How to configure and manage samba server on Linux/centos?
1 Knowledge related to samba service
sambaThe server enables users to share file systems between heterogeneous network operating systems;sambaThe server provides a tool forWindowssharing user directories in the environment ;LinuxlinuxAfter installing it in ,sambayou just need towindowsdo some login in to access it.
1.1 SMB protocol
WindowsThe system usesTCP/IPthe underlying protocol to sendNetBOISrequests, and inNetBOISthe upper layer, it usesSMB(server message block)the protocol as a high-level interface to realizewindowsresource sharing such as files and printing in the network environment;SMBNetBOISThe application program interface usedAPI, the port is generally139,445;- It is an open protocol, allowing protocol expansion;
- There are approximately 65 top-level jobs, each with over 120 functions;
CIFS(common Internet File system)It is an enhanced version ofSMBthe protocol.
1.2 How samba works
1.2.1 Related processes
sambaThe server consistssmbdofnmbdtwo daemon processes. Each process can be started independently or using/etc/rc.d/init.d/smbstartup;
smbd : Provides file and print sharing services for Windows users;
nmbd : Performs NetBIOS name resolution and maps the NetBIOS name in the information in the Windows SMB request to an IP address in Linux.
1.2.2 samba workflow
1.2.3 samba function
- file and printer sharing;
- Authentication and permission settings;
- name resolution;
- Browse services.
2 samba server installation
2.1 Installation using CD-ROM drive
centosDo the following :
- Insert
linuxthe system's installation CD into the CD-ROM drive and create:
mkdir /mnt/cdrom
- Mount the CD in read-write mode in the following directory:
mount /dev/cdrom /mnt/cdrom
- Make yum source file
/etc/yum.repos.d/cdrom.repo:
[cdrom]
name = cdrom
baseurl = file:///mnt/cdrom
gpgcheck = 0
enabled = 1
2.2 Using CD mapping files
Do the following centos(I use this method):
-
If there is no optical drive, just use the operating system's mapping file;
-
Upload the mapping file
.isoto the bottomlinuxof the toproot, for exampleCentOS-7-x86_64-Everything-2003.iso;
-
Create a new
isodirectory and hang the mapping file in this directory:
mkdir /mnt/iso
mount -o loop /root/CentOS-7-x86_64-Everything-2003.iso /mnt/iso
- Make yum
源file/etc/yum.repos.d/iso.repo:
[iso]
name = iso
baseurl = file:///mnt/iso
gpgcheck = 0
enabled = 1
- Just install using the following naming:
yum -y install samba
- You can use the command to check the installation status:
rpm -qa | grep samba
3 Start and stop the samba service
- Start
sambathe service:
systemctl start smb.service
- Stop the samba service:
systemctl stop smb.service
- Restart
sambathe service:
systemctl restart smb.service
- Reload
sambaservice:
systemctl reload smb.service
- Self-starting
sambaservice at boot:
systemctl enable smb.service
# 查看是否开机自启
systemctl list-unit-files | grep smb
- Cancel the auto-start
sambaservice at boot:
systemctl disable smb.service
- Check
sambaservice status:
systemctl status smb.service
4 Configure samba server
4.1 samba main configuration file smb.conf
4.1.1 Introduction to samba configuration
- The configuration file
/etc/sambais below :
- The configuration information is as follows:
- illustrate:
① The beginning mainly introduces the function of samba;
② #: for comments;
③;: format example;
4.1.2 Global variables
globalMainly global variables;
[global]
workgroup = SAMBA # 设置samba的工作组
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
- Partial field analysis:
| Field | method | illustrate |
|---|---|---|
workgroup |
workgroup=<workgroup> | Set up samba serverworkgroup |
server string |
server string=<description> | Set samba servercomments |
host allow |
host allow= <IP>address |
Limit samba serverthe machines you are allowed to link to |
security |
security=<level> | Set security level for access |
password level |
password level=<digits> | Password length |
username level |
username level=<number of digits> | Username length |
encrypt passwords |
encrypt passwords=<yes/no> | Set whether to sambaencrypt passwords |
smd password file |
smd password file=<password file> | Set sambapassword file |
4.1.3 Shared services
- The sharing part includes [
home], [printer], [custom share name]; samba[home], [printer] sharing is enabled by default;- You can create a shared directory yourself with the following format:
[共享名]
字段 = 设置值
......
- Field description:
| Field | illustrate |
|---|---|
comment |
Notes |
path |
Full path to shared resource |
browseable |
Set whether to display the shared directory when browsing resources |
public |
Set whether to allow anonymous access |
read only |
Whether to access shared resources in read-only mode |
writeable |
Whether to allow users to write operations |
vaild users |
Set up a specific user |
write list |
User or group allowed to write |
4.2 Logs and accounts of samba service
4.2.1 samba service log file
- Table of contents:
/var/log/samba
- The storage path and capacity of the log file can be set by modifying the following files:
# smb.conf
log file = /var/log/samba/log.%m
max log size = 50
4.2.2 samba service password file
- Table of contents:
/etc/samba/smbpasswd
sambaThe command to add an account is:
smbpasswd -a 用户名
5 Configure samba client
5.1 Test samba server in linux
smbclientOrder:
smbclient -L 目标IP地址或主机名 -U 登陆用户名%密码
mountOrder:
mount -t cifs //目标IP地址或主机名/共享目录名 挂载点 -o username=用户名,password=密码
5.2 Test the samba server in windows
- Start-Run, enter
linuxthe shared directory; linuxYou can also open the shared directory entered in the file browser ;
6 Practical examples
6.1 Example description
Shared file server, the file name is workgroup; the directory is /mnt/public; the share name is public; everyone is allowed to ask questions.
6.2 Implementation process
- Create a new directory:
mkdir /mnt/public
touch /mnt/public/test1.txt /mnt/public/test2.txt
- Modify
smb.conffile:
[public]
comment = Public
path = /mnt/public
public = yes
browseable = yes
guest ok = yes
- Open the graphical interface to allow the firewall
sambaservice to pass (Applications-Miscellaneous-Firewall); - Settings
Selinuxare set toPermissive:
getenforce
setenforce 0
getenforce
- Visit via
linux:
smbclient //192.168.0.190/public -U root
- Add
rootthe join tosambathe account:
smbpasswd -a root
- If you cannot access through
windowsaccess, you need to enableSMBfile sharing support:
