smb服务器
文章目录
- smb服务器
-
- [SMB 服务介绍](#SMB 服务介绍)
- 准备环境
- 验证配置文件
- [配置 Samba](#配置 Samba)
- [Linux 客户端挂载](#Linux 客户端挂载)
- 自动挂载
- 多用户挂载
- 跨windows平台
SMB 服务介绍
Samba 是在Linux和UNIX系统上实现SMB协议(Server Messages Block,信息服务块),是一种在局域网上共享文件和打印机的一种通信协议。曾用名CIFS(通用互联网文件系统 Common Internet File System), SMB协议是C/S架构,通过该协议客户机(包括Windows、linux、Unix系统)可以访问服务器(包括Windows、linux、Unix系统)上的共享文件系统、打印机及其他资源。
准备环境
bash
#安装Samba并准备共享目录
[root@server ~ 15:41:31]# yum install -y samba samba-client
[root@server ~ 15:42:02]# mkdir -p /shares/samba
[root@server ~ 15:42:44]# groupadd -g 2000 developers
[root@server ~ 15:43:32]# chgrp developers /shares/samba
[root@server ~ 15:43:59]# ll -d /shares/samba
drwxr-xr-x 2 root developers 6 Nov 28 15:42 /shares/samba
#SGID位可确保新内容自动属于开发人员组
[root@server ~ 15:44:06]# chmod 2775 /shares/samba
[root@server ~ 15:44:33]# ll -d /shares/samba
drwxrwsr-x 2 root developers 6 Nov 28 15:42 /shares/samba
[root@server ~ 15:46:40]# useradd -s /sbin/nologin -G developers -u 1001 developer1
[root@server ~ 15:46:55]# useradd -s /sbin/nologin -G developers -u 1002 developer2
[root@server ~ 15:49:18]# smbpasswd -a developer1
[root@server ~ 15:49:30]# smbpasswd -a developer2
#要从Samba数据库中删除用户使用-x
[root@server ~ 15:49:36]# pdbedit -L
developer1:1001:
developer2:1002:
[root@server ~ 15:49:46]# useradd -s /sbin/nologin -u 1100 operator1
[root@server ~ 15:51:55]# smbpasswd -a operator1
[root@server ~ 15:52:09]# pdbedit -L
developer1:1001:
operator1:1100:
developer2:1002:验证配置文件
bash
[root@server ~ 16:43:43]# testparm
[root@server ~ 16:46:52]# echo $?
0配置 Samba
bash
#Samba的配置文件是/etc/samba/smb.conf
[root@server ~ 16:11:58]# yum install -y wget
[root@server ~ 16:11:48]# wget http://192.168.46.88/01.softwares/wordpress-4.9.4-zh_CN.zip
[root@server ~ 16:14:58]# ls
anaconda-ks.cfg wordpress wordpress-4.9.4-zh_CN.zip
[root@server ~ 16:22:04]# mv wordpress /shares/
[root@server ~ 16:22:15]# ll -d /shares/wordpress/
drwxr-xr-x 5 root root 4096 Feb 8 2018 /shares/wordpress/
[root@server ~ 16:22:21]# chgrp -R developers /shares/wordpress
[root@server ~ 16:22:46]# chmod 2775 /shares/wordpress
[root@server ~ 16:22:51]# ll -d /shares/wordpress/
drwxrwsr-x 5 root developers 4096 Feb 8 2018 /shares/wordpress/
[root@server ~ 16:22:53]# cat /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[devcode]
comment = wordpress
valid users = operator1,@developers
path = /shares/wordpress
write list = @developers
hosts allow = 10.1.8.0/24
[root@server ~ 16:23:00]# ll -d /shares/wordpress/
drwxrwsr-x 5 root developers 4096 Feb 8 2018 /shares/wordpress/
#启动 Samba
systemctl enable smb --now
#重新配置测试组内两个用户权限
[root@server ~ 10:17:31]# tail /etc/samba/smb.conf
[devcode]
comment = wordpress
valid users = operator1,@developers
path = /shares/wordpress
write list = @developers
hosts allow = 10.1.8.0/24
create mask = 0664
directory mask = 0775
#重启
[root@server ~ 10:15:06]# systemctl restart smb
#删除共享目录文件
[root@server ~ 10:15:12]# rm -rf /shares/wordpress/index.html
#文件权限变化644->664
[root@server ~ 10:27:36]# ll /shares/wordpress/
total 188
