测试环境:Centos6.x

安装

yum -y install python-devel gnutls-devel  libacl-devel pam-devel openldap-devel

# 默认路径就是:/usr/local/samba
./configure
make && make install
mkdir -pv /var/log/samba
mkdir -pv /usr/local/samba/etc/user
mkdir -pv /data/smb

配置

cat > /usr/local/samba/etc/smb.conf << EOF
[global]
    workgroup       = WORKGROUP
    netbios name    = Samba Server %v
    server string   = This is samba server
    unix charset    = utf8
    dos charset     = cp950
    log file        = /var/log/samba/%m.log
    max log size    = 50
    load printers   = no
    # 使用自带的密码认证文件
    security = user
    # 使用虚拟用户(有三种类型)
    passdb backend =  smbpasswd
    smb passwd file = /usr/local/samba/etc/smbpasswd
    encrypt passwords = true
    username map = /usr/local/samba/etc/smbusers
    protocol = SMB2
    # 关闭浏览功能,独立文件里面再开启
    browseable = no
    # 每个用户独立文件
    include = /usr/local/samba/etc/user/%U.conf
EOF
 
cat > /usr/local/samba/etc/user/user1.conf << EOF
[user1]
    comment    = user1 project
    path       = /data/smb/user1
    valid users = @user1
    read list = @user1
    write list = @user1
    writable = yes
    guest ok   = no
    # 每个用户开启自己浏览权限
    browseable = yes
EOF
 
# 多目录配置方式
cat > /usr/local/samba/etc/user/user2.conf << EOF
# 显示的目录名称
[user2_path1]
    comment    = user2 project
    path       = /data/smb/user2
    valid users = @user2
    read list = @user2
    write list = @user2
    writable = yes
    guest ok   = no
    # 每个用户开启自己浏览权限
    browseable = yes
 
[user2_path2]
    comment    = user2 project
    path       = /data/ftp/user2
    valid users = @user2
    read list = @user2
    write list = @user2
    writable = yes
    guest ok   = no
    # 每个用户开启自己浏览权限
    browseable = yes
EOF

添加账户(虚拟用户需要映射到系统用户上面)

# 添加系统账户
useradd user1 -M -s /bin/false
useradd user2 -M -s /bin/false
install -m 750 -o user1 -g user1 -d /data/smb/user1
install -m 750 -o user2 -g user2 -d /data/smb/user2
# 虚拟用户需要映射到系统用户上面
# project_c1 project_c2 project_c3公用user1账号的所有信息(目录、登录密码等)
# project_s1 project_s2 project_s3公用user2账号的所有信息(目录、登录密码等)
# cat >> /usr/local/samba/etc/smbusers << EOF
# user1 = project_c1 project_c2 project_c3
# user2 = project_s1 project_s2 project_s3
# EOF
# 设置独立的smb的用户密码(必须设置系统账号,而不是虚拟账号)
/usr/local/samba/bin/smbpasswd -a user1
/usr/local/samba/bin/smbpasswd -a user2

测试

/usr/local/samba/bin/testparm

启动

/usr/local/samba/sbin/smbd -D

防火墙

-A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 139 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 445 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 137 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 138 -j ACCEPT