Linux learning -samba Service

Others 2019-12-18 16:22:09 views: null

A, Samba introduced

 Samba is a free software implementation of the SMB protocol on UNIX and Linux systems, consists of server and client programs.

 SMB (Server Messages Block, service information block) is a communication protocol to share files and printers on the LAN, which provides a shared service resource files and printers among different computers within the LAN is. The SMB protocol is a client / server type protocol, clients can access the shared file systems on servers, printers and other resources through the protocol. By setting "NetBIOS over TCP / IP" not only allows Samba to share resources with local area network host, but also to share resources with the computer world.

 CIFS: Common Internet File System Common Internet File System, is shared between windows host protocol, samba implement this agreement, it is possible to achieve file sharing between linux wondows and services.

 SAMBA features:

  File and print sharing, for online editors
  to achieve SAMBA user login authentication
  can be NetBIOS name resolution
  peripheral device sharing

Two, Samba service

1, the relevant package

  Samba smb provide services
  Samba-client client software
  samba-common common software
  cifs-utils smb client tools
  samba-winbind and AD-related

2, the service process

  smbd provide smb (cifs) service; listening port TCP: 139,445

  nmbd provide NetBIOS name solution; listening port UDP: 137,138

3, the configuration file

  The main configuration file: /etc/samba/smb.conf (see help through man smb.conf)

  Grammar checker: testparm [-v] [/etc/samba/smb.conf]

  Client Tools: smbclient, mount.cifs

  smb.conf configuration file: (# and; at the beginning of language called the comment, not case-sensitive)

    [Global] # global settings

    workgroup = name # specify the workgroup name
    server = string # master comment information
    netbios = name # specify the NetBIOS name
    interfaces # designated service listens on interfaces and IP
    hosts Host # allows you to specify the allow access to the host, the default allow all hosts to access, use commas, spaces , tab separated, such as the allow = 172.16 host. .example.com
    host host # denied the deny access to specified hosts
    config file = / etc / samba / conf.d /% U # separate user profile
    log file = / var / log / samba / log.% m # log different clients with different
    log level = 2 # log level, the default is 0, no logging
    max log size = 50 # log file reaches 50K, Rotate the polling, the unit KB
    Security three authentication way:
      report this content share: anonymous (CentOS7 no longer supported)
      the user: samba user (adopt a linux user, independent of samba password)
      Domain: use DC (DOMAIN CONTROLLER) certification
    passdb backend = tdbsam # password database format

    [Homes] # user's home directory share

    [Printers] # define the printer resources and services

    [Sharename] #-defined configuration from the shared directory

    [Share name] # remote network share name to see
    comment # comment information
    path # shared directory path
    public # shared can be accessed by the guest, the default no, and guest ok similar
    browsable # whether to allow all users to browse this share, default is yes, no hidden
    writable = yes # can be read for all users, the default is NO
    Read only NO = # equivalents and writable = yes, the conflict set as above, set to take effect on the back, read-only default
    write list # three forms: user @ group name, group name +, with the partition as writable = no, the list of users or groups can read and write, read-only users not in the list of
    valid users # specific user can access the shared, such as empty, will allow all users, user names separated by spaces

    Macro definitions:
      the NetBIOS name% m client host
      % H current user's home directory path
      % g current user belongs
      % NetBIOS name L samba server
      % T current date and time
      % M client host the FQDN
      % the U-current user username
      hostname% h samba server
      % I client IP host
      user name% S can be registered

4, samba user management

  Achieve samba users need to install samba-common-tools package, samba users must be Linux users, we recommend using / sbin / nologin

   [root@centos7 ~]# yum install -y samba-common-tools 

  Add samba user

   smbpasswd -a
   pdbedit -a -u

  Change password

   smbpasswd

  Delete user and password

   smbpasswd –x
   pdbedit –x –u

  View samba user list

   /var/lib/samba/private/passdb.tdb
   pdbedit –L –v

  View samba server status 

   smbstatus

5, smb client access

 1. UNC path: (Universal Naming Convention, Universal Naming Convention) format: \\ sambaserver \ sharename

 2. Under the login server using smbclient terminal

  smbclient -L instructor.example.com
  smbclient -L instructor.example.com -U smbuser
  smbclient //instructor.example.com/shared -U smbuser

  The -U% option to specify a user password, or specified by setting and exporting the environment variable USER and PASSWD

