Yadda ake Sanya Samba akan Ubuntu don Rarraba Fayil akan Windows
Samba tushe ne na kyauta/buɗewa kuma sanannen software ne da ake amfani dashi don raba fayiloli da ayyukan bugu tsakanin tsarin Unix-kamar Linux gami da rundunonin Windows akan hanyar sadarwa ɗaya.
A cikin wannan jagorar, za mu nuna yadda ake saita Samba4 don ainihin raba fayil tsakanin tsarin Ubuntu da injunan Windows. Za mu rufe abubuwa biyu masu yuwuwa: m (marasa tsaro) da amintaccen raba fayil.
Lura cewa farawa daga sigar 4.0, ana iya amfani da Samba azaman mai sarrafa yanki na Active Directory (AD) (DC). Mun shirya jeri na musamman don kafa Samba4 Active Directory Domain Controller, wanda ya ƙunshi mahimman batutuwa a ƙarƙashin Ubuntu, CentOS, da Windows.
- Kafa Samba4 Active Directory Domain Controller
Shigar da Sanya Samba a cikin Ubuntu
Ana samun sabar Samba don shigarwa daga tsoffin wuraren ajiyar Ubuntu ta amfani da kayan aikin sarrafa fakitin da ya dace kamar yadda aka nuna.
$ sudo apt install samba samba-common python-dnspython
Da zarar an shigar da sabar samba, yanzu lokaci ya yi don saita sabar samba azaman: amintaccen amintaccen amintaccen raba fayil.
Don wannan, muna buƙatar gyara babban fayil ɗin daidaitawar Samba /etc/samba/smb.conf (wanda ke bayyana umarnin daidaitawa daban-daban).
Da farko ajiye ainihin fayil ɗin sanyi na samba kamar haka.
$ sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.orig
Bayan haka, za mu ci gaba da saita samba don ayyukan raba fayil ɗin da ba a san su ba kamar yadda aka bayyana a ƙasa.
Muhimmi: Kafin motsi gaba, tabbatar da cewa injin Windows yana cikin rukunin aiki iri ɗaya wanda za'a saita akan sabar Ubuntu.
Shiga cikin injin Windows ɗinku, danna dama akan \Wannan PC ko Kwamfuta ta → Properties → Advanced System Settings → Name Computer don tabbatar da rukunin aiki.
A madadin, buɗe umarni da sauri kuma duba shi ta hanyar gudanar da umarnin da ke ƙasa kuma nemi \yankin wurin aiki.
>net config workstation
Da zarar kun san rukunin aikin ku na Windows lokacinsa don ci gaba da saita sabar samba don raba fayil.
Rarraba Fayil na Samba mara suna
Da farko farawa ta ƙirƙirar kundin adireshin samba mai raba inda za a adana fayilolin.
$ sudo mkdir -p /srv/samba/anonymous_shares
Sannan saita izini masu dacewa akan kundin adireshi.
$ sudo chmod -R 0775 /srv/samba/anonymous_shares $ sudo chown -R nobody:nogroup /srv/samba/anonymous_shares
Yanzu buɗe fayil ɗin sanyi.
$ sudo vi /etc/samba/smb.conf OR $ sudo nano /etc/samba/smb.conf
Na gaba gyara ko gyara saitunan umarni kamar yadda aka bayyana a ƙasa.
global] workgroup = WORKGROUP netbios name = ubuntu security = user [Anonymous] comment = Anonymous File Server Share path = /srv/samba/anonymous_shares browsable =yes writable = yes guest ok = yes read only = no force user = nobody
Yanzu tabbatar da saitunan samba na yanzu ta hanyar aiwatar da umarnin da ke ƙasa.
$ testparm
Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) WARNING: The "syslog" option is deprecated Processing section "[printers]" Processing section "[print$]" Processing section "[Shares]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] netbios name = UBUNTU server string = %h server (Samba, Ubuntu) server role = standalone server map to guest = Bad User obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d idmap config * : backend = tdb [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = No [Anonymous] comment = Anonymous File Server Share path = /srv/samba/anonymous_shares force user = nobody read only = No guest ok = Yes
Sannan sake kunna sabis na Samba don aiwatar da canje-canjen da ke sama.
$ sudo systemctl restart smbd [Systemd] $ sudo service smbd restart [Sys V]
Jeka na'urar Windows, sannan ka bude Network daga taga Windows Explorer, danna kan uwar garken Ubuntu (TECMINT don shari'ar mu), ko kuma gwada shiga sabar sabar ta amfani da adireshin IP.
\2.168.43.168
Lura: Yi amfani da umarnin ifconfig don samun adireshin IP na uwar garken Ubuntu.
Sa'an nan kuma buɗe kundin adireshin da ba a sani ba kuma gwada ƙara fayiloli a ciki don rabawa tare da sauran masu amfani.
