5.3. Samba-白红宇

5.3.1. install

5.3.1.1. Ubuntu

环境 ubuntu 8.10

$ sudo apt-get install samba

查看Samba 服务器的端口

neo@shenzhen:~$ sudo netstat -tlnp |grep smbtcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN     4480/smbdtcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN     4480/smbdneo@shenzhen:~$

5.3.1.2. Samba

# yum -y install samba# service smbd start

smbpasswd

[root@development ~]# sudo smbpasswd -L -a neo

smb.conf

#============================ Share Definitions ==============================[homes]        comment = Home Directories        browseable = no        writable = yes        valid users = %S[developer]        comment = Developer Stuff        path = /var/www/html        public = yes        writable = yes        printable = no        write list = +apache

5.3.1.3. CentOS 7

yum install -y sambacp /etc/samba/smb.conf{,.original}systemctl enable smbsystemctl start smb

5.3.1.4. firewall

防火墙

firewall-cmd --permanent --add-port=137/tcpfirewall-cmd --permanent --add-port=138/tcpfirewall-cmd --permanent --add-port=139/tcpfirewall-cmd --permanent --add-port=445/tcpfirewall-cmd --permanent --add-port=901/tcpfirewall-cmd --reload

iptables -L

5.3.1.5. SELinux Configuration

setsebool -P samba_enable_home_dirs onchcon -t samba_share_t /home/samba

/home/samba 改为你共享的目录

5.3.2. smb.conf

security = share|user 共享|用户模式

comment = 描述valid users = '%S'登录用户，'neo'允许neo访问read only = 'No'读写模式，'Yes'只读模式browseable = 'No'不显示, 'Yes'显示

5.3.2.1. Security consideration

[global]interfaces = lo, eth0bind interfaces only = true

5.3.3. testparm - check an smb.conf configuration file for internal correctness

# testparmLoad smb config files from /etc/samba/smb.confrlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)Processing section "[homes]"Processing section "[printers]"Loaded services file OK.Server role: ROLE_STANDALONEPress enter to see a dump of your service definitions[global]	workgroup = MYGROUP	server string = Samba Server Version %v	log file = /var/log/samba/log.%m	max log size = 50	idmap config * : backend = tdb	cups options = raw[homes]	comment = Home Directories	read only = No	browseable = No[printers]	comment = All Printers	path = /var/spool/samba	printable = Yes	print ok = Yes	browseable = No

5.3.4. smbstatus - report on current Samba connections

# smbstatus Samba version 4.1.12PID     Username      Group         Machine                        -------------------------------------------------------------------Service      pid     machine       Connected at-------------------------------------------------------No locked files

链接共享目录后再次查看

# smbstatus Samba version 4.1.12PID     Username      Group         Machine                        -------------------------------------------------------------------12507     www           www           192.168.4.69 (ipv4:192.168.4.69:65102)Service      pid     machine       Connected at-------------------------------------------------------www          12507   192.168.4.69  Wed Sep 23 01:34:44 2015IPC$         12507   192.168.4.69  Wed Sep 23 01:34:43 2015Locked files:Pid          Uid        DenyMode   Access      R/W        Oplock           SharePath   Name   Time--------------------------------------------------------------------------------------------------12507        80         DENY_NONE  0x100081    RDONLY     NONE             /www   SOA   Wed Sep 23 02:01:22 201512507        80         DENY_NONE  0x100081    RDONLY     NONE             /www   SOA/queue   Wed Sep 23 02:01:22 201512507        80         DENY_NONE  0x100081    RDONLY     NONE             /www   .   Wed Sep 23 01:37:53 201512507        80         DENY_NONE  0x100081    RDONLY     NONE             /www   .   Wed Sep 23 01:58:22 2015

5.3.5. smbpasswd - change a user's SMB password

# smbpasswd -a wwwNew SMB password:Retype new SMB password:Added user www.

5.3.6. nmblookup - NetBIOS over TCP/IP client used to lookup NetBIOS names

$ nmblookup -A 172.16.0.5Looking up status of 172.16.0.5        USER            <00> -         B 
     
              WORKGROUP       <00> - 
      
        B 
       
                USER            <20> -         B 
        
                 WORKGROUP       <1e> - 
         
           B 
          
            WORKGROUP <1d> - B 
           
             ..__MSBROWSE__. <01> - 
            
              B 
             
               MAC Address = 00-25-64-A7-18-97

5.3.7. smbfs/smbmount/smbumount

sudo apt-get install smbfs

smbmount

$ sudo mkdir /mnt/winfs$ sudo smbmount //172.16.0.92/tmp /mnt/winfs$ ls /mnt/winfs/

使用neo帐号登录

$ sudo smbmount //172.16.0.92/tmp /mnt/winfs -o username=neo

mount

$ mount -t smbfs -o username=jwhittal \\\\172.16.1.3\\c$ /mnt/thumb

linux 不再使用smbfs, 替换为 cifs

$ mount -t cifs //192.168.0.2/ /mnt/

5.3.8. smbclient - ftp-like client to access SMB/CIFS resources on servers

$ sudo apt-get install smbclient

5.3.8.1. 显示共享目录

$ smbclient -L 172.16.1.3

neo@netkiller:~$ smbclient -L 172.16.0.1Enter neo's password:Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.0]        Sharename       Type      Comment        ---------       ----      -------        IPC$            IPC       IPC Service (netkiller server (Samba, Ubuntu))        www             Disk      www diretcory        print$          Disk      Printer Drivers        neo             Disk      Home DirectoriesDomain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.0]        Server               Comment        ---------            -------        DEBIAN               debian server        NETKILLER            netkiller server (Samba, Ubuntu)        Workgroup            Master        ---------            -------        WORKGROUP            DEBIAN

