SMB 文件共享
SMB文件共享
用 internet 文件系统(cifs)也成为服务器信是适用于MicrosoftWindows 服务器和客户端的标准文件和打印机共享系统息块(SMB)。
Samba 服务可用于将linux 文件系统作为CIFS/SMB 网络文件共享进行共享,并将linux 打印机作为CIFS/SMB 打印机共享进行共享。
软件安装:
yum install samba-common #Samba 的支持文件
yum install samba #服务器应用程序
yum install samba-client #客户端应用程序
主配置文件:
vim /etc/samba/smb.conf
smbclient -L //172.25.254.150 #匿名用户查看
Enter root's password:
Anonymous login successful
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.2.3)
Anonymous login successful
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
Server Comment
--------- -------
Workgroup Master
--------- -------
smbpasswd -a student #添加smb用户
New SMB password:
Retype new SMB password:
Added user student.
smbpasswd -d student #删除smb用户
smbclient -L //172.25.254.150 -U student #smb本地用户查看
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.2.3)
student Disk Home Directories
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
Server Comment
--------- -------
Workgroup Master
--------- -------
smbclient //172.25.254.150/student -U student #smb用户登陆,此时由于selinux限制,smb开关没有打开
Enter student's password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \*
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \*
smb: \>
getsebool -a | grep samba #查看smb 开关
setsebool -P samba_enable_home_dirs on #打开smb 开关
smbclient //172.25.254.150/student -U student #smb 用户重新登陆
mount -o username=student,password=123 //172.25.254.150/student /mnt/ #将smb挂载在mnt下
vim /etc/samba/smb.conf
workgroup = westos #更改域名
90 server string = Samba Server Version %v
设置共享目录
[BOBO] #名字
comment= bobo group #解释
path = /bobo #路径
mkdir /bobo
semanage fcontext -a -t samba_share_t '/bobo(/.*)?' #设置安全上下文
[[email protected] ~]# restorecon -FvvR /bobo/
restorecon reset /bobo context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
touch /bobo/file{1..3}
smbclient //172.25.254.150/BOBO -U student #访问共享目录
客户端将共享挂载在 mnt下
vim /etc/fstab ###永久挂载
//172.25.254.150/BOBO /mnt cifs defaults,username=student,password=123 0 0
mount -a
查看
设置匿名用户可以登陆
服务端:
vim /etc/samba/smb.conf
load printers = yes
cups options = raw
map to guest=bad user
[BOBO]
comment= bobo group
path = /bobo
guest ok =yes
客户端:
smbclient //172.25.254.150/BOBO /mnt/ -o username=guest #匿名用户登陆
mount //172.25.254.150/BOBO /mnt/ -o username=guest #匿名用户挂载
用户可写
vim /etc/samba/smb.conf
[wy]
comment=man wy
path=/wy
guest ok =yes
writable = yes
setfacl -m u:student:rwx /bobo
客户端:
mount //172.25.254.150/bobo /mnt/ -o username=student,password=123
touch /mnt/bo
服务端查看:
用户组可写
vim /etc/samba/smb.conf
321 [BOBO]
322 comment=man wy
323 path=/bobo
324 guest ok =yes
325 #writable = yes
326 write list= @student
setfacl -m g:student:rwx /bobo
usermod -G student wy
客户端:
mount //172.25.254.150/bobo /mnt/ -o username=wy,password=321
touch /mnt/file
服务端验证:
用户等于root ####在服务器上对文件的管理是root 不是smb的超级用户
vim /etc/samba/smb.conf
[BOBO]
comment= bobo group
path = /bobo
guest ok =yes
writable=yes
#write [email protected]
admin users =student
systemctl restart smb
[BOBO]
comment= bobo group
path = /bobo
guest ok =yes
writable=yes
write [email protected]
#admin users =student
browseable =no #目录对用户不可见
[BOBO]
comment= bobo group
path = /bobo
guest ok =yes
writable=yes
write [email protected]
#admin users =student
valid users =student #只有student 用户可以登陆
[BOBO]
comment= bobo group
path = /bobo
guest ok =yes
writable=yes
write [email protected]
#admin users =student
valid users =+student #只有student组用户可以登陆
smb 多用户登陆 ####在客户端
yum install cifs-utils -y
vim /root/smbfile
username=student
password=123
chmod 600 /root/smbfile
mount -o credentials=/root/smbfile,multiuser,sec=ntlmssp //172.25.254.108/wy /mnt
su - student
cd /mnt
ls ###没权限
ls: reading directory .: Permission denied
cifscreds add -u westos 172.25.254.150
ls ###可以看到