环境:CentOS Linux release 7.3.1611 (Core)
安装:yum install samba samba-client
配置samba
vim /etc/samba/smb.conf [global] workgroup = WORKGROUP server string = Samba Server Version %v netbios name = zhi map to guest = bad user log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [share] #无帐号密码即可访问 comment = share path = /data/share browseable= yes create mask = 0644 directory mask = 0755 guest ok = yes #指定该共享是否允许guest账户访问即匿名访问 默认是no [share1] #需要帐号密码才能访问 comment = share1 path = /data/share1 valid users = zhi #白名单用户或组 write list = zhi #可写用户或组列表 create mask = 0755 directory mask = 0755
share无需帐号即可访问,share1需要帐号才能访问。
samba的访问帐号需要设置,而且必须是系统用户。
创建系统用户
useradd zhi -s /sbin/nologin
设置samba帐号密码
[root@jenkins samba]# pdbedit -a -u zhi new password: retype new password: Unix username: zhi NT username: Account Flags: [U ] User SID: S-1-5-21-4122702104-983005384-4239704784-1000 Primary Group SID: S-1-5-21-4122702104-983005384-4239704784-513 Full Name: Home Directory: \\zhi\zhi HomeDir Drive: Logon Script: Profile Path: \\zhi\zhi\profile Domain: ZHI Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: 三, 06 2月 2036 23:06:39 CST Kickoff time: 三, 06 2月 2036 23:06:39 CST Password last set: 日, 12 3月 2017 18:21:24 CST Password can change: 日, 12 3月 2017 18:21:24 CST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
查看Samba用户列表
[root@jenkins samba]# pdbedit -L zhi:1000: test:1001:
启动samba服务 systemctl start smb
共享目录的参数介绍
[MyShare] comment = grind’s file #对共享备注 path = /home/grind #共享文件系统路径 allow hosts = host(subnet) #允许访问的主机 deny hosts = host(subnet) #禁止访问的主机 writable = yes|no #是否可写 readonly = yes|no #是否只读 user = user(@group) #可使用该资源的用户 valid users = user(@group) #白名单用户或组 invalid users = user(@group) #黑名单用户或组 read list = user(@group) #只读用户或组列表 write list = user(@group) #可写用户或组列表 admin list = user(@group) #指定能管理该共享资源(包括读写和权限赋予等)的用户和组 public = yes|no #是否能给游客帐号访问 guest ok = yes|no #是否能给游客账号访问 hide dot files = yes|no #是否像unix那样隐藏以“.”号开头的文件 create mode = 0755 #指明新建立的文件的属性,一般是0755 directory mode = 0755 #指明新建立的目录的属性,一般是0755 sync always = yes|no #指明对该共享资源进行写操作后是否进行同步操作 short preserve case = yes|no #指明是否区分文件名大小写。 preserve case = yes|no #指明保持大小写。 case sensitive = yes|no #指明是否对大小写敏感,一般选no,不然可能引起错误。 mangle case = yes|no #指明混合大小写 default case = upper|lower #指明缺省的文件名是全部大写还是小写 force user = grind #强制把建立文件的属主是谁 wide links = yes|no #指明是否允许共享外符号连接 max connections = 100 #设定同时连接数 delete readonly = yes|no #指明能否删除共享资源里面已经被定义为只读的文件
本文出自 “宁静致远” 博客,请务必保留此出处http://irow10.blog.51cto.com/2425361/1906906
原文地址:http://irow10.blog.51cto.com/2425361/1906906
