Author: North-South-North, is increasing in ... ... we need your participation;
from: League of Legends Community
Profile: This article only talk about our most popular Linux and Windows to share files, mainly for novice pointed to the road . How to build the most simple Samba server, and tells experiencing problems should find solutions where; being updated in the hope that your participation ... ... thank you;
table of Contents
0, set up the premise of the Samba server; 0.1 viewer file content and edit documents;0.2 on files and directories related;
03 users and user groups related;
04 process management; 1 Introduction Samba
2 Samba functions and applications
3 Samba two server-related start the program, the client and server configuration files; 3.1 Samba server has two, one is smbd, the other is nmbd;
3.2 port and view the Samba server's firewall;
3.3 view the configuration file of the Samba server;
3.4 Samba in Linux some tools (server and client);
3.5 common tools in Linux, Windows Linux shared view of the method; 3.5.1 View In the Linux system to share files and network Windows Samba file sharing on Linux;
3.5.2 access way Linux Samba server to share files in Windows;
Mounting 3.5.3 smbfs file system;
4 Speaking from a simple example, the anonymous user readable and writable implemented;
The first step: Change smb.confsecond step: to establish the appropriate directory and authorization;
third step: start smbd and nmbd server;
Step 4: Check smbd process, confirm Samba server is up and running;
Step five: Access Samba shared servers;
5, complex user sharing model a little (about 10 people for small businesses);
5.1 Share Permissions design features to achieve;5.2 create the appropriate directories on the server;
5.3 add users in the group, set permissions appropriate directory home directory; 5.3.1 Adding a user group;
5.3.2 Adding users;
5.3.3 to add samba user, and password;
5.3.4 configure permissions and ownership-related directories;
5.4 modify the Samba configuration file;
5.5 on client access;
5.5.1 Windows client access;
++++++++++++++++++++++++++++++++++++++++++++++++
text
+ +++++++++++++++++++++++++++++++++++++++++++++++
0, set up the premise of the Samba server;
Linux is a multi-user operating system, set up on any server associated with all users, user groups and permissions, which is the basis of operation. Samba server is no exception to this knowledge is also very important. On a Windows system, although it can stand a shared file server, but it's really flattered access control. If we use the Windows system to rack network shared file system, the mouse is also able to point us confused. But in Linux, we can easily modify it to read configuration files, less than a few minutes built their own Samba server. Which is easier, only you know;
For Samba server set up, some brothers simply that, as long as the configuration file change it, created the appropriate directory on the line. In fact not the case, but also in-depth work, such as directory permissions and ownership, that which allows users and user groups to read or write. Only shared directory permissions and profiles combine in order to stand a good Samba server;
The following are commonly used in the basics, what we covered in this article can be found below in the appropriate interpretation of the list;
0.1 viewer file content and edit documents;
"Linux file content viewer tool introduction"
"file editor vi"
0.2 on files and directories related;
"extension Linux file type and file"
"Linux file and directory management of the list, delete, copy, move and rename"
"Linux file and directory attributes,"
"Brief Linux File Search"
03 users and user groups related;
"Linux user (user) and user groups (group) Management Overview,"
"user (User) and user groups (Group) Detailed Profile"
"Linux User Management Tool Introduction"
"Linux users (User) inquiry chapter"
04 process management;
1 Samba Introduction
Samba (SMB is the acronym) is a network server for Linux and Windows to share files only; Samba which can be used to share files between Windows and Linux, the same used to share files between Linux and Linux; however, for sharing files between Linux and Linux has a better network file system NFS, NFS is also a need to set up a server;
We all know that each machine in a Windows network can be a file that is shared server or with a client; Samba can do it, too, such as a Linux machine, if the rack after Samba Server, which can act as a shared server but also do for the client to access other networks in the Windows shared file system, or other Linux's Sabmba server;
We in the Windows network, see the shared file functions to know that we can put directly to a shared folder as a local hard disk to use. In Linux, the shared file system is provided by the network machines in Samba, you can also share other machines in the network mount on the local machine; it says and FTP are not the same in a sense.
