samba使用总结
一、Samba简介
Samba是根据SMB协议实现的,主要用于Windows和Linux之间共享资源。
二、安装要配置Samba服务器,至少需要下面三个套件:samba-commonsamba-clientsamba
检查Samba是否安装[root@centos ~]# rpm -qa|grep sambasamba-common-3.0.33-3.7.el5samba-client-3.0.33-3.7.el5sblim-cmpi-samba-test-1-31.el5_2.1sblim-cmpi-samba-0.5.2-31.el5_2.1system-config-samba-1.2.41-3.el5samba-swat-3.0.33-3.7.el5sblim-cmpi-samba-devel-1-31.el5_2.1samba-3.0.33-3.7.el5这里我是用yum命令安装的。
三、配置
1.Samba安装后,默认配置文件是/etc/samba/smb.conf2.Samba服务 [root@centos samba]# service smb statussmbd (pid 5046 4970 4955 4953 4948) is running...nmbd (pid 4951) is running...
Samba启动的进程: smbd和nmbd
3.配置参数3.1 Network Related Options(1)workgroup NT的域名或工作组名如: workgroup = MYGROUP(2)server string 相当于NT的描述信息字段(3)netbios name Samba所在linux主机的Netbios名称netbios name = mylinux (4)interfaces 指定Samba服务监听的网络接口假设Samba所在Linux主机有两个网络接口:eth0和eth1,我只想在ech0上接受samba请求,则interfaces = eth0bind interfaces only = yes
默认是在当前所有除了lo地址以外激活的网络接口(5)host allow 指定哪些主机可以连接Samba服务器如:hosts allow = 10.226.70.0/24 10.32.0.0/16
3.2 Logging Options默认,日志是保存在/var/log/samba目录下; log file = /var/log/samba/%m.log
3.3 Standalone Server Options(1)security此参数可被设成user, share or server若ecurity = user,则从Windows访问共享资源时需输入Samba用户名和密码若ecurity = share,并指定public = yes 访问权限,则可从Windows匿名访问共享资源
3.4 Share Definitions设置共享目录信息格式:[共享资源名称] 参数1 = 值1 参数2 = 值2 .... 参数n = 值n主要的参数有共享资源的描述信息,共享目录路径和访问权限常见的参数:(1)comment(2)path(3)read only(4)writeable(5)printable(6)guest ok(7)public其中,(3),(4),(5),(6),(7)都是属于访问权限,其值为yes/no(6)与(7)是同义的,不需要用户名/密码如:[smbshare] comment = my share on linux path = /testsmb writeable = yes printable = no共享资源名称为"smbshare",描述信息是" my share on linux",共享目录是"/testsmb",具有写的权限,但没有打印权限。
4.配置完smb.conf后保存.可使用testparm命令检查配置是否有误:
[root@centos samba]# testparmLoad smb config files from /etc/samba/smb.confProcessing section "[homes]"Processing section "[printers]"Processing section "[smbshare]"Loaded services file OK.Server role: ROLE_STANDALONEPress enter to see a dump of your service definitions
[global] workgroup = MYGROUP netbios name = MYLINUX server string = Samba Server Version %v interfaces = lo, eth0 bind interfaces only = Yes security = SHARE passdb backend = tdbsam username map = /etc/samba/smbusers hosts allow = 10.226.70.0/24, 10.32.0.0/16 cups options = raw
[homes] comment = Home Directories read only = No browseable = No
[printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No
[smbshare] comment = my share on linux path = /testsmb read only = No guest ok = Yes
确认无误后,重启Samba服务
[root@centos samba]# service smb restartShutting down SMB services: [ OK ]Shutting down NMB services: [ OK ]Starting SMB services: [ OK ]Starting NMB services: [ OK ]
- Samba用户名和密码前面说了,若允许匿名访问共享资源,则不需Samba用户名和密码,否则若指定security = user时,需要输入Samba用户名和密码。可使用smbpasswd命令添加Samba用户。
四、小工具
- smbpasswd若已存在系统用户zhangyang,则只须将基加入Samba用户中,并为其设置Samba密码。否则,先创建系统用户,再加为Samba用户。(1)若普通用户使用该命令,则为修改SMB密码,并要求输入旧的SMB密码(2)若root 用户使用,-a 表示将后面的用户名添加到smbpasswd文件中,并为用户设置smb密码.