5.3.8.2. 访问共享资源

访问developer共享目录

$ smbclient //localhost/developerEnter neo's password:Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.3.2]Server not using user level security and no password supplied.smb: \> ls  .                                   D        0  Thu Oct 29 02:05:37 2009  ..                                  D        0  Thu Oct 22 05:27:16 2009  ofcard.php                                1104  Tue Oct 27 02:00:49 2009  index.html                                 580  Thu Oct 29 02:05:37 2009  webapps                             D        0  Wed Oct 28 06:04:08 2009  ecmall                              D        0  Thu Oct 22 00:00:12 2009  doc                                 D        0  Wed Oct 28 06:04:09 2009  supersite                           D        0  Thu Oct 22 03:35:08 2009  empire                              D        0  Thu Oct 22 02:56:12 2009  discuz                              D        0  Wed Oct 21 22:04:29 2009  resin-data                          D        0  Wed Oct 28 06:21:02 2009  phpMyAdmin                          D        0  Sat Oct 24 09:02:29 2009  empirecms6                          D        0  Thu Oct 22 04:12:44 2009  ecshop                              D        0  Wed Oct 21 21:56:40 2009  watchdog-data                       D        0  Wed Oct 28 06:07:19 2009  ucenter                             D        0  Wed Oct 21 22:41:58 2009  ecshop.old                          D        0  Fri Oct 23 11:35:39 2009  magento                             D        0  Tue Oct  6 19:19:54 2009  weberp                              D        0  Fri Oct 23 05:21:33 2009                61335 blocks of size 131072. 41655 blocks availablesmb: \>

5.3.8.3. 用户登录

使用用户Neo登录

$ smbclient //localhost/developer -U neoEnter neo's password:Domain=[UBUNTU] OS=[Unix] Server=[Samba 3.3.2]smb: \> ls  .                                   D        0  Thu Oct 29 03:13:31 2009  ..                                  D        0  Thu Oct 22 05:27:16 2009  ofcard.php                                1104  Tue Oct 27 02:00:49 2009  index.html                                 676  Thu Oct 29 03:13:31 2009  webapps                             D        0  Wed Oct 28 06:04:08 2009  ecmall                              D        0  Thu Oct 22 00:00:12 2009  doc                                 D        0  Wed Oct 28 06:04:09 2009  supersite                           D        0  Thu Oct 22 03:35:08 2009  empire                              D        0  Thu Oct 22 02:56:12 2009  discuz                              D        0  Wed Oct 21 22:04:29 2009  resin-data                          D        0  Wed Oct 28 06:21:02 2009  phpMyAdmin                          D        0  Sat Oct 24 09:02:29 2009  empirecms6                          D        0  Thu Oct 22 04:12:44 2009  ecshop                              D        0  Wed Oct 21 21:56:40 2009  watchdog-data                       D        0  Wed Oct 28 06:07:19 2009  ucenter                             D        0  Wed Oct 21 22:41:58 2009  ecshop.old                          D        0  Fri Oct 23 11:35:39 2009  magento                             D        0  Tue Oct  6 19:19:54 2009  weberp                              D        0  Fri Oct 23 05:21:33 2009                61335 blocks of size 131072. 41654 blocks availablesmb: \> quit

5.3.9. smbtar - shell script for backing up SMB/CIFS shares directly to UNIX tape drives

5.3.10. by Example

Backup the /etc/samba/smb.conf file:

sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.original

5.3.10.1. share

security = share

[tmp]   comment = test   writable = yes   locking = yes   path = /tmp   public = yes[neo]   comment = neo   writable = yes   locking = yes   path = /home/neo/   public = yes[htdocs]   comment = neo   writable = yes   locking = yes   path = /opt/lampp/htdocs   public = yes

5.3.10.2. user

sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.original

security = user

add user

sudo useradd -s /bin/true neosudo smbpasswd -L -a neo

enable

sudo smbpasswd -L -e neo

del user

sudo smbpasswd -L -x neo

5.3.10.3. test

测试配置文件是否正确

$ testparm

查看共享目录

$ smbclient -L localhost -NDomain=[WORKGROUP] OS=[Unix] Server=[Samba 3.3.2]        Sharename       Type      Comment        ---------       ----      -------        print$          Disk      Printer Drivers        developer       Disk      Development        IPC$            IPC       IPC Service (ubuntu server (Samba, Ubuntu))Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.3.2]        Server               Comment        ---------            -------        PRINTSERVER        UBUNTU               ubuntu server (Samba, Ubuntu)        Workgroup            Master        ---------            -------        WORKGROUP            PRINTSERVER

Windows 访问测试

C:\>net view \\192.168.3.40在 \\192.168.3.40 的共享资源ubuntu server (Samba, Ubuntu)共享名     类型  使用为  注释----------------------------------------------------------developer  Disk  Development命令运行完毕，但发生一个或多个错误。

5.3.11. FAQ

5.3.11.1. smbd/service.c:make_connection_snum(1013)

'/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:08, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:08, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:11, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied[2010/05/17 17:26:13, 0] smbd/service.c:make_connection_snum(1013)  '/www' does not exist or permission denied when connecting to [www] Error was Permission denied

关闭 SELinux