Server/SAMBA
Zur Navigation springen
Zur Suche springen
Installation[Bearbeiten]
Mit grafischer Oberfläche:
apt-get install gadmin-samba
kann aber auch über Konfigurationsdatei eingestellt werden.
Konfiguration[Bearbeiten]
$ vim /etc/samba/smb.conf [global] realm = netbios name = Samba24 server string = Elektrixx Samba server workgroup = Elektrixx security = ads hosts allow = 127. 192.168. 10. 172.22. 172.23. interfaces = 127.0.0.1/8 192.168.0.0/16 10.0.0.0/8 172.22.0.0/15 bind interfaces only = yes remote announce = 192.168.0.255 remote browse sync = 192.168.0.255 printcap name = cups load printers = yes cups options = raw printing = cups guest account = smbguest log file = /var/log/samba/samba.log max log size = 1000 null passwords = no username level = 6 password level = 6 encrypt passwords = yes unix password sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes domain master = yes preferred master = yes domain logons = yes os level = 80 logon drive = m: logon home = \\%L\homes\%u logon path = \\%L\profiles\%u logon script = %G.bat time server = yes name resolve order = wins lmhosts bcast wins support = yes wins proxy = yes dns proxy = no preserve case = yes short preserve case = yes client use spnego = no client signing = no client schannel = no server signing = no server schannel = no nt pipe support = yes nt status support = yes allow trusted domains = no obey pam restrictions = yes enable spoolss = yes client plaintext auth = no disable netbios = no follow symlinks = no update encrypted = yes pam password change = no passwd chat timeout = 120 hostname lookups = no username map = /etc/samba/smbusers passdb backend = tdbsam passwd program = /usr/bin/passwd '%u' passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null '%u' add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null -g '%g' '%u' add group script = /usr/sbin/groupadd '%g' delete user script = /usr/sbin/userdel '%u' delete user from group script = /usr/sbin/userdel '%u' '%g' delete group script = /usr/sbin/groupdel '%g' add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c 'Samba Machine Account' -s /dev/null -M '%u' machine password timeout = 120 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /dev/null winbind use default domain = yes winbind separator = @ winbind cache time = 360 winbind trusted domains only = yes winbind nested groups = no winbind nss info = no winbind refresh tickets = no winbind offline logon = no [netlogon] comment = Network Logon Service path = /home/netlogon read only = no available = yes browseable = yes writable = no guest ok = no public = no printable = no locking = no strict locking = no [uploads] path = /var/www/upload comment = Elektrixx Upload Directory alid users = @ftpuser write list = @ftpuser directory mask = 0775 create mode = 0775 force user = ftp force group = ftpuser read only = no available = yes browseable = yes writable = yes guest ok = yes public = yes printable = no locking = no strict locking = no
Nutzer anlegen[Bearbeiten]
Für den FTP Zugriff wird ein eigener Benutzer erstellt, ohne gültiger Login Shell und mit dem Homeverzeichnis /var/www/upload:
$ adduser ftpuser --shell /bin/false --home /var/www/upload Adding user `ftpuser' ... Adding new group `ftpuser' (1001) ... Adding new user `ftpuser' (1001) with group `ftpuser' ... Creating home directory `/var/www/upload' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully [...]
Anonymous Account[Bearbeiten]
Damit der Benutzer ftp auf den anonymen FTP-Bereich zugreifen darf, muss er der Gruppe ftpuser hinzugefügt werden:
$ adduser ftp ftpuser Adding user `ftp' to group `ftpuser' ... Adding user ftp to group ftpuser Done.
Server starten[Bearbeiten]
systemctl start samba.service
- Autostart
systemctl enable samba.service