CentOS8_Samba匿名共享
安装相关软件:
yum -y install samba samba-client
查看Samba的版本信息: rpm -qi samba
如果不想自己设置,可以下载我的配置文件
http://pan.dashupc.com:89/?dl=93be0a70943a95da117e73d1eab1b0ea
启动Samba:
systemctl start smb
systemctl enable smb
防火墙配置:(TCP端口:139,445 UDP端口:137,138)
[root@centos8 ~]# firewall-cmd –zone=public –add-port={139/tcp,445/tcp} –permanent
success
[root@centos8 ~]# firewall-cmd –zone=public –add-port={137/udp,138/udp} –permanent
success
[root@centos8 ~]# firewall-cmd –reload
success
查看所有打开的防火墙端口:(虽然看不见TCP 22端口,但默认是可以访问的)
[root@centos8 ~]# firewall-cmd –zone=public –list-ports
80/tcp 139/tcp 445/tcp 137/udp 138/udp
必须要关闭SELinux:(否则客户端将无法访问共享文件夹的)
setenforce 0
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
查看配置文件:
[root@centos8 ~]# cat /etc/samba/smb.conf |grep -v “^#”|grep -v ^”$”
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
######
匿名共享:
修改samba的配置文件:
[root@centos8 ~]# vi /etc/samba/smb.conf
workgroup = SAMBA
修改为:(WORKGROUP是Windows默认的工作组名字)
workgroup = WORKGROUP
samba4较之前的samba3有一个重大的变化是:security不再支持share,参数需要做以下调整:
security = user
下面追加:
map to guest =Bad User
### 不加载打印机:
sed -i ‘s/load printers = yes/load printers = no/g’ /etc/samba/smb.conf
创建共享:
cat >>/etc/samba/smb.conf<< eof
[共享文件夹]
comment = share
path = /share
browseable = yes
public = yes
writeable = no
eof
创建共享文件夹(权限为777)
mkdir -p /share
touch /share/test.txt
chmod -R 777 /share/
测试配置的smb.conf是否正确,用下面的命令:
[root@centos8 ~]# testparm
修改了配置文件后,记得重新启动Samba服务:
[root@centos8 ~]# systemctl restart smb
######
Windows客户端访问Samba服务器 (此时匿名用户只可以下载)
笺注:实验中Samba服务器IP为 192.168.168.154
###
要是想匿名用户可以写入数据:(只需修改writeable = yes)
[root@centos8 ~]# vi /etc/samba/smb.conf
笺注:
重新启动Samba服务后,匿名用户对共享文件夹里的所有文件和文件夹都可以创建、删除、修改等等。
匿名用户创建的文件和文件夹:
######
如果想限制访问共享的IP地址,可以修改配置文件 /etc/samba/smb.conf
例子1:仅允许以下N个IP (用空格相隔的!!!)直接在文件后面追加即可
hosts allow = 192.168.168.110 192.168.168.157
例子2:仅允许以下N个网段 (用空格相隔的!!!)直接在文件后面追加即可
hosts allow = 192.168.9.0/24 192.168.168.0/24
修改了配置文件后,记得重新启动Samba服务:
[root@centos8 ~]# systemctl restart smb
我的配置文件如下:
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run ‘testparm’ to verify the config is correct after
# you modified it.
[global]
workgroup = WORKGROUP
security = user
map to guest = Bad User
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = no
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[网盘]
comment = 网盘
path = /home/wwwroot/pan/uploads
browseable = yes
public = yes
writeable = yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
