U root
- Add
root
the join tosamba
the account:
smbpasswd -a root
- If you cannot access through
windows
access, you need to enableSMB
file sharing support: