samba服务器

yum install samba samba-client -y
mkdir -p /mnt/share/
chmod -R user:user /mnt/share/
useradd user -m -G users
smbpasswd -a user

3.1 完全访问

[global]
        dos charset = CP850
        unix charset = UTF-8
        workgroup = WORKGROUP
        server string = Samba Server Version %v
        security = user
        map to guest = Bad User
        guest account = nobody
        guest ok = yes
        writable = yes
        browseable = yes
        passdb backend = tdbsam
        log file = /var/log/samba/log.%I
        max log size = 500
        load printers = no
        printcap name = /dev/null
        disable spoolss = yes
        hide dot files = yes
        acl allow execute always = true
        create mask = 0777
        directory mask = 0777
        # symlinks
        allow insecure wide links = yes
        follow symlinks = yes
        wide links = yes
 
[share]
        comment = share DMZ
        path = /data

3.2 密码访问

  • 启用功能:回收站,隐藏.文件,恢复被删除文件;
  • 直接访问挂载点下的 .recycle 文件夹即可2)
  • 开启了audit;

Note: ShareName 全部小/大写,windows显示小写. ShareName 大小写混合,windows显示原本配置

[global]
        dos charset = CP850
        unix charset = UTF-8
        workgroup = WORKGROUP
        server string = Samba Server Version %v
        netbios name = nas
        interfaces = eno1 bge0
        bind interfaces only = yes
        hosts allow = 172.17.1. 10.1.1.254
        hosts deny = 192.168.199. 172.16.1. 172.19.
        security = user
        writable = yes
        browseable = yes
        guest ok = no
        map to guest = never
        restrict anonymous = 2
        passdb backend = tdbsam
        log file = /var/log/samba/log.%I
        max log size = 500
        load printers = no
        printcap name = /dev/null
        disable spoolss = yes
        hide dot files = yes
        acl allow execute always = true
        create mask = 0644
        directory mask = 0755
        # symlinks
        allow insecure wide links = yes
        follow symlinks = yes
        wide links = yes
        # vfs modules
        vfs objects = recycle shadow_copy2
        # recycle
        recycle:repository = .recycle
        recycle:keeptree = yes
        recycle:versions = yes
        recycle:touch = no
        recycle:maxsize = 0
        recycle:exclude = *.tmp ~$* *.td.cfg *.td *.uploading.cfg
        recycle:noversions = *.doc
        # shadow_copy2
        shadow:snapdir = .zfs/snapshot
        shadow:sort = desc
        shadow:format = %Y.%m.%d-%H.%M.%S
        shadow:localtime = yes
 
[share]
        comment = share@zfs
        path = /tank/share

3.3 shadow cpoy

  • 建议写在[global],shadow:format不要加任何其他的字符,如单引号,双引号,@等;
# shadow_copy2
vfs objects = shadow_copy2  #将所有使用了的模块名放在一起,空格隔开
shadow:snapdir = .zfs/snapshot
shadow:sort = desc
shadow:format = %Y.%m.%d-%H.%M.%S
shadow:localtime = yes

3.4 samba audit

global添加配置:

vfs objects = recycle full_audit
#Audit settings
full_audit:facility = LOCAL6
full_audit:priority = NOTICE
full_audit:prefix = %u|%I|%m|%S
full_audit:success = rename mkdir rmdir unlink pwrite
full_audit:failure = none

/etc/rsyslog.conf 添加:

cat >> /etc/rsyslog.conf << EOF
local6.*                            /var/log/samba/full_audit.log
EOF
 
systemctl restart rsyslog

# 测试配置文件
testparm
# 启动samba,设置开机启动
systemctl start smb nmb
systemctl enable smb nmb


1)
点击每个发行版有对应版本的发行log
2)
samba用户必须对该目录可写,不然没文件.
  • storage/samba/samba服务器.txt
  • 最后更改: 2019/07/23 16:23
  • 由 mrco