• m Linux pЉ|
    osGAзR firefox s
    | cD | ̔D | g | A | ~R | ୱR | w޲z | QAO | Ŏ | y`~ | m | Xs |
    @ @ @
    @
    ̪sG2011/07/29
    pGQn@ɮסAb Linux Linux UA̔xkNOzL NIS oNFIܩ Windows Windows UA̔xkhOyWھFz[CpGAϺ Windows ] Linux ӥBQn@ɮרtܡAMH Nϥ Samba AaISamba iH Linux [J Windows ڤ䴩A襭xiH@ɮרtI D`nΪIȦpA Samba ]iH Linux WLELEA (Printer Server)CmӤH\oA Samba ӰϺ^muOܤjTI


    jADϥ16.1 O SAMBA

    boӏظ`Aڭ̭njatO]lڦ SAMBA R... dhFOnVja SAMBA oӦnΪATIxIǤFI AWٷ|ϥ SAMBA OHRuOǩǪOIo SAMBA A\OOHt~A ̦OgѤ˪QkӶ}oXӪOHUNڭ̺CCͤ@ͧaI


    pADϥ16.1.1 SAMBA oivPW٪Ѩ

    b@SAɮ׸ƦbPDEljKjhOϥ FTP oӦnΪAnӶiǰeCLϥ FTP ljKɮ׫oӤppDA NOALk^קDEWɮ׸I]NOAAQn Linux DEWYɮ׮ɡAAnNMɮצۦAU~קC ]]MɮצbAPΤݳ|sbCoӮɭԡAU@pG@ѧAקFYɮסA oѰONƤWǦ^DEAιLF@}lAAAp󪾹Dɮפ~O̷sH


    • ɮצbDE^קG NFS P CIFS

    JMo˪DAnaAڥiiHbΤݪEW^ϥΦAWɮסA pGiHbΤݪ^iAɮתsAڦbΤݴNݭnsbMɮ׸oA]NOA ڥun Server Wɮ׸ƦsbNiHTISo˪ɮרt[I @OAĤQTت NFS NOo˪ɮרt@TIڥunbΤݱN Server ҴѤɪؿiӡA bΤݪEWNiH^ Server Wɮ׸oAӥBA MƴN^OڥΤݤW partition @AuOnΡI

    ӰFiH Unix Like Eۤɮת NFS A~AbLn (Microsoft) @~tW]ɮרtANO Common Internet File System, CIFS oөNNTICIFS ̔xQkNOثe`yWھFzI Windows tqiHzLୱWyWھFzӤɧOHҴѪɮ׸ƭIuOKC LANFS ȯ Unix EqA CIFS u Windows EqC˸A򦳨S Windows P Unix-Like oӤPxۤɮ׸ƪɮרtOH


    • QΫʥ]fVu{oi SMB Server

    b 1991 ~@ӦWs Andrew Tridgell VhZsʹNo˪xZALWTEAOO] DOS ӤHqBDECq Digital Unix tH Sun Unix tCbSɡA DEC qoiX@M٬ PATHWORKS nAoMniHΨӤ DEC Unix PӤHq DOS oӧ@~tɮ׸ơAi Tridgell \oxZOASun Unix Lk]ѳoӳnӹFƤɪت (1)C

    oӮɭ Tridgell NQGyxIJMotiHۤqASDz Sun NݳoWRaHiiHNotB@zXӡAM Sun oE]^ɮ׸ƩOHzA FMo˪DALѥSNۦgF program hS DOS P DEC Unix tbiƤɶǰeɩҨϥΨ쪺qTwTAMNoǭnT^UӡA åBWzҧ쪺qTwӶ}oX Server Message Block (SMB) oɮרtAӴNOoM SMB nN^ Unix P DOS ۪ɸoI

    Tips:
    ALjդ@Ab Unix Like WiHɮ׸ƪ file system O NFSAb Windows WϥΪyWھFzҨϥΪɮרth٬ Common Internet File System, CIFS
    mϥ

    • W SAMBA D] ^_^

    JMgFnAQ@QA`OݭnU@UΊAaI] Tridgell NhӽФF SMBServer (Server Message Block ̔g) oӦWrӰLgoӳn骺ΊAAiOA] SMB OSNqrA]SkFUCJMpܡAणbr̭}riHΊAӵUOH ꑤFѥbѡAIo SAMBA nt SMB A SO]lԤBRЪW١AMNγoӦWrӰΊAnFIoڭ̤ѩҨϥΪ SAMBA W٥ѨTI ^_^


    pADϥ16.1.2 SAMBA `R

    ѤW SAMBA oitѡAANRMDA SAMBA ̪oiDnشNOnΨӷq Windows P Unix Like oӤP@~xA SAMBA iHiǰʧ@OHQ@QگవaI

    • ɮ׻PLEAȡF
    • iHѨϥΪ̵nJ SAMBA DEɪ{ҡAHѤP̪ӧOơF
    • iHi Windows WDEWٶR (NetBIOS name)
    • iHiUm (Ҧp Zip, CDROM...)

