一,简介:
Samba既可以用于windows与Linux之间的文件共享,也可以用于Linux与Linux之间的资源共享,由于NFS(网络文件系统)可以很好的完成Linux与Linux之间的数据共享,因而 Samba较多的用在了Linux与windows之间的数据共享上面。
组成Samba运行的有两个服务,一个是SMB,另一个是NMB;SMB是Samba 的核心启动服务,主要负责建立 Linux Samba服务器与Samba客户机之间的对话, 验证用户身份并提供对文件和打印系统的访问,只有SMB服务启动,才能实现文件的共享,监听139 TCP端口;而NMB服务是负责解析用的,类似与DNS实现的功能,NMB可以把Linux系统共享的工作组名称与其IP对应起来,如果NMB服务没有启动,就只能通过IP来访问共享文件,监听137和138 UDP端口。
二,系统环境
操作系统:CentOS-6.5-x86_64-minimal
防火墙:disable
三,安装samba服务
即可使用yum工具安装,也可以使用挂载光盘进行安装。有依赖关系的包samba-common,samba-winbind-clients,libsmbcliet将自动安装上去。
[root@localhost ~]# yum install samba samba-client samba-swat
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.yun-idc.com
* extras: ftp.sjtu.edu.cn
* updates: mirrors.yun-idc.com
http://mirrors.btte.net/centos/6.7/extras/x86_64/repodata/repomd.xml: [Errno 14] PYCURL ERROR 6 - "Couldn't resolve host 'mirrors.btte.net'"
Trying other mirror.
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
Package samba-3.6.23-20.el6.x86_64 already installed and latest version
Package samba-swat-3.6.23-20.el6.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package samba-client.x86_64 0:3.6.23-20.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================
Package Arch Version Repository Size
===========================================================================================
Installing:
samba-client x86_64 3.6.23-20.el6 base 11 M
Transaction Summary
===========================================================================================
Install 1 Package(s)
Total download size: 11 M
Installed size: 39 M
Is this ok [y/n]: y
2,查看安装的状况
[root@localhost ~]# rpm -qa |grep samba
samba-winbind-3.6.23-20.el6.x86_64
samba-common-3.6.23-20.el6.x86_64
samba-swat-3.6.23-20.el6.x86_64
samba-winbind-clients-3.6.23-20.el6.x86_64
samba-3.6.23-20.el6.x86_64
3,安装包说明:
samba-common-3.5.10-125.el6.x86_64 //主要提供samba服务器的设置文件与设置文件语法检验程序testparm
samba-client-3.5.10-125.el6.x86_64 //客户端软件,主要提供linux主机作为客户端时,所需要的工具指令集
samba-swat-3.5.10-125.el6.x86_64 //基于https协议的samba服务器web配置界面
samba-3.5.10-125.el6.x86_64 //服务器端软件,主要提供samba服务器的守护程序,共享文档,日志的轮替,开机默认选项
备注:samba服务器安装完毕,会生成配置文件目录/etc/samba和其他一些samba可执行工具,/etc/samba/smb.conf是samba的核心配置文件
4,启动samba服务器常用的命令:
/etc/init.d/smb start | stop |restart 或 service smb start | stop | restart
[root@localhost ~]# service smb start
Starting SMB services: [ OK ]
[root@localhost ~]# service smb status
smbd (pid 24789) is running...
(一)配置samba服务
Samba的主配置文件为:/etc/samba/smb.conf
主配置文件有两部分构成
Global Settings (它的设置项目是针对所有的共享资源的)
Share Definitions (针对的是共享目录个别的设置,只对当前共享资源起作用)
具体的配置看下边的实例:
