Linux下cifs公用網際網路系統和samba服務
SMB 檔案共享
用 Internet 檔案系統(CIFS)也稱為伺服器信是適用於 MicrosoftWindows 伺服器和客戶端的標準檔案和印表機共享系統息塊(SMB)
Samba 服務可用於將 Linux 檔案系統作為 CIFS/SMB 網路檔案共享進行共享,並將 Linux 印表機作為 CIFS/SMB 印表機共事進行共享
samba 服務的組成部分
軟體包 :
Samba-common – Samba 的支援檔案
Samba-client – 客戶端應用程式
Samba – 伺服器應用程式
服務名稱 :smb nmb
服務埠 : 通常使用 TCP/445 進行所有連線。還使用UDP137 、 UDP138 和 TCP/139 進行向後相容
主配置檔案 :/etc/samba/smb.conf
一、配置Samba
1在服務端
安裝
[root@localhost ~]# yum install samba samba-client samba-common -y ##安裝samba服務和支援samba服務的應用程式
Loaded plugins: langpacks
Repository 'rhel_dvd' is missing name in configuration, using id
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
rhel_dvd | 4.1 kB 00:00
Package samba-common-4.1.1-31.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:4.1.1-31.el7 will be installed
---> Package samba-client.x86_64 0:4.1.1-31.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
samba x86_64 4.1.1-31.el7 rhel_dvd 527 k
samba-client x86_64 4.1.1-31.el7 rhel_dvd 513 k
Transaction Summary
================================================================================
Install 2 Packages
Total download size: 1.0 M
Installed size: 2.9 M
Downloading packages:
(1/2): samba-4.1.1-31.el7.x86_64.rpm | 527 kB 00:00
(2/2): samba-client-4.1.1-31.el7.x86_64.rpm | 513 kB 00:00
--------------------------------------------------------------------------------
Total 9.5 MB/s | 1.0 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : samba-4.1.1-31.el7.x86_64 1/2
Installing : samba-client-4.1.1-31.el7.x86_64 2/2
Verifying : samba-client-4.1.1-31.el7.x86_64 1/2
Verifying : samba-4.1.1-31.el7.x86_64 2/2
Installed:
samba.x86_64 0:4.1.1-31.el7 samba-client.x86_64 0:4.1.1-31.el7
Complete!
服務啟動配置
[root@localhost ~]# systemctl start smb
[root@localhost ~]# systemctl enable smb.service
ln -s '/usr/lib/systemd/system/smb.service' '/etc/systemd/system/multi-user.target.wants/smb.service'
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl disable firewalld.service
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
檢視samba服務的埠
[root@localhost ~]# netstat -antlupe | grep smb
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 43463 2116/smbd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 43464 2116/smbd
tcp6 0 0 :::445 :::* LISTEN 0 43461 2116/smbd
tcp6 0 0 :::139 :::* LISTEN 0 43462 2116/smbd
2、在客戶端
[root@localhost ~]# yum install samba-client.x86_64 -y ##只下載samba服務就可以
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
(1/2): rhel_dvd/group_gz | 134 kB 00:00
(2/2): rhel_dvd/primary_db | 3.4 MB 00:00
Resolving Dependencies
--> Running transaction check
---> Package samba-client.x86_64 0:4.1.1-31.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
samba-client x86_64 4.1.1-31.el7 rhel_dvd 513 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 513 k
Installed size: 1.4 M
Downloading packages:
samba-client-4.1.1-31.el7.x86_64.rpm | 513 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : samba-client-4.1.1-31.el7.x86_64 1/1
Verifying : samba-client-4.1.1-31.el7.x86_64 1/1
Installed:
samba-client.x86_64 0:4.1.1-31.el7
Complete!
3、建立使用者
【smb使用者必須本地存在】
在服務端
[root@localhost ~]# useradd westos ##新增使用者
[root@localhost ~]# passwd westos ##新增密碼
Changing password for user westos.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost ~]# smbpasswd -a westos ##在smb中新增使用者
New SMB password:
Retype new SMB password:
Added user westos.