    Uڭ̨ӽʹX SAMBA ARҧaI


    • Qγn骽^s WWW DEW

    ۫HܦhHOQέӤHqNs@ܤAAH FTP AȱNWǨ WWW DEA o˦ӧxZANOPɦbΤݻP WWW DEWY@ơA``|ѰO@O̷sA ꐷЪOAɭԤUUӪɮפwggLnhקFAobU FTP @~ApߤSU@HơA GNwgקLƞ\LhѧoISng@M.....uOQI

    pGAwU SAMBA A]wܡAzLyڡz\A^suhݦAҴѪؿA p@ӧAiH^bAӤHqWקDEɮ׸ơAu@TƦӤwI oNI^OyuWsסzOA@ק粒Ab Internet WiHߨˇAKܧoI


    • i^suɮצA

    bmLhݹLǤAѩqӋqhAsͱ``|ϥΨ줣Pq (]jaomSHΪq[I) A~A]``sͮۤv NoteBook Ӥu@A]AǹᔪƴNbUӹqSAϥΤWSKC oӮɭԡAmNϥ SAMBA NwЪŶɥXӡAѩϥΪ̭nnJ SAMBA oӦADEɻݭnKJϥΪ̸ (bPKX)AӤPnJ̷|o@˪ؿ귽AҥHiHקKۤvƦbιqWQsA ~AbPιqWiHnJ SAMBA DEAƪϥΤWuOSΔ[I


    • LEA

    SAMBA Fɮרt~A]iHɦLEAmsǦnXqNO^H Linux ɪLEӦLsNiCA|y[ Windows ]iH쪺[ISF_IzO[C Om{A Linux ADEɓܳROTw@IAiH 24 pɥB~L𪺧VOu@oC~A]ثezLyWھFzӧ@k Windows @~tqfrbOӦhFAӨA Linux o˪@èSܤjvT (]`@kw Windows Өӡ)AҥH]w@ǻ


    SAMBA RήsxAרkqӻAO@ihonΪAA Mγ\A|ASAMBA \णLOҥ Windows ڥH AD }nA ڪ^ϥ Windows N OK FHiOA Windows XP ڪsu̪ӦҤPA H~`M~ (Professional) ӻALȯണѳ̦hPɤQӳsuڪsuOAo...^ΧaI ҥHoASAMBA TwBiaSSsuӋAȱoߧaI^_^IhRΧAiHۦooI


    pADϥ16.1.3 SAMBA ϥΪ NetBIOS qTw

    WAN^ NFS O[cb RPC Server W@ˡA SAMBA oɮרtO[cb NetBIOS (Network Basic Input/Output System, NetBIOS) oӳqTwWҶ}oXӪCJMpAڭSMNnA@U NetBIOS oI

    ̦ IBM oiX NetBIOS تȬOnkӋqis@ӳqTwӤwA ҥHҼ{רäOwjA]Ao NetBIOS OLkwѪ (Router / Gateway)Co NetBIOS bkbOܦnΡA ҥHLn[cNϥΤFoөNNӶi淾qoI SAMBA ̦oiɭԡAOQn Linux tiH[J Windows tSӤɨϥΩɮ׸ƪAҥHSM SAMBA N[cb NetBIOS oiXoC

    L NetBIOS OLkwѪA]ϥ NetBIOS oi_ӪAzAW]OLkwVѪOI MAϥνd򤣴NShFHnbAڭRҿת NetBIOS over TCP/IP ޳NOIoO˪޳N[H

    |ӨҤlӻnFAڭ̪D TCP/IP Oثes^򥻨wA{bڭ̱N NetBIOS QO@ʩHA oөHuAۤvYӤwApGѧڭ̭nNoөHeh誺BͨɡINݭnzLlt (ҦplTBڧֻTΆΪ) ӶǰeFIo TCP/IP NiHlǻtTIzLo NetBIOS over TCP/IP ޳NAڭ̴NiHwѪϥ SAMBA AҴѪ\I SMTAثe SAMBA ROsxϥΦb LAN ̭C