Samba netbios protocol used, if you use Samba unsuccessful,
Linux given Windows, Linux sum Linux
2 Samba features and applications
Samba should range mainly Windows and Linux coexist used in the network; if a network environment is Linux or Unix-like systems, there is no need to use Samba, NFS should use a little better;
Samba can provide that service does something for us? Mainly to share files and share printers;
3 Samba two server-related start the program, the client and server configuration files;
3.1 Samba has two servers, one SMB, is another NMB;
smb is the main Samba server is started, so that other machines can know what this machine is shared; if you do not open nmb server, it can only be accessed via IP, such as into the following one in the Windows IE browser to access;
\\192.168.1.5\共享目录
\\192.168.1.5\opt
The nmb is used to resolve, resolve what is it? It is to put Linux machine shared by the working group and the Working Group in this netbios name parsing out;
Under normal circumstances, the system RPM package, if the package is installed Samba RPM, generally Samba server may be initiated by the way;
[root@localhost ~]# /etc/init.d/smb start
启动 SMB 服务: [ 确定 ]
启动 NMB 服务: [ 确定 ]
If you stop it? Just add stop behind smb; reboot is restart
[root@localhost ~]# /etc/init.d/smb stop
[root@localhost ~]# /etc/init.d/smb restart
For all systems, a common approach is to directly run smb and nmb; of course you want to know smb and nmb directory where the job; when compiling the Samba, you should know where to put your Samba placed;
[root@localhost ~]# /usr/sbin/smbd
[root@localhost ~]# /usr/sbin/nmbd
Check whether the server is up and running, the following command is used;
[root@localhost ~]# pgrep smbd
[root@localhost ~]# pgrep nmbd
Turn off the Samba server, you can use the following methods, most common; to root privileges to perform;
[root@localhost ~]# pkill smbd
[root@localhost ~]# pkill nmbd
3.2 port and view the Samba server's firewall;
Check what use is it? Sometimes you might put a firewall port sealing of smbd server, so we should smbd server port occupied; see below, we know that the port is occupied by smbd 139 and 445;
[root@localhost ~]# netstat -tlnp |grep smb
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 10639/smbd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 10639/smbd
If you have a firewall, you must take these two ports open. If you do not know how to open. Maybe you, like me, a novice, or the firewall rules also cleared the line;
[root@localhost ~]# iptables -F
或
[root@localhost ~]# /sbin/iptables -F
3.3, see the Samba server configuration file;
If we use Linux distribution comes with the Samba package, the Samba server configuration file are generally located in / etc / samba directory, the primary server's configuration file is smb.conf; there are also households configuration file smbpasswd, smbusers and lmhosts, etc. (You better check the contents of these documents); and a file is secrets.tdb, the Samba file server is started automatically generated hand; we slowly according to the progress of the tutorial to appropriately increase these documents illustrate it ; all of a sudden say it, feeling too much content; it can only be a little bit;
3.4, Samba in Linux some of the tools (server and client);
smbcacls smbcontrol smbencrypt smbmount smbprint smbstatus smbtree
smbclient smbcquotas smbmnt smbpasswd smbspool smbtar smbumount
smbd nmbd mount
Where the server is smbd, nmbd, smbpasswd; other mostly client; these are not necessarily all need to be proficient, but at least have to be a few; such as smbmount (ie mount additional parameters usage), but also with smbclient Wait;
3.5 in Linux commonly used tool mount (smbmount) and smbclient; Windows Linux shared view method;
3.5.1 View Network in Linux systems share files in Windows and Samba shared file in Linux;
Under normal circumstances, we have to use smbclient; common usage is nothing more than the following;
[root@localhost ~]# smbclient -L //ip地址或计算机名
smbclient Samba is a Linux client, used to view shared resources on the server on a Linux machine, you can also like FTP, users can log on Samba server, you can also get to upload and download files put, unfortunately, it is not supported by Chinese friendly;
View resources on the server;
smbclient -L //IP [-U 用户名]
If your Samba server is configured for user mode, we should add "-U user name" and, if share mode, can also be omitted;
such as:
[root@localhost ~]# smbclient -L //192.168.1.3 -U sir01
Password: 请输入用户sir01的密码
If you are using share mode, you can not ignore the user and password directly;
[root@localhost ~]# smbclient -L //192.168.1.3
Password: 直接按回车
Log in as a user Samba server share
After a user logon shared, like FTP user would be able to, download, and download files; represented by uploading put expressed Download get;
smbclient //IP地址/共享文件夹 -U 用户
Description: IP address Everyone knows that you do not know your IP address, you can use / sbin / ifconfig to see; we shared folder is defined in smb.conf [shared folder], such as [sir01]. -U user name indicates Samba users;
such as:
[root@localhost ~]# smbclient //192.168.1.3/sir01 -U sir01
Password:
Domain=[LINUXSIR] OS=[Unix] Server=[Samba 3.0.21b-2]
smb: \> ls
Description: Log on to the Samba server, you can use some command smbclient, you can use FTP commands like the same upload and download files;
smbclient Command Description