[root@localhost ~]# pdbedit -L ##顯示所新增的使用者
westos:1001:
在客戶端
[root@localhost ~]# smbclient -L //172.25.254.166
Enter root's password: ##未新增使用者密碼 直接回車
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.1.1)
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
Server Comment
--------- -------
Workgroup Master
--------- -------
新增使用者後
[root@localhost ~]# smbclient //172.25.254.166/westos -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jun 28 04:05:44 2018
.. D 0 Thu Jun 28 04:05:44 2018
.bash_profile H 193 Wed Jan 29 07:45:18 2014
.mozilla DH 0 Thu Jul 10 18:29:32 2014
.config DH 0 Thu Jul 10 19:06:52 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
60458 blocks of size 8192. 56478 blocks available
smb: \> qiut
qiut: command not found
smb: \> quit
[root@localhost ~]# setsebool -P samba_enable_home_dirs on
setsebool: SELinux is disabled.
[root@localhost ~]# getenforce
Disabled
[root@localhost ~]# vim /etc/sysconfig/selinux
[root@localhost ~]# getenforce
Disabled
[root@localhost ~]# reboot
vim內,更改selinux狀態
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
setsebool -P samba_enable_home_dirs on 設定 bool
[root@localhost ~]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on ##確認開啟
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
在客戶端就可以檢視
[root@localhost ~]# smbclient //172.25.254.166/westos -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jun 28 04:05:44 2018
.. D 0 Thu Jun 28 04:05:44 2018
.bash_profile H 193 Wed Jan 29 07:45:18 2014
.mozilla DH 0 Thu Jul 10 18:29:32 2014
.config DH 0 Thu Jul 10 19:06:52 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
60458 blocks of size 8192. 56477 blocks available
二、上傳檔案
[root@localhost ~]# smbclient //172.25.254.166/westos -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> !ls
anaconda-ks.cfg Documents Music Public Videos
Desktop Downloads Pictures Templates
smb: \> put anaconda-ks.cfg
putting file anaconda-ks.cfg as \anaconda-ks.cfg (4208.3 kb/s) (average 4208.5 kb/s)
smb: \> quit
[root@localhost bin]# smbclient //172.25.254.166/westos -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jun 28 04:41:18 2018
.. D 0 Thu Jun 28 04:05:44 2018
.bash_profile H 193 Wed Jan 29 07:45:18 2014
anaconda-ks.cfg A 8619 Thu Jun 28 04:41:18 2018
.mozilla DH 0 Thu Jul 10 18:29:32 2014
.config DH 0 Thu Jul 10 19:06:52 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
60458 blocks of size 8192. 56476 blocks available
smb: \> !ls
[ mcookie
a2p mcopy
abrt-action-analyze-backtrace mc-tool
abrt-action-analyze-c mc-wait-for-name
abrt-action-analyze-ccpp-local md5sum
abrt-action-analyze-core mdel
abrt-action-analyze-oops mdeltree
abrt-action-analyze-python mdir
abrt-action-analyze-vmcore mdu
abrt-action-analyze-vulnerability mergerepo
abrt-action-analyze-xorg mesg
abrt-action-check-oops-for-hw-error metacity
abrt-action-generate-backtrace metacity-message
abrt-action-generate-core-backtrace mformat
abrt-action-install-debuginfo minfo
abrt-action-list-dsos mixartloader
abrt-action-notify mkafmmap
abrt-action-perform-ccpp-analysis mkdir
abrt-action-save-kernel-data mkfifo
smb: \> put mco
mcomp mcookie mcopy
smb: \> put mco
mcomp mcookie mcopy
smb: \> put mco
mcomp mcookie mcopy
smb: \> put mcookie
putting file mcookie as \mcookie (7710.6 kb/s) (average 7710.9 kb/s)
smb: \>
三、smb服務掛載
臨時掛載
mount //172.25.254.166/westos /mnt/ -o username=westos,passwd=redhat
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3194760 7279140 31% /
devtmpfs 469344 0 469344 0% /dev
tmpfs 484932 80 484852 1% /dev/shm
tmpfs 484932 12772 472160 3% /run
tmpfs 484932 0 484932 0% /sys/fs/cgroup
/dev/mapper/vg0-vo 483670 2381 451798 1% /home
