Linux基础学习-Samba文件共享服务

使用Samba文件共享服务

Samba起源：

早期网络想要在不一样主机之间共享文件大多要用FTP协议来传输，但FTP协议仅能作到传输文件却不能直接修改对方主机的资料数据，这样确实不太方便，因而便出现了NFS开源文件共享程序:NFS(NetworkFile System)是一个可以将多台Linux的远程主机数据挂载到本地目录的服务，属于轻量级的文件共享服务，不支持Linux与 Windows系统间的文件共享。

随后在1991年时大学生Tridgwell为了解决Linux与Windows系统之间共享文件的问题，便开发出了SMB协议与Samba服务程序。
SMB(Server Messages Block)协议:实现局域网内文件或打印机等资源共享服务的协议。

当时Tridgwell想要注册SMBServer这个商标，但却被由于SMB是没有意义的字符被拒绝了，通过Tridgwell不断翻看词典，终于找到了一个拉丁舞蹈的名字——SAMBA，而这个热情舞蹈的名字中又刚好包含了SMB(SAMBA)，因而这即是Samba程序名字的由来。

Samba服务程序是一款基于SMB协议并由服务端和客户端组成的开源文件共享软件，实现了Linux与Windows系统间的文件共享

1 samba安装

[root@qdlinux ~]# yum install samba cifs-utils -y

2 启动服务加入开机自启动

[root@qdlinux ~]# systemctl start smb
[root@qdlinux ~]# systemctl enable smb
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
[root@qdlinux ~]# ss -lntup | grep smb
tcp    LISTEN     0      50        *:139                   *:*                   users:(("smbd",pid=1095,fd=38))
tcp    LISTEN     0      50        *:445                   *:*                   users:(("smbd",pid=1095,fd=37))
tcp    LISTEN     0      50       :::139                  :::*                   users:(("smbd",pid=1095,fd=36))
tcp    LISTEN     0      50       :::445                  :::*                   users:(("smbd",pid=1095,fd=35))

3 配置samba

[root@qdlinux ~]# mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
[root@qdlinux ~]# cat /etc/samba/smb.conf.bak | grep -v "#" | grep -v ";" | grep -v "^$" > /etc/samba/smb.conf 
[root@qdlinux ~]# cat /etc/samba/smb.conf
[global]
    workgroup = SAMBA
    security = user
    passdb backend = tdbsam
    printing = cups
    printcap name = cups
    load printers = yes
    cups options = raw
[homes]
    comment = Home Directories
    valid users = %S, %D%w%S
    browseable = No
    read only = No
    inherit acls = Yes
[printers]
    comment = All Printers
    path = /var/tmp
    printable = Yes
    create mask = 0600
    browseable = No
[print$]
    comment = Printer Drivers
    path = /var/lib/samba/drivers
    write list = root
    create mask = 0664
    directory mask = 0775

4 修改配置文件以下

[root@qdlinux ~]# vim /etc/samba/smb.conf
[root@qdlinux ~]# cat /etc/samba/smb.conf
[global]
    workgroup = WORKGROUP
    security = user
    passdb backend = tdbsam
    printing = cups
    printcap name = cups
    load printers = yes
    cups options = raw
[share]
    comment = This is share /data/samba/share
    path = /data/samba/share
    public = no
    writable = yes

5 添加一个用户用于访问共享资源

[root@qdlinux ~]# useradd samba_user
[root@qdlinux ~]# usermod -s /sbin/nologin samba_user

[root@qdlinux ~]# pdbedit -L 
[root@qdlinux ~]# pdbedit -a -u samba_user
new password:
retype new password:
Unix username:        samba_user
NT username:          
Account Flags:        [U          ]
User SID:             S-1-5-21-351179206-2754336130-384069223-1000
Primary Group SID:    S-1-5-21-351179206-2754336130-384069223-513
Full Name:            
Home Directory:       \\qdlinux\samba_user
HomeDir Drive:        
Logon Script:         
Profile Path:         \\qdlinux\samba_user\profile
Domain:               QDLINUX
Account desc:         
Workstations:         
Munged dial:          
Logon time:           0
Logoff time:          Wed, 06 Feb 2036 23:06:39 CST
Kickoff time:         Wed, 06 Feb 2036 23:06:39 CST
Password last set:    Tue, 14 Aug 2018 19:37:44 CST
Password can change:  Tue, 14 Aug 2018 19:37:44 CST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

[root@qdlinux ~]# chown -Rf samba_user.samba_user /data/samba/share/

6 重启服务测试

[root@qdlinux ~]# systemctl restart smb

7 发现windows不能访问所共享的内容,解决方法以下

[root@qdlinux ~]# iptables -F
[root@qdlinux ~]# firewall-cmd --permanent --add-service=samba
success
[root@qdlinux ~]# firewall-cmd --reload 
success

[root@qdlinux ~]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_load_libgfapi --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
tmpreaper_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@qdlinux ~]# setsebool -P samba_enable_home_dirs on
[root@qdlinux ~]# setsebool -P samba_export_all_rw on

匿名访问成功