    Tips:
    γ\A|o{b Windows ]w̭``ݨ NetBEUI oөNNAOOHӬO NetBIOS Extened User Interface ̔gA]O IBM b NetBIOS oiXӤ᪺}CMo̪޳NӬۦPA LAڭ̥unD@̔xyNiHFIҥHAbo̧ڭ̤w NetBEUI ӤC
    mϥ

    pADϥ16.1.4 SAMBA ϥΪ daemons

    NetBIOS SoiɴN۲bkֳtƥyAӦ]OwqbkA]LèSϥ TCP/IP ljKwA]Nݭn IP ]wCp@ӸƦpbDEyOH DEb NetBIOS wSwqϥΡyNetBIOS NamezAC@DEnP NetBIOS Name ~A ɮ׸ƴNObP NetBIOS name qoIڭ̥H@Ӻڪ]wӧ@̔xnFG

    1. oDE NetBIOS name wMDEҦbG

      Sڭ̷QnnJY Windows DEϥΥLҴѪɮ׸ƮɡAݭn[JM Windows DEsœ (Workgroup)AåBڭ̪E]ݭn]w@ӥDEW١A`NAoӥDEWٸ Hostname O@˪A]oӥDEW٬O[cb NetBIOS wWAڭ̥iH̔x٩IL NetBIOS NameCbP@ӸsœSANetBIOS Name ݭnOW@LGI

    2. Qι赹vsiθ귽G

      bڭ̧MDEW٫AO_nJMDEΪ̬OιDEҴѪ귽A Rnݹ Windows DESѧڭ̨ϥΪvoIҥHAäOnJM Windows DEڭ̴NiHLMDEɮ׸귽FC]NOApGDE\AnJA OoS}귽AΡAAnJDE]Lkdݹ誺wи̭ƪTI

    ڭ̪ SAMBA hOzLAȨӱoӨBJAOOG

    • nmbd Go daemon OΨӺ޲zu@sœTBNetBIOS name TΆΪRCDnQ UDP w} port 137, 138 ӭtdWٶRȡF

    • smbd Go daemon Dn\NOΨӺ޲z SAMBA DEɪؿBɮ׻PLEΆΡC DnQΥia TCP wӶljKơA}񪺰f 139 445(@wsb) C

    ҥHoA SAMBA CŰʦܤֳݭno daemons IoinѰOoISڭ̎ŰʤF SAMBA ADEtN|Ű 137, 138 o UDP 139 o@ TCP fAo]nѰOFI ]᭱]wɭԡAR|ϥΨoT port OI


    pADϥ16.1.5 suҦ (peer/peer, domain model)

    SAMBA ARάSsxAӥBiH̷ӤPksu覡APPϥΪ̱bKXޤ覡ӶiC Ҧp̱` Workgroup Domain R覡suҦOIUڭ̴NOnӽͤ@ͳoṞ`ksuҦG peer/peer (μҦ) domain model (DҦ)C


    • peer/peer (Workgroup model, μҦ)G

    peer PΡBPxNsbAҥHѦrWӬݡApeer/peer SMNODEaۆoI oONOH̔xApbk̭Ҧ PC iHbۤvqW޲zۤvbPKXA PɨC@q]㦳WOUn骺OAuO]ѺNU PC sb@_Ӥw@Ӭ[cA ҥHAC@EOiHW߹B@I

    o˪[cbثep줽Ṋ̀O̱`CҦp줽Ṋ̀QӤHACӤHWiೣwU@M Windows @~tӤHqAӳoQqiHW߶i줽dzn骺[BWߤW[BWߪCڔ[ΆΪA ]oQqiHW߹B@AҥH|@q}ALqNLku@po͡AoNO peer/peer 嫬[cC

    bo˪[cUAnpzLsuӨo誺ƩOH|ҨӻAHUϪ[cҡAbo˪[cUA] vbird (PC A) gF@ӏNiѡA dmtsai (PC B) QnH^γoӏNiѮɡA dmtsai NnD vbird ϥΪKXAåB vbird nb PC A Wť Windows y귽(Ϊ̬O@)zA~^ dmtsai suiJ ( PC A Server) IӥBA vbird iHHɨ̷ӦۤvߦnӧۤvbPKXAӤ dmtsai vTCLAdmtsai Nono vbird PNosbPKXA~^nJ PC A IϹLӻAP˪A vbird no dmtsai ƮɡAP˻ݭno PC B bPKXA~^QnJ[ ( PC A Client )I] PC A, PC B Pa쳣PɥiH Client P Server AҥHNO peer/peer [cFI