案例一:公司现有一个工作组workgroup,现需要文件服务器作为文件服务器,并发布共享目录为/share 共享名为public允许所有的员工访问。
1,修改/etc/samba/smb.conf文件
#======================= Global Settings =====================================
[global] //该设置与Samba服务整体运行环境有关,它的设置项目针对所有共享资源
# ----------------------- Network Related Options -------------------------
#
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
#
# server string is the equivalent of the NT Description field
#
# netbios name can be used to specify a server name not tied to the hostname
workgroup = WORKGROUP //定义工作组,也就是windows中的工作组概念
server string = David Samba Server Version %v //定义Samba服务器的简要说明
netbios name = DavidSamba //定义windows中显示出来的计算机名称
# --------------------------- Logging Options -----------------------------
#
# Log File let you specify where to put logs and how to split them up.
log file = /var/log/samba/log.%m //定义Samba用户的日志文件,%m代表客户端主机名
//Samba服务器会在指定的目录中为每个登陆主机建立不同的日志文件
# ----------------------- Standalone Server Options ------------------------
#
# Scurity can be set to user, share(deprecated) or server(deprecated)
security = share //共享级别,用户不需要账号和密码即可访问
#============================ Share Definitions ==============================
[public] //设置针对的是共享目录个别的设置,只对当前的共享资源起作用
comment = Public Stuff //对共享目录的说明文件,自己可以定义说明信息
path = /share //用来指定共享的目录,必选项
public = yes //所有人可查看,等效于
2,使用testparm 命令测试smb.conf配置是否正确
[root@localhost share]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[public]"
Processing section "[ts]"
Processing section "[HR]"
Processing section "[FM]"
Processing section "[TS]"
Processing section "[Share]"
WARNING: The security=share option is deprecated
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
3,创建共享目录和文件
[root@localhost share]# mkdir /share
[root@localhost ~]# cd /share/
[root@localhost share]# ll
total 8
-rw-r--r--. 1 nobody nobody 0 Oct 16 16:08 1.txt
-rwxr--r--. 1 nobody nobody 43 Oct 19 17:14 2.txt
-rwxr-----. 1 nobody nobody 6 Oct 19 17:18 ddd .txt
4,给share文件夹赋权限
[root@localhost share]# chown -R nobody:nobody /share
[root@localhost share]# ll /share/
total 8
-rw-r--r--. 1 nobody nobody 0 Oct 16 16:08 1.txt
-rwxr--r--. 1 nobody nobody 43 Oct 19 17:14 2.txt
-rwxr-----. 1 nobody nobody 6 Oct 19 17:18 ddd .txt
5,重启smb服务
[root@localhost share]# /etc/init.d/smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
6,在Windows下访问samba服务器的共享:
案例二:因业务需要,有共享目录ts,以便ts部门人员浏览查看,需要输入个人密码才可以访问。
1,添加ts部门组和用户并设置相应的密码
[root@localhost ~]# groupadd ts
[root@localhost ~]# useradd -g ts user1
[root@localhost ~]# useradd -g ts user2
[root@localhost ~]# passwd user1
Changing password for user user1.
New password:
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successful
[root@localhost ~]# passwd user2
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
2,创建ts目录文件夹
[root@localhost ~]# mkdir /ts
3,将刚才建立的两个账号添加到samba账号中(smbpasswd -a user1)
[root@localhost ~]# smbpasswd -a user1
New SMB password:
Retype new SMB password:
Added user user6.
3,修改主配置文件:vim /etc/smb/smb.conf
#======================= Global Settings =====================================
[global]
# ----------------------- Network Related Options -------------------------
#
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
#
# server string is the equivalent of the NT Description field
#
# netbios name can be used to specify a server name not tied to the hostname
workgroup = WORKGROUP
server string = David Samba Server Version %v
netbios name = DavidSamba
# --------------------------- Logging Options -----------------------------
#
# Log File let you specify where to put logs and how to split them up.
log file = /var/log/samba/log.%m
# ----------------------- Standalone Server Options ------------------------
#
# Scurity can be set to user, share(deprecated) or server(deprecated)
security = user //用户级别,由提供服务的Samba服务器负责检查账户和密码
#============================ Share Definitions ==============================
[homes] //设置用户宿主目录
comment = Home Directories
browseable = no
writable = yes
; valid users = %S
; valid users = MYDOMAIN\%S
[public]
comment = Public Stuff
path = /share
public = yes
[ts] //ts 组目录,只允许ts组成员访问
comment = TS
path = /ts
valid users = @ts
4,重启smb服务
[root@localhost ~]# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
5,在windows下访问
备注:给samba服务器添加用户最简单的步骤:
1,groupadd test 创建组
2, useradd -g test user1 创建用户并把用户添加到组中
3,passwd user1 设置用户的密码
4,smbpasswd -a liqingbiao 把user1账号添加到samba的账号中
即可通过该smaba的用户名和密码进行访问了
smaba常用的命令
testparm 测试smb.conf配置是否正确
smbstatus #就可以查出那些用户在用samba相关的资料
pdbedit -L 查看服务器注册的用户
service smb start | status | restart | stop