Linux和Windows的文件互相訪問(wèn)

安裝

查看是否已經(jīng)安裝samba

rpm -qa|grep samba

samba服務(wù)器的核心組件主要為samba samba-client samba-common

yum install samba samba-client -y

配置smb.conf文件

vi /etc/samba/smb.conf

#======================= Global Settings =====================================
[global] //設(shè)置samba服務(wù)整體環(huán)境
workgroup = hackase //設(shè)置工作組名
server string = angel server //服務(wù)器名說(shuō)明
; hosts allow = 192.168.1. 192.168.2. 127. //限制可訪問(wèn)此服務(wù)的IP范圍,默認(rèn)是全部允許的,要是想設(shè)設(shè)置去掉前面的";"
printcap name = /etc/printcap //打印機(jī)配置文件
load printers = yes //是否共享打印機(jī)
# bsd, sysv, plp, lprng, aix, hpux, qnx, cups
printing = cups //打印機(jī)的類(lèi)型.標(biāo)準(zhǔn)打印機(jī)類(lèi)型包括以上幾種.
; guest account = pcguest //pcguest為用戶(hù)名.可改去掉前邊的";"讓用戶(hù)以
pcguest身份匿名登錄,但保證/etc/passwd中有此人.
log file = /var/log/samba/%m.log //為登錄服務(wù)器的用戶(hù)建立不同的日志文件.
max log size = 0 //日志文件的大小,"0"代表無(wú)限制
//以下是smb.conf文件對(duì)服務(wù)器安全級(jí)別的設(shè)置
security = share //安全性的級(jí)別共四種.share岩饼、user、server、domain
; password server = 密碼驗(yàn)證服務(wù)器.
; password level = 8 //密碼級(jí)別
; username level = 8
encrypt passwords = yes //用戶(hù)密碼加密,當(dāng)然也可以不加密
smb passwd file = /etc/samba/smbpasswd //將密碼服務(wù)器設(shè)置為samba server.
需要這個(gè)東東來(lái)指定驗(yàn)證文件.這個(gè)是文件的路徑,如果samba server是指定的win
server這個(gè)不需要
; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
*passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
; username map = /etc/samba/smbusers //如果每個(gè)windows用戶(hù)在samba服務(wù)器
中有帳戶(hù)這個(gè)可以不設(shè)
; include = /etc/samba/smb.conf.%m
obey pam restrictions = yes
; interfaces = 192.168.12.2/24 192.168.13.2/24 如果多網(wǎng)段要在這里列出
; remote announce = 192.168.1.255 192.168.2.44
; local master = no
; os level = 33
; domain master = yes
; preferred master = yes
; domain logons = yes
; logon script = %m.bat
; logon script = %U.bat
; logon path = \\%L\Profiles\%U
; wins support = yes //wins server支持
; wins server = w.x.y.z
; wins proxy = yes //wins 代理設(shè)置
dns proxy = no //dns代理設(shè)置
; preserve case = no
; short preserve case = no
; default case = lower
; case sensitive = no
#============================ Share Definitions ============================
[homes] //用戶(hù)訪問(wèn)自已目錄的設(shè)置
comment = Home Directories //說(shuō)明(以下同理)
browseable = no//設(shè)定目錄可不可以別人瀏覽
writeable = yes//用戶(hù)寫(xiě)入自己的權(quán)限
valid users = %S
create mode = 0664
directory mode = 0775
; [netlogon] //此段域用戶(hù)登錄目錄設(shè)置
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
[printers] //打印機(jī)設(shè)置
comment = All Printers
path = /var/spool/samba
browseable = no
printable = yes
;[tmp] //用戶(hù)共享資源設(shè)置
; comment = Temporary file space
; path = /tmp //可以自定義目錄,去掉前邊的";"就OK了
; read only = no //是否只讀或可寫(xiě)
; public = yes
;[public] //用戶(hù)共享資源設(shè)置
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @staff
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /home/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
;[pchome]
; comment = PC Directories
; path = /usr/local/pc/%m
; public = no
; writable = yes
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
[my work] //自己添加的共享資源
comment = is me work
path = /root/my work
valid users angel
public = yes
writeable = yes
了解smb.conf的文件就好辦了.我們開(kāi)始對(duì)samba server的四個(gè)安全級(jí)別分別講解.
1、share級(jí)配置
這個(gè)在四個(gè)等級(jí)中是最低的,方法也是最簡(jiǎn)單.我們只要對(duì)smb.conf文件修改一下就可以了.
workgroup = hackase
server string = angel server
hosts allow = 192.168.1. //限制192.168.1的IP網(wǎng)段可以防問(wèn)
printcap name = /etc/printcap
load printers = yes //共享打印機(jī)
printing = cups //打印機(jī)用linux標(biāo)準(zhǔn)的
guest account = angel
log file = /var/log/samba/%m.log
max log size = 20
security = share
===================================================================
其他的設(shè)置默認(rèn)就可以了,也可以像我把所有的注釋刪除.[tmp]這個(gè)字段的";"去掉.
路徑可以更改. 重啟一下服務(wù) /etc/samba/smb restart //