    peer/peer suܷN
    16.1-1Bpeer/peer suܷN

    ϥ peer/peer [cnBOCqiHW߹B@AӤLHvTILA INOSӺkҦHniƤɮɡAODҦq̭bPKXAN|ܶ˸FI ҥHA Peer/Peer [cOAX (1)pkAΪ̬O (2)Sݭn``iɮ׸ƤɪAΪ̬O (3)CӨϥΪ̳W۾֦Mq֦v(NOAMqOϥΪ̪AӤOΪTI) ӡApGMx쪺Ҧ PC O (Ҧpժq)AӥBAݭn@޾Ӻk̭bPKXܡA NoϥΩU domain models FI


    • domain model (DҦ)

    ]ѧAAȪx즳 10 qAOAx즳 20 ӭuAo]NOAo 20 ӭuymۥγo 10 qCpGCqpP peer/peer [cɡACqݭnKJo 20 ӭubPKXӴѥL̵nJCӥBAѰpӭuQnܧۤvKXɡANݭn 10 xqWiKXܧ󪺧@~I_hLNnOoo 10 q̭A@qOOШ@ӱKX...nШ

    pGWzOo˪pAϥ peer/peer [cNO@ӦnkFIoӮɭԴNݭn] domain model ӹFAݨDTIҿת domain model y]̔xAJMϥιq귽ݭnbPKXA ڱNҦbPKXmb@Dq (Primary Domain Controller, PDC) WAbڪk̭AHQnϥΥqɡAݭnb݁eKJbPKXAMqq] PDC A~ѫA~ASϥvC]NOAPR㦳@˪q귽ϥvNOFI ҦpUϥܡG

    domain model suܷN
    16.1-2Bdomain model suܷN

    PDC A޾Ӻk̭UE (PC A ~ PC D) bPKXTApѦӨϥΪ̱bW٬ vbird ABKX 12345 ɡALAϥέ@q (PC A ~ PC D) unb݁eKJ vbird PLKXAhME| PDC WdO_ vbird H vbird KXAåB PDC DE| vbird oӨϥΪ̬}q귽ϥvCS vbird b@DEWnJ\ALNiHϥά}q귽FI

    o˪[cAXHӤH~[cASt޲zn޷siHq귽ϥvɡAiH^w PDC ӭקNnFAݭnC@DEh׭ק諸At޲zӻAo˪[cbޱb귽WASMO̔xTI

    UR[cAΪPAΪHۦPAèSӬO̦nTIШ̷ӧAu@ӿܳsuҦoISMA SAMBA iHFWzRҦTIUڭ̷|OӤI


    jADϥ16.2 SAMBA A]w

    SAMBA oӳnXGbҦ Linux distributions WѡA]YϧA Linux ȰӤHWqϥήɡA ÂHi|ݭnsuhݪ Windows ڡAӮɭԴNon samba ѪΤݳn\oI ]Aun^wUtWѪw] samba YiCUڭ̷| samba AAMAΤݥ\I


    pADϥ16.2.1 Samba һݳnΨnc

    ثe` samba 3.x AH 2.x b]wWI@ˡA]biJ]weХT{A samba C ̪ CentOS 6.x DnѪO Samba 3.x AL]X 4.x (samba4)Aڭ̳o̥DnOw] 3.x CAݭnnOH򥻤WoǡG

    • sambaG oӳnDnѤF SMB AһݪUAȵ{ (smbd nmbd)B ɡBHΨLP SAMBA } logrotate ]wɤζ}Ew]ﶵɮ׆ΡF

    • samba-clientG oӳnhѤFS Linux SAMBA Client ݮɡAһݭnuOAҦp SAMBA ɮ׮榡 mount.cifsB oڬ}𪬹Ϫ smbtree ΆΡF

    • samba-commonG oӳn鴣ѪhOAPΤݳ|ϥΨ쪺ơA]A SAMBA Dn]w (smb.conf)BykˇO (testparm) ΆΡF

    oTӳnAonwU~IpG|wUܡAϥ yum hUnaIwUܤAAiḨԎݤ@U Samba ncIP}]wɰ򥻤WoǡG

    • /etc/samba/smb.confG oO Samba Dn]wɡA򥻤WA̪ Samba NȦoӳ]wɦӤwABoӳ]wɥNO܌NFAХ vim hd\aIDn]wؤA}]w (global)Apu@sœBNetBIOS WٻPKXίņΡA HΤɪؿά}]wApڥؿBɸ귽WٻPvΆΨjC

