您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
# Linux系统如何使用Samba共享文件
## 一、Samba服务简介
### 1.1 什么是Samba
Samba是一套开源的软件套件,实现了SMB/CIFS(Server Message Block/Common Internet File System)协议,允许Linux/Unix系统与Windows系统之间进行文件共享和打印机共享。它由澳大利亚程序员Andrew Tridgell于1991年开发,现已成为跨平台文件共享的标准解决方案。
### 1.2 Samba的核心功能
- 文件共享服务
- 打印机共享
- 用户身份验证
- 名称解析服务
- 服务公告(浏览网络)
### 1.3 Samba的应用场景
- 企业内网文件服务器
- 家庭多媒体共享中心
- 跨平台开发环境
- 虚拟机与宿主机文件交换
## 二、Samba服务安装与配置
### 2.1 安装Samba服务
#### Ubuntu/Debian系统
```bash
sudo apt update
sudo apt install samba -y
sudo yum install samba -y
# 或
sudo dnf install samba -y
samba --version
/etc/samba/smb.conf
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
编辑smb.conf文件:
sudo nano /etc/samba/smb.conf
典型全局配置示例:
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = LINUX-SERVER
security = user
map to guest = bad user
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
preferred master = yes
os level = 20
sudo mkdir -p /srv/samba/share
sudo chmod -R 0777 /srv/samba/share
[Share]
comment = Public Share
path = /srv/samba/share
browseable = yes
writable = yes
guest ok = yes
read only = no
create mask = 0777
directory mask = 0777
sudo useradd smbuser
sudo passwd smbuser
sudo smbpasswd -a smbuser
sudo pdbedit -Lsudo smbpasswd -x usernamesudo smbpasswd -d username[Private]
comment = Private Share
path = /srv/samba/private
valid users = smbuser
browseable = yes
writable = yes
create mask = 0700
directory mask = 0700
# 允许特定IP段
hosts allow = 192.168.1. 127.
# 拒绝特定IP
hosts deny = 192.168.1.100
[Department]
path = /srv/samba/dept
valid users = @dept-group
force group = dept-group
create mask = 0660
directory mask = 2770
[ShareWithTrash]
path = /srv/samba/share
vfs objects = recycle
recycle:repository = .recycle/%U
recycle:keeptree = yes
recycle:versions = yes
recycle:maxsize = 0
recycle:exclude = *.tmp,*.temp
# 启动服务
sudo systemctl start smbd nmbd
# 开机自启
sudo systemctl enable smbd nmbd
# 查看状态
sudo systemctl status smbd
testparm
sudo ufw allow samba
# 或
sudo firewall-cmd --add-service=samba --permanent
sudo firewall-cmd --reload
sudo setsebool -P samba_enable_home_dirs on
sudo setsebool -P samba_export_all_rw on
sudo tail -f /var/log/samba/log.smbd
sudo apt install smbclient cifs-utils
smbclient //server/share -U username
sudo mount -t cifs //server/share /mnt/share -o username=user,password=pass
\\Linux服务器IPsmb://Linux服务器IP定期更新:保持Samba服务最新版本
sudo apt upgrade samba
最小权限原则:仅授予必要权限
writable = no
read only = yes
禁用SMB1协议(存在严重漏洞):
[global]
min protocol = SMB2
启用加密传输:
[global]
server signing = mandatory
smb encrypt = required
定期审计:
sudo auditctl -w /etc/samba/smb.conf -p wa -k samba_config
调整socket参数:
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
启用大文件支持:
[global]
min receivefile size = 16384
use sendfile = yes
工作线程优化:
[global]
max smbd processes = 1000
目录缓存设置:
[global]
directory name cache size = 10000
[Media]
path = /media/nas
valid users = @family
writable = yes
browseable = yes
veto oplock files = /*.m4v/*.mov/*.mp4/
veto files = /._*/.DS_Store/
delete veto files = yes
[DevProject]
path = /projects/current
valid users = @developers
writable = yes
create mask = 0775
directory mask = 0775
force group = developers
hide special files = yes
通过本文的详细介绍,您应该已经掌握了在Linux系统上配置和使用Samba服务进行文件共享的全套方法。从基础安装到高级配置,从用户管理到安全优化,Samba提供了企业级文件共享所需的所有功能。
/etc/samba/smb.conf建议通过man smb.conf查阅完整配置选项,并根据实际需求调整参数。Samba的强大功能可以满足从家庭用户到企业环境的各种文件共享需求。
“`
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。