service smb restart 也可
用testparm測(cè)試我們配置的文件是否正確:
===================================================================
[root@localhost root]# testparm //測(cè)試時(shí)[printers]注釋掉了所以這里沒(méi)有.
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[tmp]"
Processing section "[my]"
Loaded services file OK. //如有錯(cuò)誤,會(huì)在這列出錯(cuò)誤的地方.
Press enter to see a dump of your service definitions
==================================================================
用smbclient命令查看網(wǎng)絡(luò)共享情況
===================================================================
[root@localhost etc]# smbclient -L localhost //本機(jī)名為localhost
Password:
Domain=[HACKBASE] OS=[Unix] Server=[Samba 2.2.7a]
Sharename Type Comment
--------- ---- -------
tmp Disk Temporary file space
my Disk is me
IPC$ IPC IPC Service (angel server)
ADMIN$ Disk IPC Service (angel server)
root Printer Home Directories
Server Comment
--------- -------
Workgroup Master
--------- -------
=======================================================================
2、user級(jí)配置
user比share級(jí)安全級(jí)別高一點(diǎn)點(diǎn),很簡(jiǎn)單的,可以在share基礎(chǔ)上改一下就可以了.
改一下security = share字段為:security = user.在加上如下字段:
guest account = angel //機(jī)器上有這個(gè)用戶(hù)名,如果你沒(méi)有那就建一個(gè)吧!
encrypt passwords=yes
smb passwd file=/etc/samba/smbpasswd
(1)生成口令文件.
#cat/etc/passwd | mksmbpasswd.sh>/etc/samba/smbpasswd
本命令將生成口令文件"/etc/samba/smbpasswd" 這個(gè)就是我們
剛加上的"smb passwd file=/etc/samba/smbpasswd"
(2)我們知道建賬戶(hù)是建在etc/passwd文件里,我們須要用smbpasswd命令
為剛才建立的賬名設(shè)置samba server口令. 格式為:smbpasswd angel
(3)重啟samba server服務(wù)
user級(jí)的也OK了,你可以用testparm and smbclient命測(cè)試.windows用戶(hù)想
訪問(wèn)就要輸入angel and passwd.這個(gè)就不是誰(shuí)都可以訪問(wèn)你的共享
資源了.
3挺物、server 級(jí)配置
server級(jí)比user級(jí)也高那么一點(diǎn),只需要user級(jí)配置上修改一下就OK了.
(1)security = user字段為:security = server
(2)加上password server = ****** //密碼服務(wù)器,這個(gè)可以是你的windows主域控制器,也可以是別一個(gè)samba server服務(wù)器(名字無(wú)意思)
(3)注釋smb passwd file=/etc/samba/smbpasswd
(4)重啟samba server服務(wù),你可以用testparm and smbclient 測(cè)試.
好了,又完事一個(gè)。現(xiàn)在如果一臺(tái)windows機(jī)器登錄******(password server = 
******設(shè)置的)域服務(wù)器的時(shí)候,也就同登錄上了samba server,如果你以是*****主控域的計(jì)算機(jī),那你就可以輸入你自己的賬號(hào)密碼打開(kāi)samba server的文件了,但是你要保證*****和sambs server的賬號(hào)和密碼相同.
4、domain級(jí)的配置
domain級(jí)的配置是samba server中級(jí)別最高的他主要就是把samba加入到域中去,
用域服務(wù)器作samba server的密碼服務(wù)器.
其實(shí)domain級(jí)的配置也很簡(jiǎn)單,只需要在user級(jí)的基礎(chǔ)上修改:
(1)加入字段:NETBLOS = main //起一個(gè)NETBLOS名,放在smb.conf文件的最上邊
password server = ** //用主域控制器**來(lái)做密碼服務(wù)器
(2)security = user字段為:security = domain
workgroup = ***** //*****是主域控制器的域名
(3)注釋smb passwd file=/etc/samba/smbpasswd
(4)重啟samba server服務(wù),你可以用testparm and smbclient命測(cè)試.
終于完事了,好在我的"彈指神功"技術(shù)純熟.這個(gè)時(shí)候我們就可以和windows系統(tǒng)通信了,
我也要去呼呼了,等等~~~那網(wǎng)絡(luò)可以共享了,那么我們本機(jī)的linux系統(tǒng)和本機(jī)的
windows系統(tǒng)怎么通信啊!呵呵.當(dāng)然有辦法,到現(xiàn)在大俠們可以起來(lái)活動(dòng)活動(dòng)了,
幫我看看我寫(xiě)的有什么錯(cuò)誤.好了,打開(kāi)終端輸入:
[root@localhost root]# fdisk -l //查一下windows系統(tǒng)所在的分區(qū).
Disk /dev/hdb: 61.4 GB, 61492838400 bytes
255 heads, 63 sectors/track, 7476 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/hdb1 * 1 738 5927953+ 7 HPFS/NTFS
/dev/hdb2 739 7476 54122985 f Win95 Ext'd (LBA)
/dev/hdb5 739 1480 5960083+ 7 HPFS/NTFS
/dev/hdb6 1481 2383 7253316 b Win95 FAT32
/dev/hdb7 3651 6200 20482843+ b Win95 FAT32
/dev/hdb8 6201 7476 10249438+ b Win95 FAT32
/dev/hdb9 2384 2396 104391 83 Linux
/dev/hdb10 2397 3585 9550611 83 Linux
/dev/hdb11 3586 3650 522081 82 Linux swap
[root@localhost root]# mkdir /mnt/my 
//在mnt下建一個(gè)叫my的目錄(定義到那自己決定)
[root@localhost root]# mount -t auto /dev/hdb7 /mnt/my //不用說(shuō)了吧!
這樣就可以防問(wèn)windows的分區(qū)了,但是系統(tǒng)分區(qū)不可以是ntfs格式的.
windows系統(tǒng)訪問(wèn)linux系統(tǒng)要用到工具,"explore2fs"可以到
http://download.enet.com.cn/html/030282000080601.html下載