● smbd.service - Samba SMB Daemon
Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2019-11-27 09:25:38 UTC; 2min 12s ago
Docs: man:smbd(8)
man:samba(7)
man:smb.conf(5)
Main PID: 15142 (smbd)
Status: "smbd: ready to serve connections..."
Tasks: 4 (limit: 1152)
CGroup: /system.slice/smbd.service
...
至此,Samba 已经安装完毕并可以进行配置了。
配置防火墙#
如果您的 Ubuntu 系统上运行了防火墙,则需要允许端口上的传入 UDP 连接137 and 138和端口上的 TCP 连接139 and 445.
假设您正在使用UFW要管理防火墙,您可以通过启用“Samba”配置文件来打开端口:
sudo ufw allow 'Samba'
配置全局 Samba 选项#
在更改 Samba 配置文件之前,创建备份供将来参考:
sudo cp /etc/samba/smb.conf{,.backup}
Samba 软件包附带的默认配置文件是为独立 Samba 服务器配置的。打开文件并确保server role被设定为standalone server
sudo nano /etc/samba/smb.conf
/etc/samba/smb.conf
...# Most people will want "standalone sever" or "member server".# Running as "active directory domain controller" will require first# running "samba-tool domain provision" to wipe databases and create a# new domain.server role=standalone server...
...# The specific set of interfaces / networks to bind to# This can be either the interface name or an IP address/netmask;# interface names are normally preferredinterfaces=127.0.0.0/8 eth0# Only bind to the named interfaces and/or networks; you must use the# 'interfaces' option above to use this.# It is recommended that you enable this feature if your Samba machine is# not protected by a firewall or is a firewall itself. However, this# option cannot handle dynamic or non-broadcast interfaces correctly.bind interfaces only=yes...
完成后运行testparm检查 Samba 配置文件是否有错误的实用程序。如果没有语法错误,您将看到Loaded services file OK.
[users]path=/samba/users
browseable = yes
read only = no
force create mode = 0660
force directory mode = 2770
valid users = @sambashare @sadmin[josh]path=/samba/josh
browseable = no
read only = no
force create mode = 0660
force directory mode = 2770
valid users = josh @sadmin