    • /etc/samba/lmhostsG NetBIOS name B~]wA]ݭno lmhosts NetBIOS name R IP ɡC WI^O /etc/hosts \IuLo lmhosts RDEW٬O NetBIOS name In /etc/hosts dVFIثe Samba w]|hϥΧAEW (hostname) @A NetBIOS nameA]oɮפ]w]LҿסC

    • /etc/sysconfig/sambaG юŰ smbd, nmbd ɡAARQn[J}AȰӋC

    • /etc/samba/smbusersG ѩ Windows P Linux b޲zPXȪbW٤@PAҦpG administrator (windows) root(linux)A FRo̤b}YAiϥγoɮרӳ]w

    • /var/lib/samba/private/{passdb.tdb,secrets.tdb}G ޲z Samba ϥΪ̱b/KXɡA|Ψ쪺ƮwɮסF

    • /usr/share/doc/samba-<>G oӥؿ]tF SAMBA Ҧ}޳NUI]NOASAwUnF SAMBA AAṱNwgtSIӧ㪺 SAMBA ϥΤUFIȱo@aI ^_^AҥHAԒۦѦҳI

    ܩ`ΪOɮפ譱AYAPΤݥ\AhDnUoXӸơG

    • /usr/sbin/{smbd,nmbd}GA\ANO̭nv޲z (smbd) H NetBIOS name d (nmbd) ӭnAȵ{F

    • /usr/bin/{tdbdump,tdbtool}GA\Ab Samba 3.0 H᪺AϥΪ̪bPKXӋwg茬ϥθƮwFISamba ϥΪƮwW٬ TDB (Trivial DataBase)C JMOϥθƮwASMnϥθƮwOӳBzoCtdbdump iHԎݸƮweAtdbtool hiHiJƮwާ@^ʭקbKӋCLAAonwU tdb-tools oӳn~F

    • /usr/bin/smbstatusGA\AiHCXثe Samba supA ]AC@ Samba su PID, ɪ귽AϥΪΤӷΆΡAAP޲z Samba TF

    • /usr/bin/{smbpasswd,pdbedit}GA\Ab޲z Samba ϥΪ̱bKXɡA Oϥ smbpasswd oӫOAL]Өϥ TDB ƮwFA]ijϥηs pdbedit OӺ޲zΤơF

    • /usr/bin/testparmGA\AoӫODnbˇ]w smb.conf ykTP_ASAsL smb.conf ɡAаȥϥγoӫOˬd@AקK]rh~ް_xZ[I

    • /sbin/mount.cifsGΤݥ\Ab Windows Wڭ̥iH]wyϺEzӳs^ۤvDEWCb Linux WAڭ̫hOzL mount (mount.cifs) ӱNhݥDEɪɮ׻Pؿۤv Linux DEWI

    • /usr/bin/smbclientGΤݥ\ASA Linux DEQn]ѡyWھFz\ӬdݧOxqҤɥXӪؿPUmɡANiHϥ smbclient ӬdTIoӫO]iHϥΦbۤv SAMBA DEWAΨӬdݬO_]w\I

    • /usr/bin/nmblookupGΤݥ\AI nslookup TIIbdX NetBIOS name NOFC

    • /usr/bin/smbtreeGΤݥ\AoNNI^ Windows tWھFܪGAiHyaڪqzơA ^du@sœPqW٪𪬥ؿGϡI

    jPncNOoˡAUNǷQ@̔xרҧaIoˤn]wɶTI


    pADϥ16.2.2 䪺ڤɬy{P smb.conf `γ]w

    JM Samba On[J Windows ڪASAҥH]w覡RMOnPڮth~OCҥHڭ̥ӃԤ@ Windows @Ǻڳ]wkACb Windows ڳ]wuO̔xAL]]̔xA ҥHͪwDiOSꐷЪCӦb Windows XP SP2 (Aȥ]ĤG) [JFܦhw]EA ]ϥκڪw]``|Oo˪G

