AlmaLinux9.4安装samba实现与Windows文件共享笔记241129AlmaLinux9.4安装samb

AlmaLinux9.4安装samba实现与Windows文件共享

步骤:

安装samba, 并启用 smb , nmb 服务安装 samba
```
sudo dnf install samba -y
```
启用启动 smb, nmb
```
sudo systemctl enable smb nmb
sudo systemctl start smb nmb
```
在Ubuntu下,smb和smbd通用, nmb和nmbd通用, CentOS,Alma,Rocky 只能用smb和nmb

设置 /etc/samba/smb.conf

sudo vi /etc/samba/smb.conf

2.1 将 [global] 的 workgrop 设为 workgroup

[global]
	workgroup = workgroup
   	security = user

2.2. 设置共享目录, 这里设置了根目录, 在底部加入

[root]
path=/
workgroup=workgroup
public=yes
writeable = yes
available = yes
browseable = yes
guest ok = yes
    forceuser = root
    forcegroup = root
    create mask = 0775
    directory mask = 0775

开头可以有空格或制表符,也可以没有, 等号之间可以有空格,也可以没有开头单 tab 版

[RootFolder]
	path = /
	comment = 根文件夹
	public = yes
	read only = no
	writable = yes
	available = yes
	browseable = yes
	guest ok = yes
	forceuser = root
	forcegroup = root
	create mask = 0777
	directory mask = 0777

[RootHomeFolder]
	path = /root
	comment = root用户文件夹
	public = yes
	read only = no
	writable = yes
	available = yes
	browseable = yes
	guest ok = yes
	forceuser = root
	forcegroup = root
	create mask = 0777
	directory mask = 0777

开头四空格版

### 四空格版
[RootFolder]
    path = /
    comment = 根文件夹
    public = yes
    read only = no
    writable = yes
    available = yes
    browseable = yes
    guest ok = yes
    forceuser = root
    forcegroup = root
    create mask = 0777
    directory mask = 0777

[RootHomeFolder]
    path = /root
    comment = root用户文件夹
    public = yes
    read only = no
    writable = yes
    available = yes
    browseable = yes
    guest ok = yes
    forceuser = root
    forcegroup = root
    create mask = 0777
    directory mask = 0777

将系统用户添加到samba的用户,并单独设置samba的密码,独立于系统密码
```
sudo smbpasswd -a root
```
重启 smb, nmb 服务
```
sudo systemctl restart smb nmb smb nmb
```

关闭禁用防火墙或者开启端口

关闭禁用防火墙

sudo systemctl stop firewalld ; sudo systemctl disable firewalld

或者开启端口查看firewall默认的zone是不是public

sudo firewall-cmd --get-default-zone

开放445端口的tcp

sudo firewall-cmd --zone=public --add-port=445/tcp --permanent
sudo firewall-cmd --reload

开放139端口的tcp

sudo firewall-cmd --zone=public --add-port=139/tcp --permanent
sudo firewall-cmd --reload

开放138端口的udp

sudo firewall-cmd --zone=public --add-port=138/udp --permanent
sudo firewall-cmd --reload

开放137端口udp

sudo firewall-cmd --zone=public --add-port=137/udp --permanent
sudo firewall-cmd --reload

开放137,138的udp, 139,445的tcp

sudo firewall-cmd --zone=public --add-port=137/udp --permanent
sudo firewall-cmd --zone=public --add-port=138/udp --permanent
sudo firewall-cmd --zone=public --add-port=139/tcp --permanent
sudo firewall-cmd --zone=public --add-port=445/tcp --permanent
sudo firewall-cmd --reload
sudo systemctl restart firewalld

也可以用开启samba服务的方式开启端口, firewalld支持

sudo firewall-cmd --permanent --add-service=samba
sudo firewall-cmd --reload

查看开放的端口 firewall-cmd --list-ports
```
sudo firewall-cmd --list-ports
```
- 查看 public 的 zone 开放的端口 firewall-cmd --list-ports --zone=public
```
sudo firewall-cmd --list-ports --zone=public
```
  如何查看firewall开放了哪些端口笔记241129

在Windows登录在"文件资源管理器"输入 \\IPv4 或控制台输入 explorer \\IPv4

如果用 IPv6 Explorer文件资源管理器用 IPv6 访问局域网网络共享网上邻居 , 要将 ipv6 的地址格式进行转换:
1. 将所有 :(冒号) 替换成 -(横杆,减号,负号)
2. 在地址末尾加上 .ipv6-literal.net
```
.ipv6-literal.net
```
例如:
```
fc00::102:2441:f
对应转换为👇
\\fc00--102-2441-f.ipv6-literal.net
```
第一次登录可能慢,甚至要多登录几次, 尝试重启AlmaLinux 登录成功后发现不能访问/root文件夹和/home下的用户文件夹, 原因是SELinux在作怪, 可以执行sudo setenforce 0,但重启会失效
```
sudo setenforce 0  # 设置为Permissive模式 重启失效
```
或修改编辑/etc/selinux/config文件，将SELINUX=enforcing更改为SELINUX=permissive 用vi编辑器修改
```
sudo vi /etc/selinux/config
```
用sed命令修改
```
###  备份
tempUri=/etc/selinux/config ;    sudo cp -a  $tempUri  $tempUri.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bak
###  修改
sudo sed -ie 's(^\s*SELINUX\s*=\s*enforcing$(SELINUX=permissive(g' /etc/selinux/config
```
SELinux的 getenforce setenforce 配置文件/etc/selinux/config的 SELINUX和SELINUXTYPE

AlmaLinux9.4安装samba实现与Windows文件共享 笔记241129

AlmaLinux9.4安装samba实现与Windows文件共享笔记241129