SAMBA Server
安裝:
apt install samba samba-common設定目錄:
nano /etc/samba/smb.conf
設定範例:
[global]
workgroup = workgroup
security = user
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[DATA]
path = /RAID/DATA
valid users = root
guest ok = no
writable = yes
browsable = yes
[BT]
path = /RAID/BT
browsable =yes
writable = yes
guest ok = yes新增使用者:
smbpasswd -a 使用者名稱重啟SAMBA服務:
service smbd restart央行總裁中文smb設定擋:
#底下設定檔為 samba 4.2.10版
[global]
#====== 修正中文問題=====
dos charset = CP950
#SMB 對外送出資料時,要自動轉換的編碼 (CP950=Big5)
unix charset = UTF8
#本機 Linux 主機所使用的編碼 (與 /etc/sysconfig/i18n 相同)
#display charset = UTF8
#smb4版已無上面這個參數
#以上設定可以讓你存放簡體中文的檔名
#====== 修正中文問題=====
workgroup = WORKGROUP
#工作群組,這裡保留預設值即可,不用特別去改它,除非你知道你的工作群組跟別人不一樣
dns proxy = no
#是否啟用 DNS 快取服務 (yes、no)
#### Debugging/Accounting ####
log file = /var/log/samba/log.%m
# 紀錄檔儲存位置 (檔名不固定,需使用變數 %m.log)
max log size = 1000
# 紀錄檔最大容量 (KBytes)
#syslog only = no
#若你想要 Samba 將 log 寫入,改將上面的參數改為 'yes'.
syslog = 0
panic action = /usr/share/samba/panic-action %d
####### 認證 Authentication #######
# Server role. 定義 Samba 運作方式,可用選項有: "standalone server", "member server", "classic primary domain controller",
# "classic backup domain controller", "active directory domain controller"
# 大部份人都用 "standalone sever" or "member server". 即可
server role = standalone server
# 若你使用加密密碼,須指定資料庫的格式
passdb backend = tdbsam
obey pam restrictions = yes
# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
unix password sync = yes
# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan <<[email protected]> for
# sending the correct chat script for the passwd program in Debian Sarge).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
pam password change = yes
# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
map to guest = bad user
########## Domains ###########
############ Misc ############
# Setup usershare options to enable non-root users to share folders
# with the net usershare command.
# Maximum number of usershare. 0 (default) means that usershare is disabled.
; usershare max shares = 100
# Allow users who've been granted usershare privileges to create
# public shares, not just authenticated ones
# usershare allow guests = yes
usershare allow guests = no
#======================= Share Definitions =======================
#[homes]
# comment = Home Directories
# browseable = no
# read only = yes
# create mask = 0700
# directory mask = 0700
# valid users = %S
[homes]
comment = 個人家目錄
browseable = no
read only = no
create mask = 0600
directory mask = 0700
valid users = %S
# %S:代表所有人皆可進入,且目錄名稱會被自動替換成 user 名稱,用於家目錄。
#以上的設定你必須要先建好linux底下的帳號和samba底下的帳號並建好他們的家目錄,這樣他們登入時就可自動對應到自己的家目錄裡面去了。
# 使用者第一次登入時就可自動建立他們自己的 profiles 資料夾
# 但前提是你得先將你的 Samba 設定為 domain controller
# 底下的路徑必須是所有使用者都能寫入的權限
;[profiles]
; path = /home/samba/profiles
; guest ok = no
; browseable = no
; create mask = 0600
; directory mask = 0700
[music]
comment = 音樂純下載,不能上傳或修改
path = /home/music
browseable = no
# ↑ 此分享的資料夾不可見(即隱藏)
read only = yes
guest ok = yes
[musicX]
comment = 使用帳密登入可修改
path = /home/music
browseable = no
read only = no
guest ok = no
create mask = 0664
directory mask = 0775
#上面的權限設定是指建檔案和目錄時,別人都可讀
#即chmod 664 file, 和 chmod 775 目錄
[share1]
comment = 誤刪檔案可救回
path = /vic1/smb/share1
browseable = yes
read only = no
guest ok = yes
hosts deny = ALL
#鎖定所有IP,只開放底下網段連入
hosts allow = 127.0.0.1 192.168.10.0/24
#網路資源回收筒,可避免誤刪
vfs objects = recycle
recycle:versions = 1
recycle:keeptree = 1
#需指定刪除的檔案所存放的目錄,建議同一個分割區,並定期要來清空,否則空間會不夠用
recycle:repository = /vic1/smb/recycle
[recycle]
#comment = 使用帳密登入可修改
path = /vic1/smb/recycle
browseable = no
# ↑ 此分享的資料夾不可見(即隱藏)
read only = no
guest ok = yes阅读剩余
THE END