6, cifs mount the file system

 1. manually mount

  mount -o user=smbuser,password=centos //server/shared /mnt/smb

 2. Boot automatically mount

  cat / etc / fstab can replace user name and password of a file

  //server/shared /mnt cifs credentials=/etc/smb.txt 0 0

  Such as: //192.168.214.17/smbshare / mnt / CIFS Crendentials = smbshare / etc / smb.txt 0 0 (if it is needed to add sec = ntlmssp centos6 mount option)

  cat /etc/smb.txt

  username=smbuser

  password=centos

  chmod 600 /etc/smb.txt

Third, to achieve smb share

1, the experimental environment

  System: CentOS7.6

  Host: a server (192.168.214.17), a client (192.168.214.27)

  Software: samba (server-side), cifs-utils (client), CD yum source

2, the implementation process

 1 mounted on the package samba server

[root@centos7 ~]# yum install -y samba

 2. Create samba users and groups

[root@centos7 ~]# yum install -y samba-common-tools    #实现samba用户需要装此包
[root@centos7 ~]# groupadd -r smbgroup  
[root@centos7 ~]# useradd -s /sbin/nologin -G smbgroup smbuser1
[root@centos7 ~]# smbpasswd -a smbuser1  
[root@centos7 ~]# useradd -s /sbin/nologin smbuser2
[root@centos7 ~]# smbpasswd -a smbuser2

 3. Create samba shared directory, and set the SELinux

[the root @ centos7 ~] # mkdir / Data / smbshare 
[the root @ centos7 ~] # chgrp smbgroup / Data / smbshare 
[the root @ centos7 ~] # the chmod  2775 / Data / smbshare 
# Here is SELinux settings, SELinux off without providing 
[ @ centos7 the root ~] # samba_share_t the semanage fcontext -a -t ' /data/smbshare(/.*)? ' 
[centos7 the root @ ~] # the restorecon -vvFR / Data / smbshare

 4. samba server configuration

[centos7 the root @ ~] # Vim / etc / Samba / the smb.conf 
# in [Global] option, set the following two, if the default option, then do not change 
Security = User 
passdb backend = tdbsam 
# Here is the custom share configuration 
[smbshare] 
path = / the Data / smbshare 
writeable = NO
 the write List = @smbgroup #writeable = NO only when the user smbgroup group have write permission

 5. Start the samba service

[root @ centos7 ~ ] # systemctl Start smb nmb 
[root @ centos7 ~ ] # systemctl enable smb nmb # Set boot 
# The following is the firewall settings, closed without setting 
[root @ centos7 ~] # Firewall-cmd --permanent =-Service---add Samba 
[centos7 the root @ ~] # Firewall-cmd --reload

 6. Client Access test

[@ centos7- the root 27 ~] # yum  the install -Y CIFS- utils installation package # 
# smb mount with smbuser1 users share and access the 
[@ centos7 the root - 27 ~] # mkdir / mnt / smbuser1 
[@ centos7 the root - 27 ~ ] # Mount -o username = smbuser1 // 192.168.214.17/smbshare / mnt / smbuser1 
password for smbuser1 @ // 192.168.214.17/smbshare: ****** enter the password # 
# or a mount -o username = smbuser1, CentOS = password // 192.168.214.17/smbshare / mnt / smbuser1 
# Note centos6 mount also a plus when centos7 = mount option sec NTLMSSP 
# MountNTLMSSP sec = -o, smbuser1 = username, password = CentOS // 192.168.214.17/smbshare / mnt / smbuser1 
[@ centos7- the root 27 ~] # CD / mnt / smbuser1 /     # enter the mount directory 
[@ centos7 the root - 27 smbuser1] # LS   # you can see may visit 
a.txt Initial -setup- ks.cfg 
# smb.conf know from previous set, smbuser1 have write permission, smbuser2 no write permission, you can be the next test 
[root @ centos7 - 27 smbuser1] # Touch b.txt     
[root @ centos7 - 27 smbuser1] # LS     # smbuser1 successful 
a.txt b.txt Initial -setup- ks.cfg 
# smb share with smbuser2 users to mount and access
[centos7 the root @ -  27~] # mkdir / mnt / smbuser2 
[@ centos7 the root - 27 ~] # Mount -o smbuser2 = username, password = CentOS // 192.168.214.17/smbshare / mnt / smbuser2 
[@ centos7- the root 27 ~ ] # cd / mnt / smbuser2 /     
[root @ centos7 - 27 smbuser2] # LS     # you can see the mount successful 
a.txt b.txt Initial -setup- ks.cfg 
[root @ centos7 - 27 smbuser2] # Touch c .txt # can see no write permission
 Touch : cAN not Touch 'c.txt': permission denied

Guess you like

Origin www.cnblogs.com/hovin/p/12059228.html
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com