Command Description ? Or help [command] help or offer help on a command ! [Shell command] used to perform SHELL command, or allow the user to enter the SHELL prompt cd [directory] switch to the specified folder on the server, not specified, smbclient then return to the current local directory lcd [directory] to switch to the directory specified by the client; dir or ls lists the files in the current directory; exit or quit exit smbclient GET file1 file2 file1 downloaded from the server and the local file name file2 exist on board; if you do not renamed, you can put file2 omitted mget file1 file2 file3 filen download multiple files from the server; md or mkdir directory create a directory on the server directory on the rd or rmdir directory delete server put file1 [file2] upload a server file file1, spread on the server renamed file2; mput file1 file2 fileN upload multiple files to a server
3.5.2 Access way Linux Samba server to share files in Windows;
This simple bar, the Internet brought home, will be able to see View workgroup, or on the browser and enter the following
\\ip地址或计算机名
So you can see what is shared on this machine, the mouse operation is complete; if you can not visit, do not forget to Linux firewall plan cleared away, or let the corresponding port through;
3.5.3 In Linux smbfs mount the file system;
mount usage, network load sharing files in the folder to the local machine; mount is used to mount the file system, SMB as a kind of network file system also can mount mount; smbmount with a mount in the final analysis, variant;
mount mount smbfs of usage;
mount -t smbfs -o codepage=cp936,username=用户名,password=密码 , -l //ip地址/共享文件夹名 挂载点
或
mount -t smbfs -o codepage=cp936,username=用户名,password=密码 , -l //计算机名/共享文件夹名 挂载点
或
mount -t smbfs -o codepage=cp936 //ip地址或计算机名/共享文件夹名 挂载点
smbmount usage:
smbmount -o username=用户名,password=密码 , -l //ip地址或计算机名/共享文件夹名 挂载点
smbmount //ip地址或计算机名/共享文件夹名 挂载点
Description:
If your server is to share shared, the need for a username and password to mount, if you want the password prompt, enter directly on the line; you can also use smbmount to mount, so no need to use mount -t smbfs specify the type of the file system;
For the mount point, we want to establish ourselves a folder, for example, we can build in / opt / smbhd, which made you say Forget it;
In the mount command, we found that there is such a parameter codepage = cp936, which is encoded by the server file system is specified, cp936 Simplified Chinese is, of course, you can use utf8 so on, try it.
If you mount the remote file system smbfs appear Simplified Chinese garbled to specify the encoding when we must consider the mount;
4, a talk by the simplest example, the anonymous user readable and writable implemented;
Step one: Change the smb.conf
Let's implement a simple function, so that all users can read and write a Samba server to share a folder; we want to change the look smb.conf; first of all you want to back what smb.conf file;
[root@localhost ~]# cd /etc/samba
[root@localhost samba]# mv smb.conf smb.confBAK
Then we have to re-create a smb.conf file;
[root@localhost samba]#touch smb.conf
Then we put this write the following in smb.conf;
[global]
workgroup = LinuxSir
netbios name = LinuxSir05
server string = Linux Samba Server TestServer
security = share
[linuxsir]
path = /opt/linuxsir
writeable = yes
browseable = yes
guest ok = yes
annotation:
[Global] this is a global configuration, it will be written section. Which has the following lines;
workgroup is workgroup displayed in Windows; here I set LINUXSIR (uppercase);
the NetBIOS name is displayed computer name in Windows;
Server String is the Samba server description, you can define your own; this is not what is important ;
Security this is the authentication and login, here we use the share; there is a good variety of authentication, this is one; another is commonly used user authentication methods; if the share, that is, do not set the user and password ;
[linuxsir] This is displayed in Windows shared directory;
path = can be set on the directory where you want to share;
whether writeable can write, here I writable;
if browseable can browse, you can; you can browse mean, in the working group we can see the shared folder. If you do not show up, then set browseable = no
guest ok anonymous users are logged on to guest identity;
The second step: to establish the appropriate directory and authorization;
[root@localhost ~]# mkdir -p /opt/linuxsir
[root@localhost ~]# id nobody
uid=99(nobody) gid=99(nobody) groups=99(nobody)
[root@localhost ~]# chown -R nobody:nobody /opt/linuxsir
Notes: About Authorization nobody, we first check with the id command information about the nobody user, user group also found him nobody, we should take this subject. Some systems nobody user group is not a nobody;
The third step: start smbd and nmbd server;
[root@localhost ~]# smbd
[root@localhost ~]# nmbd
Step 4: Check smbd process, confirm Samba server is up and running;
[root@localhost ~]# pgrep smbd
13564
13568
Step Five: Visit the Samba server share;
in Linux You can use the following commands to access;
[root@localhost ~]# smbclient -L //LinuxSir05
Password: 注:直接按回车
In Windows, you can use the following methods to access;
\\LinuxSir05\
5, complex user sharing model a little (about 10 people for small businesses);
For example, a company has five departments, namely linuxsir, sir01, sir02, sir03, sir04. We want to design a more secure file sharing model for the company. Each user has their own network disk, sir01 to sir04 also shared network drive; all users (including anonymous users) have a shared library, this library is read-only for security; all users (including anonymous users) there must be a final turn temporary file folder ... ....