如:smbpasswd -a zhangyang 将系统用户zhangyang加入到smb账户中,并为其设置密码
[root@centos ~]# smbpasswd -a zhangyangNew SMB password:Retype new SMB password:Added user zhangyang.
注意:这里的密码是SMB密码,不是系统用户的登录密码!
2.smbclient访问服务器上SMB/CIFS共享资源客户端两种用法:(1) 查询共享资源 smbclient -L netbios -U username[%password]-L netbios name-U username[%password] 设置SMB用户名或用户名+密码如:[root@localhost ~]# smbclient -L mylinux -U test%123456Domain=[MYLINUX] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]
Sharename Type Comment --------- ---- ------- smbshare Disk my share on linux IPC$ IPC IPC Service (Samba Server Version 3.0.33-3.7.el5) test Disk Home DirectoriesDomain=[MYLINUX] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]
Server Comment --------- -------
Workgroup Master --------- ------- MYGROUP LOCALHOST(2) 登录远程共享资源进行操作smbclient {servicename} -U username[%password]servicename: //netbios name/share name-U: username or username+password如:[root@localhost ~]# smbclient //10.226.70.21/mysoft -U Administrator%web123Domain=[ZY] OS=[Windows Server 2003 3790] Server=[Windows Server 2003 5.2]
五、[测试]
(http://lib.csdn.net/base/softwaretest)1.Windows中访问Samba服务器共享的资源[//ip[/share_name](file://ip[/share_name)]或[//netbios[/share_name](file://netbios[/share_name)]如: [//10.226.70.30](file://10.226.70.30/) 或 [//mylinux/smbshare](file://mylinux/smbshare)注:(1)在Windows中访问Linux共享资源时,进入了共享目录,打开时却出现“没有权限访问网络资源”的错误,则只须修改/etc/selinux/config 或/etc/sysconfig/selinux, 将SELINUX=enforcing 改为SELINUX=disable即可。
(2) 关于共享资源的权限共享目录本身的权限要和Samba服务器授予访问用户的权限保持不冲突。如testsmb本身是644,若在配置文件中指定writeable = yes,则当其他组的用户登录后,是没有write权限的。Samba服务器授予的权限不能超过目录的系统授予它的权限的。The access rights granted by the server are masked by the access rights granted to the specified or guest UNIX user by the host system. The server does not grant more access than the host system grants.
2.Linux中访问Windows的共享资源假设Windows2003中有共享了目录mysoft, 网络访问用户有写的权限方法1:smbclient[root@centos test]# smbclient //10.226.70.21/mysoft -U Administrator%web123Domain=[ZY] OS=[Windows Server 2003 3790] Server=[Windows Server 2003 5.2]smb: /> help? altname archive blocksize cancelcase_sensitive cd chmod chown closedel dir du exit getgetfacl hardlink help history lcdlink lock lowercase ls maskmd mget mkdir more mputnewer open posix posix_open posix_mkdirposix_rmdir posix_unlink print prompt putpwd q queue quit rdrecurse reget rename reput rmrmdir showacls setmode stat symlinktar tarmode translate unlock volumevuid wdel logon listconnect showconnect!smb: />下面就可以像ftp一样,使用命令get, mget, put,mput等。
方法2:mount用法: mount -t cifs -o username=un,password=pwd share mount_point注:username和password两个属性值间用逗号隔开[root@centos ~]# mount -t cifs -o user=Administrator,password=web123 //10.226.70.21/mysoft /mnt/cdrom[root@centos ~]# ls /mnt/cdrom1.bat ethereal-setup-0.99.0.exe me New Text Document.txt7-Zip jpwb2009.exe myftp putty
- Linux中访问samba服务器共享的资源
[root@centos sysconfig]# smbclient //mylinux/smbshare -U test%123456