安装相关软件:
yum -y install samba samba-client
查看Samba的版本信息: rpm -qi samba
启动Samba:
systemctl start smb
systemctl enable smb
防火墙配置:(TCP端口:139,445 UDP端口:137,138)
[root@centos8 ~]# firewall-cmd --zone=public --add-port={139/tcp,445/tcp} --permanent
success
[root@centos8 ~]# firewall-cmd --zone=public --add-port={137/udp,138/udp} --permanent
success
[root@centos8 ~]# firewall-cmd --reload
success
查看所有打开的防火墙端口:(虽然看不见TCP 22端口,但默认是可以访问的)
[root@centos8 ~]# firewall-cmd --zone=public --list-ports
80/tcp 139/tcp 445/tcp 137/udp 138/udp
必须要关闭SELinux:(否则客户端将无法访问共享文件夹的)
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
查看配置文件:
[root@centos8 ~]# cat /etc/samba/smb.conf |grep -v "^#"|grep -v ^"$"
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
######
用户验证共享:
修改samba的配置文件:
[root@centos8 ~]# vi /etc/samba/smb.conf
workgroup = SAMBA
修改为:(WORKGROUP是Windows默认的工作组名字)
workgroup = WORKGROUP
“security”指定samba的安全等级。用户验证默认就是user了
security = user
[global]下面加上 (不加的话,XP客户端可能会连接不上)
ntlm auth = yes
### 不加载打印机:
sed -i 's/load printers = yes/load printers = no/g' /etc/samba/smb.conf
人员:
财务部:c1(组长),c2(组员)
市场部:s1(组长),s2(组员)
主管:zhuohua
共享文件夹:
财务部,市场部,public
要求:
组员对自己部门的共享文件夹只有读取权限,对public文件夹只有读取权限
组长对自己部门的共享文件夹有完全权限,对public文件夹只有读取权限
所以人员都有自己的家目录,并且对家目录有完全权限
主管对所有共享文件夹都具有完全权限(但看不到其他人员的家目录的)
Samba用户必须先是系统用户,还必须有Samba密码(与系统用户的密码无关的)
管理Samba用户的两个命令:
smbpasswd --help
pdbedit --help
创建Samba用户:
useradd -s /sbin/nologin zhuohua
smbpasswd -a zhuohua
groupadd caiwu
useradd -g caiwu -s /sbin/nologin c1
useradd -g caiwu -s /sbin/nologin c2
smbpasswd -a c1
smbpasswd -a c2
groupadd shichang
adduser -g shichang -s /sbin/nologin s1
adduser -g shichang -s /sbin/nologin s2
smbpasswd -a s1
smbpasswd -a s2
查询所有的Samba用户: pdbedit -L
新建共享文件夹
mkdir -p /share/shichang
mkdir -p /share/caiwu
mkdir -p /share/public
权限必须为 777
chmod -R 777 /share/shichang/
chmod -R 777 /share/caiwu/
chmod -R 777 /share/public/
在配置文件中创建共享:
cat >>/etc/samba/smb.conf<< EOF
[财务部]
comment = caiwu
path = /share/caiwu
public = no
writeable = yes
valid users = @caiwu,zhuohua
read list = @caiwu
write list = c1,zhuohua
EOF
cat >>/etc/samba/smb.conf<< EOF
[市场部]
comment = shichang
path = /share/shichang
public = no
writeable = yes
valid users = @shichang,zhuohua
read list = @shichang
write list = s1,zhuohua
EOF
cat >>/etc/samba/smb.conf<< EOF
[public]
comment = public
path = /share/public
public = no
writeable = yes
valid users = @shichang,@caiwu,zhuohua
read list = @shichang,@caiwu
write list = zhuohua
EOF
测试配置的smb.conf是否正确,用下面的命令:
[root@centos8 ~]# testparm
修改了配置文件后,记得重新启动Samba服务:
[root@centos8 ~]# systemctl restart smb
加上任务计划:
[root@centos8 ~]# crontab -e
追加:
*/1 * * * * chmod -R 777 /share/
客户端测试:
备注:实验达到要求 ^_^ ^_^
笺注:
要是不想显示用户的宿主目录,可以修改配置文件(/etc/samba/smb.conf),把下面6行代码删除,再重启Samba服务即可
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
#########
修改Samba用户的密码:
锁定Samba用户:(用户无法访问共享)
解锁Samba用户:
删除Samba用户:
相关文章:
CentOS8_Samba匿名共享
CentOS6_Samba用户验证(一) |