    • APΤݤnbP@ӺkS (_hݭnק Windows w])F
    • ̦n]wP@u@sœF
    • DEW٤iۦP (NetBIOS name)F
    • M~ Windows XP ̦hȯണѦP 10 ӥΤsuP@xڦAWC

    u@sœPDEW٪]wAAiHbyڪqzkgAܤeh׭q}]wȡCSA Windows DEsŦXWzANܮeBzڤɪu@TIɪBJ@Oo˪G

    1. sXɮ`ޡAMbnɪؿBϺЩΗUm (pLE) WUkgAܡy@ΡzAMN^]wnɪƤFF
    2. ̦nإߤ@œΤϥΪbPKXALDEϥΪ̥iHzLMbKXsuiJϥκڤɪ귽F
    DG
    ]A} Windows XP ɮ`ޡAb D:\VBird\Data oӥؿUAAUkgy@λPwʡzAAbX{A AܡGyAAoӦwIAnFӦ@ɮסAЫo̡zAMĿGybW@γoӸƧzA ̫@ΪW٧AKJFGyVBGamezAаݡA]A IP O 192.168.100.20 AAΤ|ݨ줰}CH
    G
    ڪ귽Wٳq`gkOGy \\IP\ɸ귽W١zAڭ̪ɸ귽W٬ VBGameA]̜oӤɪ귽WRMOGy \\192.168.100.20\VBGame z~IܦhBͳ|gGy \\192.168.100.20\VBird\Game zhoܲm[I

    uO^̔xI Samba ]w[H]O̔xA̾ڤWzHάy{AiHo˷Q^G

    1. A]w譱Gb smb.conf S]wnu@sœBNetBIOS DEWBKXϥΪA (LKXɩΥEKX) ΆΡF
    2. WُǷQɪؿӋGb smb.conf ]wnwpnɪؿΗUmHΥiѨϥΪbơF
    3. إߩһݭnɮרtGھڨBJ 2 ]wAb Linux ɮרtSإߦnɥXhɮשΗUmAHά}vӋF
    4. إߥi Samba bGھڨBJ 2 ]wAإߩһݪ Linux bAAH pdbedit إߨϥ Samba KXF
    5. ŰʪAGŰ Samba smbd, nmbd AȡA}lB茭I

    ھڤWy{Aڭ̳̻ݭnDNO smb.conf oӳ]wɪTNOFC ҥHڭ̴NnӤ@Uoɮת]w覡oIoɮרiHӬݡA @ӬODETAb smb.conf SH [global] (Zk) @]w̾ڡFt@ӫhOɪTA HӧOؿW٬̾ڡCt~Aѩ Samba DnOQ[Jڥ\A]b smb.conf ܦh]wP Windows G

    • b smb.conf SArP (# ;) OŸF
    • boӳ]wɤAjpgOS}YI] Windows SjpgI


    • smb.conf AӋG [global]

    b smb.conf oӳ]wS]wئI^UoˡG

    # |ܦh[W #  ; AA]iHۦ[WӴۤv}]w
    [global]
       Ӌ = ]we
       ....
    
    [ɸ귽W]
       Ӌ = ]we
       ....
    

    b [global] SNO@ǦAӋFA]Au@sœBDE NetBIOS W١BrsXܡBnɪ]wB O_ϥαKXHΨϥαKXҪEΆΡAObo [global] ؤ]wCܩ [ɸ귽W] hOwA}񪺥ؿӶiv譱]wA]A֥iHsMؿBO_iHŪgΆΰӋC b [global] }DEWٸT譱ӋDnG

    • workgroup = u@sœWG`NADEsnۦPF
    • netbios name = DE NetBIOS W[ACDEPF
    • server string = DE̔AoHKgYiC

    t~ALh``ϥΪ̤ߥͤytܰD譱AAȥnMEDOASAMBA AW (Ҧp mount ϺФμѪӋHέ쥻ƽsX), SAMBA Aܪyt, Windows Τܪyt, Windows ΤݳsW SAMBA n ݭnŦX]wȤ~Ibs 3.x WӋӴѳoǻyt茂]wApUҥܡG

    • display charset = ۤvAWܽsXA ҦpAbEɩҬd\sXTC@ӻAPU unix charset |ۦPC
    • unix charset = b Linux AWҨϥΪsXA@ӻNO i18n sXoI ҥHAnѦ /etc/sysconfig/i18n yw]zsXC
    • dos charset = NO Windows ΤݪsXFI @ӻڭ̪c餤 Windows ϥΪO big5 sXAoӽsXb Samba 榡Q٬y cp950 zI

    }ytsXAijAѦҤ@UQAϪo@gG

    ڭ̪ eyesblue goӦnFIҥHijja^ed\YiIbỏmNMؤe@ӨDӪC

    DG
    ]A Samba ϥΪyt /etc/sysconfig/i18n ܪOy LANG="zh_TW.big5" zA ӹwpnɪ؊A Windows tO XPAAytRMp]wH
    G
    ѩ Linux, Windows XP ϥ big5 sXA]]wRMOG
            unix charset    = cp950
            display charset = cp950
            dos charset     = cp950

