一直以来都以为FTP和NFS是局域网文件共享的常用方式,但是在最近接触Samba之后,了解到一些用户需要简化访问学习成本,满足基础的权限控制管理,并支持实时编辑和保存文件,我才明白这些需求使用之前的方法都是很难满足的,而Samba却可以完美的支持上述需求,虽然在开始接触时花了一些时间学习,但把配置和语法梳理清楚之后就很简单了。
Unix与Windows文件共享的最佳方式之一
2015年07月11日 - 初稿
阅读原文 - http://wsgzao.github.io/post/samba/
扩展阅读
Samba - https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/
SAMBA服务器 - http://vbird.dic.ksu.edu.tw/linux_server/0370samba.php
RHEL6.5下部署samba企业级文件服务器实战 - http://yuan2.blog.51cto.com/446689/1588085
各个平台的安装都蛮简单的,略过
建议合理规划目录和用户权限,可以利用用户组来简化授权管理,参见扩展阅读
#创建目录(举例)
mkdir -p /data2/sm
chmod -R 777 /data2/sm
#添加用户(举例)
groupadd dengling
useradd -g dengling -s /sbin/nologin dengling
smbpasswd -a dengling
#备份smb配置文件并编辑
cd /etc/samba
cp smb.conf smb.conf.bak
vi smb.conf
#全局参数
[global]
security = share
lanman auth = Yes
log file = /var/log/samba/log.%m
idmap config * : backend = tdb
guest ok = Yes
hosts allow = 127., 172., 192.168.1., 192.168.3.
cups options = raw
#共享参数
[homes]
comment = Home Directories
read only = No
browseable = No
[sheji]
comment = sheji
path = /data2/sm/sheji
valid users = share, shenwei, xuwei, shenjiamei, humengchu, rensiqiang, yeting, tongying, jinbo, zengfanan, fengpeisi
read only = No
create mask = 0775
directory mask = 0775
[test]
comment = sheji
path = /data2/sm/test
valid users = test, test2, shenwei
read only = No
create mask = 0775
directory mask = 0775
[q2]
comment = sheji
path = /data2/sm/q2
valid users = xuejia, sungaoshuai, lujingjing, huangsonghe, yefei, lvwenhan, fangyuan, zhanghuichen, liuguofa, xupeiyu, yangpengfei, lisuitao, sunzhen, shenwei, xuwei, shenjiamei, humengchu, rensiqiang, yeting, tongying, jinbo, zengfanan, fengpeisi, chenye, wuailing, pengnan, liangzhixue, chenhong, daimengyou, wangxiaoshuo, zhoujian, fenglu, linlijun, chenshuxian, linzhimin, yanyoushan, xiaguoying, zhanghuanrong, mayushu, xuyangjing, guogaoyan, huangyouyang, jinzhibin, huyuqing, shenxuemei, liukui
read only = No
create mask = 0775
directory mask = 0775
[market]
comment = sheji
path = /data2/sm/market
valid users = zhanghuichen, shenwei, chenye, wuailing, pengnan, liangzhixue, chenhong, daimengyou, wangxiaoshuo, xuyangjing, chenshuxian, linzhimin, caoling, guogaoyan, xiehaibo, huangyouyang, jinzhibin, huyuqing
read only = No
create mask = 0777
directory mask = 0775
[market_finance]
comment = sheji
path = /data2/sm/market_finance
valid users = yangqiong, shenwei, chenye, wuailing, pengnan, liangzhixue, chenhong, daimengyou, wangxiaoshuo, xiehaibo, gaofangjie, xuyangjing, chenshuxian, linzhimin, huangyouyang, jinzhibin, huyuqing
read only = No
create mask = 0777
directory mask = 0775
[shenwei]
comment = sheji
path = /data2/sm/develop/shenwei
valid users = shenwei
read only = No
create mask = 0777
directory mask = 0775
[qijun]
comment = qj
path = /data2/sm/homedir/qijun
valid users = qijun
read only = No
create mask = 0777
directory mask = 0775
guest ok = No
[wenyong]
comment = sheji
path = /data2/sm/develop/wenyong
valid users = wenyong
read only = No
create mask = 0777
directory mask = 0775
[wudi]
comment = sheji
path = /data2/sm/develop/wudi
valid users = wudi
read only = No
create mask = 0777
directory mask = 0775
[caijiannan]
comment = sheji
path = /data2/sm/develop/caijiannan
valid users = caijiannan
read only = No
create mask = 0777
directory mask = 0775
[weiduani2]
comment = weiduan
path = /data2/sm/develop/raochao/微端
valid users = wangfeng
read only = No
create mask = 0777
directory mask = 0775
[raochao]
comment = raochao
path = /data2/sm/develop/raochao
read list = wangfeng, xuwei, shenjiamei, chenxianzhe, chenye, wuailing, liuyuting, dainan
write list = raochao
[product]
comment = product
path = /data2/sm/product
read only = No
create mask = 0777
directory mask = 0777
[jinbo]
comment = JinBo
path = /data2/sm/homedir/jinbo
valid users = jinbo
read only = No
guest ok = No
[xiaoqiang]
comment = xiaoqiang
path = /data2/sm/homedir/xiaoqiang
valid users = xiaoqiang
read only = No
guest ok = No
[share]
comment = share
path = /data2/sm/homedir/share
valid users = share, market, wal, qijun, zhanghua
read only = No
#常用选项
[shared_name]
path = # 文件系统路径
browseable = {yes|no} # 是否可以被查看到
public = {yes|no} # 是否可被所有人读
guest ok = {yes|no} # 与 public 相同
read only = yes # 是否只读
writeable = yes # 是否可写
write list = user1, user2 # 可写用户列表
@group, +group # 可写组列表
valid users = # 白名单
invalid users = # 黑名单
#检查语法
testparm
#重启smb服务查看状态
service smb restart
smbstatus
1.Windows上访问samba
在“计算机”中输入:\\xxx.xxx.xxx.xxx\
2.Windows断开samba共享连接,实在不行可以选择注销或者重启
在【开始】→【运行】→【CMD】回车中输入:net use * /del /y
3.将samba共享的Linux目录映射成Windows的一个驱动器盘符
在【右键计算机】→【映射网络驱动器】→【文件夹\XX.XX.XX.XX\】