5.1 Share Permissions design features to achieve;
1) linuxsir department has the authority to manage all SMB space;
2) sir01 sir04 to have their own space, and in addition to its own and outside linuxsir have permission, with absolute privacy of other users;
3) linuxsir01 to linuxsir04 have a common reading and writing space authority;
4) all users (including anonymous users) have a read access to space for the database, it is not required to write data.
5) sir01 to sir04 there is a common space for sir01 to sir04 of user privacy, we can not allow other users to access.
6) also have a space, so that all users can write, you can delete and other functions, on unrestricted rights for all users of temporary document transfer and other end;
5.2 create the appropriate directories on the server;
[root@localhost ~]# mkdir -p /opt/linuxsir
[root@localhost ~]# cd /opt/linuxsir
[root@localhost linuxsir]# mkdir sir01 sir02 sir03 sir04 sirshare sir0104rw sirallrw
[root@localhost linuxsir]# ls
sir01 sir0104rw sir02 sir03 sir04 sirallrw sirshare
Note: The function is as follows:
/opt/linuxsir 这是管理员目录,负责管理其下所有目录;
/opt/linuxsir/sir01 是sir01的家目录,用于私用,除了用户本身和linuxsir以外其它用户都是不可读不可写;
/opt/linuxsir/sir02 是sir02的家目录,用于私用,除了用户本身和linuxsir以外其它用户都是不可读不可写;
/opt/linuxsir/sir03 是sir03的家目录,用于私用,除了用户本身和linuxsir以外其它用户都是不可读不可写;
/opt/linuxsir/sir04 是sir04的家目录,用于私用,除了用户本身和linuxsir以外其它用户都是不可读不可写;
/opt/linuxsir/sirshare 所用用户(除了linuxsir有权限写入外)只读目录
/opt/linuxsir/sir0104rw 是用于sir01到sir04用户可读可写共用目录,但匿名用户不能读写;
/opt/linuxsir/sirallrw 用于所有用户(包括匿名用户)的可读可写;
5.3 Adding users in the group, set permissions appropriate directory home directory;
5.3.1 Add User Group;
[root@localhost ~]# /usr/sbin/groupadd linuxsir
[root@localhost ~]# /usr/sbin/groupadd sir01
[root@localhost ~]# /usr/sbin/groupadd sir02
[root@localhost ~]# /usr/sbin/groupadd sir03
[root@localhost ~]# /usr/sbin/groupadd sir04
[root@localhost ~]# /usr/sbin/groupadd sir0104
5.3.2 Adding users;
[root@cuc03 ~]# adduser -g sir01 -G sir0104 -d /opt/linuxsir/sir01 -s /sbin/nologin sir01
[root@cuc03 ~]# adduser -g sir02 -G sir0104 -d /opt/linuxsir/sir02 -s /sbin/nologin sir02
[root@cuc03 ~]# adduser -g sir03 -G sir0104 -d /opt/linuxsir/sir03 -s /sbin/nologin sir03
[root@cuc03 ~]# adduser -g sir04 -G sir0104 -d /opt/linuxsir/sir04 -s /sbin/nologin sir04
[root@cuc03 ~]# adduser -g linuxsir -d /opt/linuxsir -G linuxsir,sir01,sir02,sir03,sir04,sir0104 -d /opt/linuxsir -s /sbin/nologin linuxsir
Why add users? Please refer to:
"Linux file and directory attributes,"
"Linux User Management Tool Introduction"
Of course, we have to learn to use tools to view user information, such as a finger and id to view user information, mainly to see if the user adds correct; for example; refer to "Linux users (User) inquiry chapter"
[root@localhost ~]# id linuxsir
[root@localhost ~]# finger linuxsir
5.3.3 add samba user, and password;
The method we use is to add users, but those users are adding virtual users because these users can not log into the system by SHELL; also worth noting that the system user password and Samba user's password is different. If you set the system the user can log in SHELL, the user can set different passwords and system users via Samba SHELL login password.
