Centos7.4 samba伺服器部署和測試.md
阿新 • • 發佈:2018-11-21
關閉防火牆以及關閉防火牆開機自啟
[[email protected] tmp]# systemctl stop firewalld.service
[[email protected] tmp]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
關閉selinux
- 臨時關閉
[[email protected] ~]# setenforce 0 # 檢視SeLinux狀態 [[email protected] ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: error (Success) Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28
- 永久關閉selinux,需要重啟系統
[[email protected] tmp]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
# 將SELINUX=enforcing 改成SELINUX=disabled
# 重啟後檢視selinux裝填
[[email protected] ~]# sestatus
SELinux status: disabled
安裝samba伺服器
- 安裝
[[email protected] tmp]# yum install samba -y
# 檢視安裝
[[email protected] tmp]# rpm -qa | grep samba
samba-common-libs-4.7.1-9.el7_5.x86_64 // samba、cifs客戶端和伺服器都使用的庫
samba-client-libs-4.7.1-9.el7_5.x86_64 // SMB/CIFS 客戶端命令所需要的庫
samba-libs-4.7.1-9.el7_5.x86_64 // samba -libs包包含針對Samba套件提供的SMB、RPC和其他協議進行連結的程式所需的庫。
samba-4.7.1-9.el7_5.x86_64 //伺服器端軟體,主要提供samba伺服器的守護程式,共享文件,日誌的輪替,開機預設選項
samba-common-4.7.1-9.el7_5.noarch //主要提供samba伺服器的設定檔案與設定檔案語法檢驗程式testparm
samba-common-tools-4.7.1-9.el7_5.x86_64 // 用於samba伺服器和客戶端的庫
# Samba伺服器安裝完畢,會生成配置檔案目錄/etc/samba,/etc/samba/smb.conf是samba的核心配置檔案。
- 檢視服務狀態和啟動服務
# 檢視服務狀態
[[email protected] tmp]# systemctl status smb.service
● smb.service - Samba SMB Daemon
Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled; vendor preset: disabled)
Active: inactive (dead)
# 啟動服務並開機自啟動
[[email protected] tmp]# systemctl enable smb.service
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
[[email protected] tmp]# systemctl start smb.service
[[email protected] tmp]# systemctl status smb.service
● smb.service - Samba SMB Daemon
Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2018-11-10 00:46:07 CST; 7s ago
Main PID: 14985 (smbd)
Status: "smbd: ready to serve connections..."
CGroup: /system.slice/smb.service
├─14985 /usr/sbin/smbd --foreground --no-process-group
├─14987 /usr/sbin/smbd --foreground --no-process-group
├─14988 /usr/sbin/smbd --foreground --no-process-group
└─14989 /usr/sbin/smbd --foreground --no-process-group
Nov 10 00:46:07 localhost.localdomain systemd[1]: Starting Samba SMB Daemon...
Nov 10 00:46:07 localhost.localdomain smbd[14985]: [2018/11/10 00:46:07.642957, 0] ../lib/util/become_daemon.c:124(daemon_ready)
Nov 10 00:46:07 localhost.localdomain smbd[14985]: STATUS=daemon 'smbd' finished starting up and ready to serve connections
Nov 10 00:46:07 localhost.localdomain systemd[1]: Started Samba SMB Daemon.
- 配置服務(/etc/samba/smb.conf)
# 1.建立1個tc組,tc組裡有兩個人(develop和manjingliu)
# 2.建立這兩個使用者,並加入到tc組裡面
[[email protected] tmp]# groupadd tc
[[email protected] tmp]# useradd develop
[[email protected] tmp]# useradd manjingliu
useradd: user 'manjingliu' already exists
[[email protected] tmp]# passwd develop
Changing password for user develop.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[[email protected] tmp]# passwd manjingliu
Changing password for user manjingliu.
New password:
BAD PASSWORD: The password contains the user name in some form
Retype new password:
passwd: all authentication tokens updated successfully.
[[email protected] tmp]# user
useradd userdel userformat userhelper userinfo usermod usermount usernetctl userpasswd users
[[email protected] tmp]# usermod manjingliu -g tc
[[email protected] tmp]# usermod develop -g tc
[[email protected] tmp]# id manjingliu
uid=1000(manjingliu) gid=1001(tc) groups=1001(tc),1000(manjingliu)
[[email protected] tmp]# id develop
uid=1001(develop) gid=1001(tc) groups=1001(tc)
# 新增samba使用者
[[email protected] tmp]# smbpasswd -a develop
New SMB password:
Retype new SMB password:
Added user develop.
[[email protected] tmp]# smbpasswd -a manjingliu
New SMB password:
Retype new SMB password:
Added user manjingliu.
# 修改配置檔案
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[ts]
comment = TS
path = /ts
valid users = @ts
# 校驗配置檔案
[[email protected] tmp]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[ts]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
[global]
printcap name = cups
security = USER
workgroup = SAMBA
idmap config * : backend = tdb
cups options = raw
[homes]
browseable = No
comment = Home Directories
inherit acls = Yes
read only = No
valid users = %S %D%w%S
[printers]
browseable = No
comment = All Printers
create mask = 0600
path = /var/tmp
printable = Yes
[print$]
comment = Printer Drivers
create mask = 0664
directory mask = 0775
force group = @printadmin
path = /var/lib/samba/drivers
write list = @printadmin root
[ts] 這裡是地址中的名字
comment = Tc
path = /tc
valid users = @tc
# 重新載入smb配置
[[email protected] tmp]# systemctl reload smb.service
[[email protected] tmp]# systemctl status smb.service
● smb.service - Samba SMB Daemon
Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2018-11-10 00:51:26 CST; 10min ago
Process: 15271 ExecReload=/usr/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS)
Main PID: 15100 (smbd)
Status: "smbd: ready to serve connections..."
CGroup: /system.slice/smb.service
├─15100 /usr/sbin/smbd --foreground --no-process-group
├─15102 /usr/sbin/smbd --foreground --no-process-group
├─15103 /usr/sbin/smbd --foreground --no-process-group
└─15104 /usr/sbin/smbd --foreground --no-process-group
Nov 10 00:51:26 localhost.localdomain systemd[1]: Starting Samba SMB Daemon...
Nov 10 00:51:26 localhost.localdomain smbd[15100]: [2018/11/10 00:51:26.340995, 0] ../lib/util/become_daemon.c:124(daemon_ready)
Nov 10 00:51:26 localhost.localdomain smbd[15100]: STATUS=daemon 'smbd' finished starting up and ready to serve connections
Nov 10 00:51:26 localhost.localdomain systemd[1]: Started Samba SMB Daemon.
Nov 10 01:01:58 localhost.localdomain systemd[1]: Reloaded Samba SMB Daemon.
Nov 10 01:02:03 localhost.localdomain systemd[1]: Reloaded Samba SMB Daemon.
- 訪問測試
- 本機命令列測試
[[email protected] home]# smbclient -U manjingliu //192.168.137.149/ts
Enter SAMBA\manjingliu's password:
Try "help" to get a list of possible commands.
smb: \>
.
* 遠端主機訪問