    ~ARnɤ譱TA]AoǰӋG

    • log file = nɩmɮסAɦWi|ϥӋBzF
    • max log size = nɳ̤jȯh Kbytes AYjMӋrAh|Q rotate C

    Rڶ}ɮɡAwʵ{צ}KXӋA]AoXӡG

    • security = share, user, domainGT@AoTӳ]wȤONG

      • shareGɪƤݭnKXAjaiϥ (Sw)F
      • user Gϥ SAMBA AKXƮwAKXƮwPU passdb backend }F
      • domainGϥΥ~AKXAY SAMBA OΤݤNApG]woӶءA ARonѡypassword server = IPz]wȤ~F

    • encrypt passwords = Yes NKXn[KA`N passwords n s ~I

    • passdb backend = Ʈw榡ApeҭzAF[ֳtסA ثeKXɤwg茬ϥθƮwFIw]Ʈw榡L tdbsam Aӹw]ɮ׫hm /var/lib/samba/private/passwd.tdbC

    W Samba KX譱]wȫܦhA]AARiHQ samba ӭק /etc/passwd YHKXOI LoӮɭԴNoݭny unix password sync zHΡy passwd program zoӰӋȪDFC ڭ̳o̥ͤ̔xALi픪iH man smb.conf hijMd\I ^_^


    • ɸ귽}Ӌ]w [ɪW]

    oNOڭ̦bepdSAnN (1)ڪؿ (2)ɦW١H̭񪺬OyɦW١zI boӤɦW٤`ӋG

    • [ɦW] GoӤɦW٫ܭnAO@ӡyNzӤwCOo^hݬ 16.2.2 ̭쪺ӽdҡF

    • comment GuOoӥؿӤwI

    • path GoӤɦWڷ|iJ Linux ɮרt (ؿ)C ]NOAbSݨ쪺O [] W١Aھާ@ɮרthOb path Yҳ]wC

    • browseable GO_ҦϥΪ̬ݨoӶءH

    • writable GO_iHgJHo̻ݭn`N@UI read only P writable OZۦ]wȶܡHpG writable bo̳]w yes AYiHgJApG read only Pɳ]w yes A N۩IJFIӤ~OT]wH׬OG̫X{ӳ]wȬDn]wI

    • create mode P directory mode Pv}I

    • writelist = ϥΪ, @sœAoӶإiHw^iJ즹귽SwϥΪ̡C pGO @group 榡Ah[JMsœϥΪ̧ioϥΪvA]wW|̔xI

    ]ɪ귽DnP Linux tɮv}A]Y]wӋhPv}C


    • smb.conf iӋ\

    F̔Ƴ]wȡASamba ѫܦhPӋڭ̨ӨϥΡADnUoXӋG

    • %SGNثe]wحȡAҿתy]wحȡzNOb [] ̭eI|ҨӻAҦpU]wdҡG
      [homes]
         valid users = %S
         ....
      
      ] valid users O\nJ̡A]w %S ܥinJϥΪ̳^nJN㤵ѦpG dmtsai oӨϥΪ̵nJA [homes] N|۰ʪܦF [dmtsai] FIo˥iHդFܡH %S ηNNObثe [ ] ̭eTI
    • %mGN Client ݪ NetBIOS DEWٳI
    • %MGN Client ݪ Internet DEWٳINO HOSTNAMEC
    • %LGN SAMBA DE NetBIOS DEW١C
    • %HGNϥΪ̪aؿC
    • %UGNثenJϥΪ̪ϥΪ̦W
    • %gGNnJϥΪ̪sœW١C
    • %hGNثeo SAMBA DE HOSTNAME I`NO hostname O NetBIOS name I
    • %IGN Client IP C
    • %TGNثePɶ

    HWNOb smb.conf WY`ݨ쪺XR]wءA۫H즸^IJ Samba B͡AݨWYgƪ֩wO@Y㑤I ڭ̩UδXӤpdҨڪ smb.conf ]wAAN|DoǰӋpRΤFI OoAݧUUdҫAn^ӦANoǰӋNq@@@A ӥBYLB~ӋAȥۦ man smb.conf InܡI

    Tips:
    ɥNܰʤӧ֡AܰʤӦhnҦӋbO@ơҥHbỏmu@DZ`Ϊ]wءA ܦhNNonaUݩxۤvVOF好]CXܦh Samba uW귽AOondԎݡI
    mϥ

    pADϥ16.2.3 ݱKX (security = share, ´)

