服务端配置
一、安装samba软件包
命令:yum -y install samba
查看是否安装samba。
[root@Centos7-Server haha]#
[root@Centos7-Server haha]# rpm -qa |grep "samba"
samba-common-tools-4.8.-.el7.x86_64
samba-client-libs-4.8.-.el7.x86_64
samba-4.8.-.el7.x86_64
samba-common-libs-4.8.-.el7.x86_64
samba-client-4.8.-.el7.x86_64
samba-libs-4.8.-.el7.x86_64
samba-common-4.8.-.el7.noarch
[root@Centos7-Server haha]#
二、修改配置文件/etc/samba/smb.conf
[root@Centos7-Server haha]# vim /etc/samba/smb.conf
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask =
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask =
directory mask =
[common]
path = /common
#read only =No
write list = yck
[sharetest] #自定义名称
path = /sharetest # 共享目录的路径
write list = yck #允许yck用户具有写的权限,当用yck用户认证访问共享目录时,如果想在共享目录中创建删除,需要将认证的用户添加到这里。
三、创建共享的目录/sharetest,并配置acl定制权限。yck用户可读可写可执行。为yck用户创建samba认证密码。
[root@Centos7-Server /]#
[root@Centos7-Server /]#
[root@Centos7-Server /]# pdbedit -a yck
new password:
retype new password:
Unix username: yck
NT username:
Account Flags: [U ]
User SID: S-------
Primary Group SID: S-------
Full Name: yck
Home Directory: \\centos7-server\yck
HomeDir Drive:
Logon Script:
Profile Path: \\centos7-server\yck\profile
Domain: CENTOS7-SERVER
Account desc:
Workstations:
Munged dial:
Logon time:
Logoff time: Wed, Feb :: CST
Kickoff time: Wed, Feb :: CST
Password last set: Wed, Apr :: CST
Password can change: Wed, Apr :: CST
Password must change: never
Last bad password :
Bad password count :
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@Centos7-Server /]#
[root@Centos7-Server /]#
[root@Centos7-Server /]# mkdir sharetest #创建sharetest目录 [root@Centos7-Server /]# setfacl -m u:yck:rwx sharetest/ #配置acl,yck对sharetest目录具有rwx权限 [root@Centos7-Server /]# ll
total
lrwxrwxrwx. root root Apr : bin -> usr/bin
dr-xr-xr-x. root root Apr : boot
drwxr-xr-x. root root Apr : common
drwxr-xr-x. root root Apr : dev
drwxr-xr-x. root root Apr : etc
drwxr-xr-x. root root Apr : home
lrwxrwxrwx. root root Apr : lib -> usr/lib
lrwxrwxrwx. root root Apr : lib64 -> usr/lib64
drwxr-xr-x. root root Apr media
drwxr-xr-x. root root Apr : mnt
drwxr-xr-x. root root Apr : opt
dr-xr-xr-x. root root Apr : proc
dr-xr-x---. root root Apr : root
drwxr-xr-x. root root Apr : run
lrwxrwxrwx. root root Apr : sbin -> usr/sbin
drwxrwxr-x+ root root Apr : sharetest #+表示具有其他的权限配置
drwxr-xr-x. root root Apr srv
dr-xr-xr-x. root root Apr : sys
drwxrwxrwt. root root Apr : tmp
drwxr-xr-x. root root Apr : usr
drwxr-xr-x. root root Apr : var
[root@Centos7-Server /]#
四、selinux配置samba的读写功能的开启
查看samba的读写功能是否开启。
[root@Centos7-Server /]#
[root@Centos7-Server /]# getsebool -a |grep "samba"
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off #读权限关闭
samba_export_all_rw --> off #写权限关闭
samba_load_libgfapi --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
tmpreaper_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@Centos7-Server /]#
开启读写功能
[root@Centos7-Server /]#
[root@Centos7-Server /]# setsebool samba_export_all_ro on
[root@Centos7-Server /]# setsebool samba_export_all_rw on
[root@Centos7-Server /]# getsebool -a |grep "samba"
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> on
samba_export_all_rw --> on
samba_load_libgfapi --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
tmpreaper_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@Centos7-Server /]#
五、防火墙(将默认区域设置为trusted)
[root@Centos7-Server /]#
[root@Centos7-Server /]# firewall-cmd --set-default-zone=trusted
success
[root@Centos7-Server /]# firewall-cmd --get-default-zone
trusted
[root@Centos7-Server /]#
六、挂载使用。
安装cifs-utils软件包,用于支持cifs协议。samba用cifs协议传输数据。
[root@Centos7-Server /]#
[root@Centos7-Server /]# yum -y install cifs-utils
[root@Centos7-Server /]#
[root@Centos7-Server /]#
[root@Centos7-Server /]# mount -t cifs -o user=yck,pass= //192.168.0.50/sharetest /mnt
[root@Centos7-Server /]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 36G .1G 32G % /
devtmpfs 895M 895M % /dev
tmpfs 910M 910M % /dev/shm
tmpfs 910M 11M 900M % /run
tmpfs 910M 910M % /sys/fs/cgroup
tmpfs 182M 182M % /run/user/
tmpfs 182M 12K 182M % /run/user/
//192.168.0.251/linux 62G 33G 30G 53% /root/share
//192.168.0.50/common 36G 4.1G 32G 12% /mnt
//192.168.0.50/sharetest 36G 4.1G 32G 12% /mnt
[root@Centos7-Server /]#
mount -t cifs -o user=yck, pass=123 //192.168.0.50/sharetest /mnt
命令 指定我文件系统类型 cifs文件系统 表示后面跟参数 用户名 密码 共享位置 挂载点
永久挂载,科技自动挂载。
root@yck-virtual-machine:/#
root@yck-virtual-machine:/# cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab().
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/sda1 during installation
UUID=231caf54-bdcd-4a5b-b3a0-116b3b97ef51 / ext4 errors=remount-ro
/swapfile none swap sw
#/dev/sdb5 /home/yck/part ext4 defaults
#/dev/yck_vg/yck_data /home/yck/part ext4 defaults
//192.168.0.50/sharetest /mnt cifs defaults,user=yck,pass=123,_netdev 0 0 #挂载网络共享文件夹
root@yck-virtual-machine:/#
//192.168.0.50/sharetest /mnt cifs defaults,user=yck,pass=123,_netdev 0 0
共享目录、共享位置 挂载点 文件系统 参数 用户名 密码 声明该挂载为网络设备 备份标记 不检测 测试、etc/fstab 里面的配置是否有误,挂载是否成功。
root@yck-virtual-machine:/# mount -a
root@yck-virtual-machine:/#
mount -a 不报错表示配置文件无误,挂载成功。但必须先确保该挂载位置未事先挂载才能进行测试。不然不管怎么测都是不会报错的。