//172.25.254.166/westos 10473900 3157216 7316684 31% /mnt開機自動掛載
1.mount //172.25.254.166/westos /mnt/ -o username=westos,passwd=redhat 0 0
命令直接寫在 /etc/fstab, 開機時會自動執行,但若命令稍有差錯容易無法開機
2、 在 /etc/rc.d/rc.local 在此檔案中寫mount //172.25.254.166/westos /mnt/ -o username=westos,passwd=redhat 會在開機後伺服器已經啟動之後才執行 不會影響伺服器的開機
然後再加上可執行許可權chmod +x /etc/rc.d/rc.local
smb 客戶端的使用
[root@localhost ~]# rpm -qc samba-common ##檢視配置檔案
/etc/logrotate.d/samba
/etc/samba/lmhosts
/etc/samba/smb.conf
/etc/sysconfig/samba
修改組名稱
在服務端
[root@localhost ~]# vim /etc/samba/smb.conf
設定服務的黑名單、白名單
[root@localhost ~]# vim /etc/samba/smb.conf
在客戶端測試會出現
protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE設定smb的共享目錄
在服務端
[root@localhost ~]# mkdir /test
[root@localhost ~]# touch /test/file{1..5} ##新建一些檔案用來測試
[root@localhost ~]# ls /test/
file1 file2 file3 file4 file5
[root@localhost ~]# semanage fcontext -a -t samba_share_t '/test(/.*)?' ##修改安全上下文
[root@localhost ~]# restorecon -FvvR /test/ ##重新整理
restorecon reset /test context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /test/file1 context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /test/file2 context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /test/file3 context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /test/file4 context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /test/file5 context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
[root@localhost ~]# semanage fcontext -l | grep /test 過濾test看是否更改成功
/test(/.*)? all files system_u:object_r:samba_share_t:s0
/usr/lib/pgsql/test/regress(/.*)? all files system_u:object_r:postgresql_db_t:s0
/usr/lib/pgsql/test/regress/.*\.sh regular file system_u:object_r:bin_t:s0
/usr/lib/pgsql/test/regress/.*\.so.* regular file system_u:object_r:lib_t:s0
/usr/lib/pgsql/test/regress/pg_regress regular file system_u:object_r:postgresql_exec_t:s0
編輯配置檔案
[root@localhost ~]# vim /etc/samba/smb.conf
在檔案最後新增
[root@localhost ~]# smbclient //172.25.254.166/DIR -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jun 28 07:57:44 2018
.. D 0 Thu Jun 28 07:57:26 2018
file1 N 0 Thu Jun 28 07:57:44 2018
file2 N 0 Thu Jun 28 07:57:44 2018
file3 N 0 Thu Jun 28 07:57:44 2018
file4 N 0 Thu Jun 28 07:57:44 2018
file5 N 0 Thu Jun 28 07:57:44 2018
40913 blocks of size 262144. 28434 blocks available
smb: \>
可以看到共享的test下五個檔案
smb 許可權管理
1、是否允許瀏覽:browseable = yes|no
2、是否可寫:writable = yes|no
3、允許使用者列表:write list = westos
4、允許組列表(+或@表示組):write list = +westos
5、指定超級使用者,在可寫情況下才可以執行動作:admin users = westos
smb 多使用者掛載
[root@localhost ~]# useradd test
[root@localhost ~]# passwd test
Changing password for user test.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost ~]# yum install cifs-utils.x86_64 -y
Loaded plugins: langpacks
Repository 'rhel_dvd' is missing name in configuration, using id
Resolving Dependencies
--> Running transaction check
---> Package cifs-utils.x86_64 0:6.2-6.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==============================================================================
Package Arch Version Repository Size
==============================================================================
Installing:
cifs-utils x86_64 6.2-6.el7 rhel_dvd 83 k
Transaction Summary
==============================================================================
Install 1 Package
Total download size: 83 k
Installed size: 174 k
Downloading packages:
cifs-utils-6.2-6.el7.x86_64.rpm | 83 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : cifs-utils-6.2-6.el7.x86_64 1/1
Verifying : cifs-utils-6.2-6.el7.x86_64 1/1
Installed:
cifs-utils.x86_64 0:6.2-6.el7
Complete!
