samba搭建

安装

yum -y install samba samba-client

查看状态

systemctl status smb.service

修改配置文件

vim /etc/samba/smb.conf
[global]
workgroup = SAMBA
security = user
passdb backend = smbpasswd
smb passwd file = /home/svnserver/svnrepo/authconf/smbpasswd
printing = cups
printcap name = cups
load printers = yes
cups options = raw
map to guest = bad user #配置匿名访问用
[公共]
comment = 公共分享目录
path = /home/sambFile #这个地方需要对该文件夹chmod 777 -R
create mask = 0755
directory mask = 0755
browseable = Yes
writeable = Yes
public = Yes
[server]
comment = server目录
path = /home/server
valid users = root
write list = root
printable = no
create mask = 0644
directory mask = 0755

打开端口

firewall-cmd --permanent --add-port=139/tcp
firewall-cmd --permanent --add-port=445/tcp
firewall-cmd --reload

关闭防火墙和查看防火墙状态

setenforce 0 用于关闭selinux防火墙，但重启后失效。
getenforce

永久关闭，需要重启

vim /etc/selinux/config
#SELINUX=enforcing
SELINUX=disabled

不关闭防火墙单独放开samba的权限,需要重启

setsebool -P allow_smbd_anon_write=1
setsebool -P samba_domain_controller on
setsebool -P samba_enable_home_dirs on
setsebool -P samba_export_all_rw on
setsebool -P use_samba_home_dirs on //新增加一个用户后，要重新运行一次
getsebool -a|grep samba
getsebool -a|grep smb
#查看共享目录安全状态
ll -Zd /home/p2p/server/
#drwxrwxr-x. p2p p2p unconfined_u:object_r:user_home_t:s0 /home/p2p/server/
#user_home_t:s0 ，猜测意思是对用户开放
#打开文件目录共享权限
chcon -t samba_share_t /home/p2p/server
ll -Zd /home/p2p/server/
#drwxrwxr-x. p2p p2p unconfined_u:object_r:samba_share_t:s0 /home/p2p/server/
#samba_share_t:s0 ，应该是可以了

#查看se状态
sestatus

开机启动samba服务

systemctl enable smb.service

启动和重启和停止

systemctl start smb.service
systemctl restart smb.service
systemctl stop smb.service

添加分组及密码

groupadd sales
useradd -g sales sale1
useradd -g sales sale2
smbpasswd -a sale1
smbpasswd -a sale2

在/etc/samba/smb.conf里需要设置分组时可直接引用

valid users = root,@sales