Let's add users via Samba smbpasswd, and set a password. It works by reading the / etc / passwd file exists in the user name.
[root@localhost sir01]# smbpasswd -a linuxsir
New SMB password: 注:在这里添加Samba用户linuxsir的密码;
Retype new SMB password: 注:再输入一次;
Using the same method to add sir01, sir02, sir03, sir04 password;
5.3.4 configure permissions and ownership-related directories;
[root@cuc03 ~]# chmod 755 /opt/linux
[root@cuc03 ~]# chown linuxsir:linuxsir /opt/linuxsir
[root@cuc03 ~]# cd /opt/linuxsir
[root@cuc03 ~]# chmod 2770 sir0*
[root@cuc03 ~]# chown sir01.linuxsir sir01
[root@cuc03 ~]# chown sir02.linuxsir sir02
[root@cuc03 ~]# chown sir03.linuxsir sir03
[root@cuc03 ~]# chown sir04.linuxsir sir04
[root@cuc03 ~]# chown linuxsir.sir0104 sir0104rw
[root@cuc03 ~]# chown linuxsir.linuxsir sirshare
[root@cuc03 ~]# chmod 755 sirshare
[root@cuc03 ~]# chown linuxsir:linuxsir sirallrw
[root@cuc03 ~]# chmod 3777 sirallrw
5.4 modify the Samba configuration file smb.conf;
Configuration file as follows, after modifying /etc/samba/smb.conf, do not forget to restart smbd and nmbd server;
[global]
workgroup = LINUXSIR
netbios name = LinuxSir
server string = Linux Samba Test Server
security = share
[linuxsir]
comment = linuxsiradmin
path = /opt/linuxsir/
create mask = 0664
#create mask是用户创建文件时的权限掩码;对用户来可读可写,对用户组可读可写,对其它用户可读;
directory mask = 0775
#directory mask 是用来设置用户创建目录时的权限掩码,意思是对于用户和用户组可读可写,对其它用户可读可执行;
writeable = yes
valid users = linuxsir
browseable = yes
[sirshare]
path = /opt/linuxsir/sirshare
writeable = yes
browseable = yes
guest ok = yes
[sirallrw]
path = /opt/linuxsir/sirallrw
writeable = yes
browseable = yes
guest ok = yes
[sir0104rw]
comment = sir0104rw
path = /opt/linuxsir/sir0104rw
create mask = 0664
directory mask = 0775
writeable = yes
valid users = linuxsir,@sir0104
#@sir0104是用户组;
browseable = yes
[sir01]
comment = sir01
path = /opt/linuxsir/sir01
create mask = 0664
directory mask = 0775
writeable = yes
valid users = sir01,@linuxsir
browseable = yes
[sir02]
comment = sir02
path = /opt/linuxsir/sir02
create mask = 0664
directory mask = 0775
writeable = yes
valid users = sir02,@linuxsir
browseable = yes
[sir03]
comment = sir03
path = /opt/linuxsir/sir03
create mask = 0664
directory mask = 0775
writeable = yes
valid users = sir03,@linuxsir
browseable = yes
[sir04]
comment = sir04
path = /opt/linuxsir/sir04
create mask = 0664
directory mask = 0775
writeable = yes
valid users = sir04,@linuxsir
browseable = yes
About 5.5 client access;
5.5.1 Windows access;
We open the Windows IE browser, with access method will be able to access the IP address, the format \\ 192.168.1.3 similar. Of course, you can also use the shared folder hanging locally. For example, we put sir01 hanging folder in the local, the user should sir01 mount, to mount the flowchart below;
6, update log;
2006/01/23 v0.1b
2006/01/24 v0.2b
7, reference documentation;
7, related documents;
"Samba file server user privilege model design and implementation of complex"
Reproduced in: https: //www.cnblogs.com/licheng/archive/2008/01/21/1047593.html