# Linux系统如何使用Samba共享文件 ## 一、Samba服务简介 ### 1.1 什么是Samba Samba是一套开源的软件套件,实现了SMB/CIFS(Server Message Block/Common Internet File System)协议,允许Linux/Unix系统与Windows系统之间进行文件共享和打印机共享。它由澳大利亚程序员Andrew Tridgell于1991年开发,现已成为跨平台文件共享的标准解决方案。 ### 1.2 Samba的核心功能 - 文件共享服务 - 打印机共享 - 用户身份验证 - 名称解析服务 - 服务公告(浏览网络) ### 1.3 Samba的应用场景 - 企业内网文件服务器 - 家庭多媒体共享中心 - 跨平台开发环境 - 虚拟机与宿主机文件交换 ## 二、Samba服务安装与配置 ### 2.1 安装Samba服务 #### Ubuntu/Debian系统 ```bash sudo apt update sudo apt install samba -y sudo yum install samba -y # 或 sudo dnf install samba -y samba --version /etc/samba/smb.conf sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak 编辑smb.conf文件:
sudo nano /etc/samba/smb.conf 典型全局配置示例:
[global] workgroup = WORKGROUP server string = Samba Server %v netbios name = LINUX-SERVER security = user map to guest = bad user dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes preferred master = yes os level = 20 sudo mkdir -p /srv/samba/share sudo chmod -R 0777 /srv/samba/share [Share] comment = Public Share path = /srv/samba/share browseable = yes writable = yes guest ok = yes read only = no create mask = 0777 directory mask = 0777 sudo useradd smbuser sudo passwd smbuser sudo smbpasswd -a smbuser sudo pdbedit -Lsudo smbpasswd -x usernamesudo smbpasswd -d username[Private] comment = Private Share path = /srv/samba/private valid users = smbuser browseable = yes writable = yes create mask = 0700 directory mask = 0700 # 允许特定IP段 hosts allow = 192.168.1. 127. # 拒绝特定IP hosts deny = 192.168.1.100 [Department] path = /srv/samba/dept valid users = @dept-group force group = dept-group create mask = 0660 directory mask = 2770 [ShareWithTrash] path = /srv/samba/share vfs objects = recycle recycle:repository = .recycle/%U recycle:keeptree = yes recycle:versions = yes recycle:maxsize = 0 recycle:exclude = *.tmp,*.temp # 启动服务 sudo systemctl start smbd nmbd # 开机自启 sudo systemctl enable smbd nmbd # 查看状态 sudo systemctl status smbd testparm sudo ufw allow samba # 或 sudo firewall-cmd --add-service=samba --permanent sudo firewall-cmd --reload sudo setsebool -P samba_enable_home_dirs on sudo setsebool -P samba_export_all_rw on sudo tail -f /var/log/samba/log.smbd sudo apt install smbclient cifs-utils smbclient //server/share -U username sudo mount -t cifs //server/share /mnt/share -o username=user,password=pass \\Linux服务器IPsmb://Linux服务器IP定期更新:保持Samba服务最新版本
sudo apt upgrade samba 最小权限原则:仅授予必要权限
writable = no read only = yes 禁用SMB1协议(存在严重漏洞):
[global] min protocol = SMB2 启用加密传输:
[global] server signing = mandatory smb encrypt = required 定期审计:
sudo auditctl -w /etc/samba/smb.conf -p wa -k samba_config 调整socket参数:
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536 启用大文件支持:
[global] min receivefile size = 16384 use sendfile = yes 工作线程优化:
[global] max smbd processes = 1000 目录缓存设置:
[global] directory name cache size = 10000 [Media] path = /media/nas valid users = @family writable = yes browseable = yes veto oplock files = /*.m4v/*.mov/*.mp4/ veto files = /._*/.DS_Store/ delete veto files = yes [DevProject] path = /projects/current valid users = @developers writable = yes create mask = 0775 directory mask = 0775 force group = developers hide special files = yes 通过本文的详细介绍,您应该已经掌握了在Linux系统上配置和使用Samba服务进行文件共享的全套方法。从基础安装到高级配置,从用户管理到安全优化,Samba提供了企业级文件共享所需的所有功能。
/etc/samba/smb.conf建议通过man smb.conf查阅完整配置选项,并根据实际需求调整参数。Samba的强大功能可以满足从家庭用户到企业环境的各种文件共享需求。 “`
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