-rw-rw-r-- 1 developer2 developers 11 Dec 1 10:17 index.html
......Linux 客户端挂载
bash
[root@client ~ 16:47:55]# yum install -y cifs-utils samba-client
[root@client ~ 16:49:16]# smbclient -L //10.1.8.10 -U operator1
Enter SAMBA\operator1's password:
[root@client ~ 16:51:31]# yum install nginx -y
[root@client ~ 16:56:31]# mount -t cifs -o username=operator1,password=123 //10.1.8.10/devcode /usr/share/nginx/html/
[root@client ~ 16:57:06]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 480932 0 480932 0% /dev
tmpfs 497816 0 497816 0% /dev/shm
tmpfs 497816 8068 489748 2% /run
tmpfs 497816 0 497816 0% /sys/fs/cgroup
/dev/mapper/centos-root 52403200 4368064 48035136 9% /
/dev/sda1 1038336 159884 878452 16% /boot
/dev/mapper/centos-home 152092100 38748 152053352 1% /home
tmpfs 99564 0 99564 0% /run/user/0
//10.1.8.10/devcode 52403200 1738620 50664580 4% /usr/share/nginx/html
[root@client ~ 16:57:14]# ls /usr/share/nginx/html/
index.php wp-config-sample.php wp-mail.php
license.txt wp-content wp-settings.php
readme.html wp-cron.php wp-signup.php
wp-activate.php wp-includes wp-trackback.php
wp-admin wp-links-opml.php xmlrpc.php
wp-blog-header.php wp-load.php
wp-comments-post.php wp-login.php
[root@client ~ 16:57:28]# systemctl enable nginx.service --now
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
#先卸载目录
[root@client ~ 16:57:44]# umount /usr/share/nginx/html
[root@client ~ 16:59:32]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 480932 0 480932 0% /dev
tmpfs 497816 0 497816 0% /dev/shm
tmpfs 497816 8072 489744 2% /run
tmpfs 497816 0 497816 0% /sys/fs/cgroup
/dev/mapper/centos-root 52403200 4368064 48035136 9% /
/dev/sda1 1038336 159884 878452 16% /boot
/dev/mapper/centos-home 152092100 38748 152053352 1% /home
tmpfs 99564 0 99564 0% /run/user/0
#developer组内成员具有读写权限
[root@client ~ 16:59:34]# mount -t cifs -o username=developer1,password=123 //10.1.8.10/devcode /usr/share/nginx/html/
[root@client ~ 17:00:08]# echo hello world > /usr/share/nginx/html/index.html
#测试 curl 10.1.8.11
[root@client ~ 17:00:42]# curl 10.1.8.11
hello world
#组内两个用户测试
#developer1挂载
[root@client ~ 09:48:43]# umount /usr/share/nginx/html
[root@client ~ 10:06:44]# mount -t cifs -o username=developer1,password=123 //10.1.8.10/devcode /usr/share/nginx/html/
[root@client ~ 10:06:57]# echo hello dev1 > /usr/share/nginx/html/index.html
[root@client ~ 10:07:51]# curl 10.1.8.11
hello dev1
#developer2挂载
[root@client ~ 10:07:57]# umount /usr/share/nginx/html
[root@client ~ 10:08:08]# mount -t cifs -o username=developer2,password=123 //10.1.8.10/devcode /usr/share/nginx/html/
[root@client ~ 10:16:30]# echo hello dev2 > /usr/share/nginx/html/index.html
[root@client ~ 10:17:34]# curl 10.1.8.11
hello dev2自动挂载
bash
#查看挂载选项
man mount.cifs
[root@client ~ 10:46:22]# tail -1 /etc/fstab
//server/devcode /usr/share/nginx/html cifs credentials=/etc/samba/samba.secrets 0 0
#创建保密文件
[root@client ~ 10:40:41]# cat /etc/samba/samba.secrets
username=operator1
password=123
#降低文件权限
[root@client ~ 10:35:59]# chmod 600 /etc/samba/samba.secrets
