环境:CentOS Linux release 7.3.1611 (Core)
安装:yum install samba samba-client
配置samba
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
vim /etc/samba/smb .conf
[global] workgroup = WORKGROUP
server string = Samba Server Version % v
netbios name = zhi
map to guest = bad user
log file = /var/log/samba/log .%m
max log size = 50
security = user
passdb backend = tdbsam
[share] #无帐号密码即可访问
comment = share
path = /data/share
browseable= yes
create mask = 0644
directory mask = 0755
guest ok = yes #指定该共享是否允许guest账户访问即匿名访问 默认是no
[share1] #需要帐号密码才能访问
comment = share1
path = /data/share1
valid users = zhi #白名单用户或组
write list = zhi #可写用户或组列表
create mask = 0755
directory mask = 0755
|
share无需帐号即可访问,share1需要帐号才能访问。
samba的访问帐号需要设置,而且必须是系统用户。
创建系统用户
1
|
useradd zhi -s /sbin/nologin
|
设置samba帐号密码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
[root@jenkins samba] # pdbedit -a -u zhi
new password: retype new password: Unix username: zhi NT username: Account Flags: [U ] User SID: S-1-5-21-4122702104-983005384-4239704784-1000 Primary Group SID: S-1-5-21-4122702104-983005384-4239704784-513 Full Name: Home Directory: \\zhi\zhi HomeDir Drive: Logon Script: Profile Path: \\zhi\zhi\profile Domain: ZHI Account desc: Workstations: Munged dial: Logon time : 0
Logoff time : 三, 06 2月 2036 23:06:39 CST
Kickoff time : 三, 06 2月 2036 23:06:39 CST
Password last set : 日, 12 3月 2017 18:21:24 CST
Password can change: 日, 12 3月 2017 18:21:24 CST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF |
查看Samba用户列表
1
2
3
|
[root@jenkins samba] # pdbedit -L
zhi:1000: test :1001:
|
启动samba服务 systemctl start smb
共享目录的参数介绍
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
[MyShare] comment = grind’s file #对共享备注
path = /home/grind #共享文件系统路径
allow hosts = host(subnet) #允许访问的主机
deny hosts = host(subnet) #禁止访问的主机
writable = yes |no #是否可写
readonly = yes |no #是否只读
user = user(@group) #可使用该资源的用户
valid users = user(@group) #白名单用户或组
invalid users = user(@group) #黑名单用户或组
read list = user(@group) #只读用户或组列表
write list = user(@group) #可写用户或组列表
admin list = user(@group) #指定能管理该共享资源(包括读写和权限赋予等)的用户和组
public = yes |no #是否能给游客帐号访问
guest ok = yes |no #是否能给游客账号访问
hide dot files = yes |no #是否像unix那样隐藏以“.”号开头的文件
create mode = 0755 #指明新建立的文件的属性,一般是0755
directory mode = 0755 #指明新建立的目录的属性,一般是0755
sync always = yes |no #指明对该共享资源进行写操作后是否进行同步操作
short preserve case = yes |no #指明是否区分文件名大小写。
preserve case = yes |no #指明保持大小写。
case sensitive = yes |no #指明是否对大小写敏感,一般选no,不然可能引起错误。
mangle case = yes |no #指明混合大小写
default case = upper|lower #指明缺省的文件名是全部大写还是小写
force user = grind #强制把建立文件的属主是谁
wide links = yes |no #指明是否允许共享外符号连接
max connections = 100 #设定同时连接数
delete readonly = yes |no #指明能否删除共享资源里面已经被定义为只读的文件
|
本文转自 irow10 51CTO博客,原文链接:xxhttp://blog.51cto.com/irow10/1906906xxxxx,如需转载请自行联系原作者