samba搭建学习
- [一、Samba 介绍](#一、Samba 介绍)
- [二、Samba 安装配置](#二、Samba 安装配置)
-
- [1. 安装Samba](#1. 安装Samba)
- [2. 配置文件介绍](#2. 配置文件介绍)
- [3. 创建共享目录和用户账号](#3. 创建共享目录和用户账号)
- [4. 配置文件修改](#4. 配置文件修改)
- [5. 启动Samba程序](#5. 启动Samba程序)
- [6. 客户端验证](#6. 客户端验证)
-
- [6.1. windows客户端验证](#6.1. windows客户端验证)
- [6.2. linux客户端测试](#6.2. linux客户端测试)
一、Samba 介绍
Samba 是基于SMB 协议开发的用于解决Linux 系统与 Windows 系统之间的文件共享问题。
二、Samba 安装配置
1. 安装Samba
dnf -y install samba2. 配置文件介绍
/etc/samba/smb.conf:
clike
#全局配置段
[global]
workgroup = SAMBA # 所属工作组名称(需与Windows客户端一致)
security = user # 安全级别:用户级验证(需Samba账户密码,且本地账号存在)
passdb backend = tdbsam # 密码存储后端:轻量级TDB数据库(单机首选)
printing = cups # 打印机系统:使用CUPS(Linux标准打印服务)
printcap name = cups # 读取CUPS的打印机列表
load printers = yes # 自动加载CUPS中的打印机
cups options = raw # CUPS打印选项:原始模式(兼容多数打印机)
# 用户家目录共享(每个 Samba 用户自动生成专属家目录共享)
[homes]
comment = Home Directories # 共享描述(Windows中显示的备注)
valid users = %S, %D%w%S # 仅允许用户自己访问(%S=当前用户名,域环境兼容写法)
browseable = No # 不在网络邻居中显示(隐私性,需手动输入路径访问)
read only = No # 允许读写操作(用户可修改自己的家目录)
inherit acls = Yes # 新文件自动继承父目录的ACL权限(适配权限精细化控制)
# 打印机共享
[printers]
comment = All Printers # 共享描述:所有打印机
path = /var/tmp # 打印任务临时存储路径
printable = Yes # 允许打印(核心参数,标记为打印机共享)
create mask = 0600 # 打印文件的权限:仅所有者可读写
browseable = No # 不在网络邻居中显示(避免无关用户看到)
# 打印机驱动共享
[print$]
comment = Printer Drivers # 共享描述:打印机驱动
path = /var/lib/samba/drivers # 驱动文件存储路径
# printadmin is a local group
write list = printadmin root # 仅printadmin组和root用户可写入(管理驱动)
force group = printadmin # 新建文件的所属组强制为printadmin
create mask = 0664 # 驱动文件权限:所有者/组可读写,其他只读3. 创建共享目录和用户账号
创建不能登录系统的账号
useradd -M -s /sbin/nologin smbuser创建Samba 账户,前提是系统中必须存在此用户
pdbedit -a -u smbuser
clike
new password: # 输入密码
retype new password: # 确认密码
Unix username: sambauser
NT username:
Account Flags: [U ]
User SID: S-1-5-21-872321202-3951748688-4113238925-1001
Primary Group SID: S-1-5-21-872321202-3951748688-4113238925-513
Full Name:
Home Directory: \\LOCALHOST\sambauser
HomeDir Drive:
Logon Script:
Profile Path: \\LOCALHOST\sambauser\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 23:06:39 CST
Kickoff time: Wed, 06 Feb 2036 23:06:39 CST
Password last set: Sat, 29 Nov 2025 10:08:43 CST
Password can change: Sat, 29 Nov 2025 10:08:43 CST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF使用
pdbedit -L查看用户
创建共享目录
mkdir /share
chown smbuser.smbuser /share4. 配置文件修改
/etc/samba/smb.conf:
clike
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
# 用户没有家目录,所有这里注释掉即可,默认是会创建家目录共享
#[homes]
# comment = Home Directories
# valid users = %S, %D%w%S
# browseable = No
# read only = No
# inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
# printadmin is a local group
write list = printadmin root
force group = printadmin
create mask = 0664
directory mask = 0775
[share]
comment = shared file # 共享文件描述
path = /share # 共享文件目录
public = no # 是否允许匿名访问
writable = yes # 是否允许对共享目录进行读写操作5. 启动Samba程序
测试配置文件可用性
testparm
clike
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.启动
systemctl enable smb --now6. 客户端验证
非强制要求关闭防火墙和selinux
systemctl disable firewalld --now
setenforce 0
grubby --update-kernel ALL --args selinux=0
grubby --update-kernel ALL --remove-args selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config6.1. windows客户端验证
连接smb服务器
输入账号密码
创建文件测试
6.2. linux客户端测试
安装客户端软件
dnf -y install samba-client cifs-utilssamba-client:Linux 系统中 Samba 套件的客户端工具包cifs-utils: Linux 系统中用于挂载和管理 CIFS/SMB 文件系统的工具集
查看smb服务器共享目录
smbclient -L //192.168.25.135 -U smbuser
clike
Password for [SAMBA\smbuser]:
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
share Disk shared file
IPC$ IPC IPC Service (Samba 4.21.3)
SMB1 disabled -- no workgroup available访问远程共享目录(交互模式)
smbclient //192.168.25.135/share -U smbuser输入help可以查看支持的命令,例如: ls查看当前目录,get 下载文件、pull上传文件等。
clike
Password for [SAMBA\smbuser]:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Sat Nov 29 09:13:05 2025
.. D 0 Sat Nov 29 09:13:05 2025
test.txt A 0 Sat Nov 29 09:12:54 2025
19855360 blocks of size 1024. 18314344 blocks available将共享目录挂载到本地
非交互挂载
mount.cifs //192.168.25.135/share /mnt/smbshare -o username=smbuser,password=123456
# 创建挂载目录
mkdir -p /mnt/smbshare
# 挂载共享文件,需要输入密码
mount.cifs //192.168.25.135/share /mnt/smbshare -o username=smbuser
# 查看是否挂载成功
mount | grep /mnt/smbshare
clike
//192.168.25.135/share on /mnt/smbshare type cifs (rw,relatime,vers=3.1.1,cache=strict,upcall_target=app,username=smbuser,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.25.135,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,reparse=nfs,nativesocket,symlink=native,rsize=4194304,wsize=4194304,bsize=1048576,retrans=1,echo_interval=60,actimeo=1,closetimeo=1)永久挂载(配置 fstab)
/etc/fstab:
clike
//192.168.25.135/share /mnt/smbshare cifs username=smbuser,password=123456 0 0mount -a
mount | grep /mnt
clike
//192.168.25.135/share on /mnt/smbshare type cifs (rw,relatime,vers=3.1.1,cache=strict,upcall_target=app,username=smbuser,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.25.135,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,reparse=nfs,nativesocket,symlink=native,rsize=4194304,wsize=4194304,bsize=1048576,retrans=1,echo_interval=60,actimeo=1,closetimeo=1)