[root@client ~ 10:39:26]# umount /usr/share/nginx/html
#此命令可帮助测试看属组人员
[root@client ~ 10:09:59]# mount |grep devcode多用户挂载
bash
#客户端准备用户
[root@client ~ 10:52:19]# useradd -u 1100 operator1
[root@client ~ 10:58:32]# passwd operator1
[root@client ~ 10:58:40]# groupadd -g 2000 developers
[root@client ~ 10:59:24]# useradd -G developers -u 1001 developer1
[root@client ~ 10:59:47]# useradd -G developers -u 1002 developer2
[root@client ~ 10:59:53]# passwd developer1
[root@client ~ 10:59:59]# passwd developer2
# 修改挂载记录,添加multiuser
[root@client ~ 11:00:04]# vim /etc/fstab
[root@client ~ 11:06:06]# tail -1 /etc/fstab
//server/devcode /usr/share/nginx/html cifs credentials=/etc/samba/samba.secrets,multiuser 0 0
# 挂载
[root@client ~ 11:00:40]# mount /usr/share/nginx/html/
[root@client ~ 11:00:53]# df /usr/share/nginx/html/
Filesystem 1K-blocks Used Available Use% Mounted on
//server/devcode 52403200 1737296 50665904 4% /usr/share/nginx/html
#使用 operator1 账户测试
[root@client ~ 11:01:44]# su - operator1
Last login: Mon Dec 1 11:01:15 CST 2025 on pts/0
[operator1@client ~ 11:01:51]$ ls /usr/share/nginx/html/
ls: cannot access /usr/share/nginx/html/: Permission denied
[operator1@client ~ 11:02:03]$ cifscreds add server
Password:
[operator1@client ~ 11:02:14]$ ls /usr/share/nginx/html/
index.html wp-admin wp-cron.php wp-mail.php
index.php wp-blog-header.php wp-includes wp-settings.php
license.txt wp-comments-post.php wp-links-opml.php wp-signup.php
readme.html wp-config-sample.php wp-load.php wp-trackback.php
wp-activate.php wp-content wp-login.php xmlrpc.php
[operator1@client ~ 11:02:17]$ touch /usr/share/nginx/html/operator1.file
touch: cannot touch '/usr/share/nginx/html/operator1.file': Permission denied
[operator1@client ~ 11:02:54]$ logout
#使用 developer1 账户测试
[root@client ~ 11:02:56]# su - developer1
[developer1@client ~ 11:03:11]$ cifscreds add server
Password:
[developer1@client ~ 11:03:26]$ ls /usr/share/nginx/html/
index.html wp-admin wp-cron.php wp-mail.php
index.php wp-blog-header.php wp-includes wp-settings.php
license.txt wp-comments-post.php wp-links-opml.php wp-signup.php
readme.html wp-config-sample.php wp-load.php wp-trackback.php
wp-activate.php wp-content wp-login.php xmlrpc.php
[developer1@client ~ 11:03:37]$ touch /usr/share/nginx/html/developer1.file
[developer1@client ~ 11:04:03]$ ls /usr/share/nginx/html/
developer1.file wp-admin wp-includes wp-signup.php
index.html wp-blog-header.php wp-links-opml.php wp-trackback.php
index.php wp-comments-post.php wp-load.php xmlrpc.php
license.txt wp-config-sample.php wp-login.php
readme.html wp-content wp-mail.php
wp-activate.php wp-cron.php wp-settings.php跨windows平台
bash
#使用 win+R 快捷键弹出运行对话框,输入\\10.1.8.10
#cmd
net use * /del /y
#删除会话,切换用户登录rackback.php
index.php wp-comments-post.php wp-load.php xmlrpc.php
license.txt wp-config-sample.php wp-login.php
readme.html wp-content wp-mail.php
wp-activate.php wp-cron.php wp-settings.php
## 跨windows平台
```bash
#使用 win+R 快捷键弹出运行对话框,输入\\10.1.8.10
#cmd
net use * /del /y
#删除会话,切换用户登录