Amintaccen Rarraba Fayil na Samba
Don kalmar sirri-kare rabon samba, kuna buƙatar ƙirƙirar rukuni smbgrp kuma saita kalmar sirri don kowane mai amfani. A cikin wannan misali na yi amfani da aronkilik a matsayin mai amfani da kalmar sirri a matsayin tecmint.
$ sudo addgroup smbgrp $ sudo usermod aaronkilik -aG smbgrp $ sudo smbpasswd -a aaronkilik
Lura: Yanayin tsaro na samba: tsaro = mai amfani yana buƙatar abokan ciniki su shigar da sunan mai amfani da kalmar wucewa don haɗawa zuwa hannun jari.
Asusun mai amfani na Samba ya bambanta da asusun tsarin, duk da haka, kuna iya shigar da kunshin libpam-winbind na zaɓi wanda ake amfani da shi don daidaita masu amfani da tsarin da kalmomin shiga tare da bayanan mai amfani da samba.
$ sudo apt install libpam-winbind
Sannan ƙirƙiri amintaccen kundin adireshi inda za a adana fayilolin da aka raba.
$ sudo mkdir -p /srv/samba/secure_shares
Na gaba, saita izini masu dacewa akan kundin adireshi.
$ sudo chmod -R 0770 /srv/samba/secure_shares $ sudo chown -R root:smbgrp /srv/samba/secure_shares
Yanzu buɗe fayil ɗin sanyi.
$ sudo vi /etc/samba/smb.conf OR $ sudo nano /etc/samba/smb.conf
Na gaba gyara ko gyara saitunan umarni kamar yadda aka bayyana a ƙasa.
[Secure] comment = Secure File Server Share path = /srv/samba/secure_shares valid users = @smbgrp guest ok = no writable = yes browsable = yes
Kamar a da, gudanar da wannan umarni don ganin saitunan samba na yanzu.
$ testparm
Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) WARNING: The "syslog" option is deprecated Processing section "[printers]" Processing section "[print$]" Processing section "[Shares]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] netbios name = UBUNTU server string = %h server (Samba, Ubuntu) server role = standalone server map to guest = Bad User obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d idmap config * : backend = tdb [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = No [Anonymous] comment = Anonymous File Server Share path = /srv/samba/anonymous_shares force user = nobody read only = No guest ok = Yes [Secure] comment = Secure File Server Share path = /srv/samba/secure_shares valid users = @smbgrp read only = No
Da zarar kun gama da saitunan da ke sama, sake kunna sabis na Samba don amfani da canje-canje.
$ sudo systemctl restart smbd [Systemd] $ sudo service smbd restart [Sys V]
Kamar yadda yake a baya, a cikin injin Windows, sannan ka buɗe \Network daga taga Windows Explorer. Danna kan mahaɗin Ubuntu (TECMIN don shari'ar mu) Kuna iya samun kuskuren da ke ƙasa, idan ba a ci gaba zuwa mataki na gaba ba.
Yi ƙoƙarin shiga uwar garken ta amfani da adireshin IP ɗin sa, misali. \192.168.43.168
kamar wannan. Sannan shigar da takardun shaidar (username da kalmar sirri) don mai amfani aaronkilik kuma danna OK.
Yanzu zaku duba duk kundayen adireshi, danna kan Amintacce don buɗe shi.
Kuna iya raba wasu fayiloli amintattu tare da wasu masu amfani da aka halatta akan hanyar sadarwa ta hanyar jefa su cikin wannan kundin adireshi.
Kunna Samba a UFW Firewall a cikin Ubuntu
Idan kuna kunna wuta ta UFW akan tsarin ku, dole ne ku ƙara dokoki don ba da damar Samba ya wuce ta Tacewar zaɓinku.
Don gwada wannan, mun yi amfani da tsarin hanyar sadarwa na 192.168.43.0. Gudun umarni da ke ƙasa suna tantance adireshin cibiyar sadarwar ku.
$ sudo ufw allow proto udp to any port 137 from 192.168.43.0/24 $ sudo ufw allow proto udp to any port 138 from 192.168.43.0/24 $ sudo ufw allow proto tcp to any port 139 from 192.168.43.0/24 $ sudo ufw allow proto tcp to any port 445 from 192.168.43.0/24
Hakanan zaka iya bincika waɗannan labarai masu amfani game da raba fayil ɗin Samba akan hanyar sadarwa.
- Kafa Samba4 Active Directory Domain Controller- Part 1 to 14
- Yadda ake Dutsen/Cewa Tsarin Fayil na Gida da hanyar sadarwa (Samba & NFS) a cikin Linux
- Amfani da ACLs (Jess ɗin Sarrafa Shiga) da Haɗin Samba/NFS
- Yadda za a gyara Rashin lafiyar SambaCry (CVE-2017-7494) a cikin Linux Systems
Shi ke nan! A cikin wannan jagorar, mun nuna muku yadda ake saita Samba4 don amintaccen raba fayil tsakanin injin Ubuntu da Windows. Yi amfani da fom ɗin amsa da ke ƙasa don raba kowane tunani tare da mu.