[root@localhost ~]# vim /root/smbpass
[root@localhost ~]# cat /root/smbpass
username=student
password=redhat
[root@localhost ~]# mount -o cr#credentials=/root/smbpasswd 指定掛載時所用到的使用者檔案
#multiuser 支援多使用者認證
#sec=ntlmssp 認證方式為標準smb認證方式
smb 匿名使用者訪問
linux 的匿名使用者 Anonymous
windows 的匿名使用者 guest
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# systemctl restart smb.service
相關文章
- Linux 網路通訊管理和系統服務管理Linux
- cifs網路檔案共享系統
- Linux系統學習(四)Linux網路服務Linux
- 利用基於samba服務的cifs檔案系統實現共享資源Samba
- 如何快速搭建Linux系統中Samba服務LinuxSamba
- Linux——搭建Samba(CIFS)伺服器LinuxSamba伺服器
- Linux系統下網路配置Linux
- 如何利用samba(smb服務)實現網路檔案共享Samba
- ubuntu系統samba服務的安裝配置UbuntuSamba
- 工業網際網路平臺架構方案,構建工業網際網路企業數字化、網路化、智慧化服務體系架構
- 網際網路架構,究竟為啥要做服務化?架構
- 如何在Linux下部署Samba服務?LinuxSamba
- 工信部:2022年中國規模以上網際網路和相關服務企業網際網路業務收入14590億元
- 配置虛擬機器中的Linux系統與開啟網路服務虛擬機Linux
- Samba服務Samba
- “2017網際網路+政務服務論壇”在廣州舉行
- 容器、微服務和網際網路架構淺談微服務架構
- Linux網路服務之部署YUM倉庫Linux
- 服裝企業網際網路+模式模式
- 為網際網路業務而生:阿里雲全球首發雲Cassandra服務!阿里
- 西安網際網路知名度如何(CRMEB系統)
- 代理伺服器 ip為網際網路提供什麼服務?伺服器
- 網際網路資訊服務安全檢查接收材料清單
- Python_UNIX和Linux系統管理指南(四)—— 網路PythonLinux
- 工業網際網路產業聯盟:工業網際網路體系架構 2.0(附下載)產業架構
- **Linux 配置系統網路(動態)**Linux
- Linux系統網路檔案配置Linux
- Linux系統下常用的3種網路測速工具!Linux
- 工業網際網路環境下的工業控制系統安全防護
- 中國信通院:2022年網際網路和相關服務業執行情況
- 在Linux下使用TCP封裝器來加強網路服務安全LinuxTCP封裝
- spring cloud構建網際網路分散式微服務雲平臺-服務鏈路追蹤SpringCloud分散式微服務
- “網際網路+政務”是什麼?
- 網際網路明廚亮灶智慧監管系統
- 在非洲運營網際網路系統-如何搞定支付?
- 網際網路電視捆綁套餐服務的未來?Frontier利用YouTube TV提供影片服務
- 通過整合中國大陸、香港及海外網際網路網路資源,給客戶提供真正的鑽石級網際網路服務。
- 蘋果網際網路服務轉型艱難:去年新推服務幾無收入蘋果