    MKHݭnKXN^ϥ SAMBA DEҴѪؿ귽HuHShTAiHF쪺CLA]ݭnKXN^nJA MAiH]wvŪAϥΪ̥iHy@@ӤwzAOܳMIC ]pGAp߱NnƩmMɪؿSAZMIHҥHɶqno˳]wAҥHAD~|Gy´zI


    • 0. ]

    bUרҤAA (192.168.100.254) wp]wӋpG

    • b LAN ҦڥDEu@sœ (workgroup) G vbirdhouse
    • o Samba A NetBIOS W (netbios name) G vbirdserver
    • ϥΪ̻{Ҽhų]w (security) G share
    • 쥻檺 [homes] ؿF
    • Ȥ /tmp oӥؿӤwABWG temp
    • Linux AsX榡]UX (Unicode, Y utf8)
    • Τݬ Windows AbΤݪn]ϥ big5 sX

    A netbios name XGiHγ]wFA]{bڭ̳ IP iڳsuA@w|ϥΥDEWٹI ҥHo@SAmF lmhosts ]wȳInFAUN}ļǨӶi samba ]waI


    • 1. ]w smb.conf ]w

    ѩڭ̦]wyt}ơA]onddݡA쩳ڭ Linux AytO_ utf8 OHˬdkpUG

    [root@www ~]# cat /etc/sysconfig/i18n
    LANG="zh_TW.UTF-8"  <==TOX{F utf8 I
    

    pWҥܡATO utf8 [IӦboӨҤlSڭ̶Ȥ /tmp oӥؿӤwAӥB]oӤɥXӪؿOiŪgA t~Aڭ̨èSɦLEIӦb smb.conf SŸiHOy # z]iHOy ; zIn`NI

    [root@www ~]# cd /etc/samba
    [root@www samba]# cp smb.conf smb.conf.raw  <==QAI
    [root@www samba]# vim smb.conf
    # 1. ]wnA譱Ӌ
    [global]
            # PDEW٦}]wT
            workgroup     = vbirdhouse
            netbios name  = vbirdserver
            server string = This is vbird's samba server
    
            # Pyt譱}]wسAp]wаѦҫe
            unix charset    = utf8
            display charset = utf8
            dos charset     = cp950
    
            # Pnɦ}]wءA`NӋ (%m)
            log file = /var/log/samba/log.%m
            max log size = 50
    
            # o̤~OPKX}]wحI
            security = share
    
            # ק@ULEJ覡AnJTI
            load printers	= no
    
    # 2. ɪ귽]w譱GDnoNHAs[JI
    #     [homes], [printers] ءAMw /tmp ]wAisBigJ
    [temp]                                     <==ɸ귽W
            comment    = Temporary file space  <==̔x귽
            path       = /tmp                  <== Linux ɪؿ
            writable   = yes                   <==O_igJHbҬO
            browseable = yes                   <==णQs귽W
            guest ok   = yes                   <==x¤ɮɡAΤHNnJ]w
    

    ЧASOdNAb쥻 smb.conf WNwgܦhw]ȤFAoǹw]ȦpGADLγ~A ɶqOdw]ȡA]iHϥ man smb.conf hdMw]ȪNqCWz]wOϥΪ̪{ҼhŪI


    • 2. testparm d\ smb.conf yk]wT

    bŰ samba eAڭ̰ȥnA smb.conf ̭ykO_TAˇ覡ϥ testparm oӫOYiC 覡pUG

    [root@www ~]# testparm
    ﶵPӋG
    -v Gd\㪺Ӌ]wAsPw]Ȥ]|ܥXӳI
    
    [root@www ~]# testparm
    Load smb config files from /etc/samba/smb.conf
    Processing section "[temp]"   <==ݦXӤAAYeX{TAhh~
    Loaded services file OK.
    Server role: ROLE_STANDALONE
    Press enter to see a dump of your service definitions <== Enter ~
    
    [global]   <==UNOb smb.conf Y]wơI
            dos charset = cp950
            unix charset = utf8
            display charset = utf8
            workgroup = VBIRDHOUSE
            netbios name = VBIRDSERVER
            server string = This is vbird's samba server
            security = SHARE
            log file = /var/log/samba/log.%m
            max log size = 50
            load printers = No
    
    [temp]
            comment = Temporary file space
            path = /tmp
            read only = No
            guest ok = Yes
    

    WYOykһPUӶتCXApGAUF testparm oX{pUeNODG

    [root@www ~]# testparm
    Load smb config files from /etc/samba/smb.conf
    Unknown parameter encountered: "linux charset" <==Aeh~TI
    Ignoring unknown parameter "linux charset"
    Processing section "[temp]"
    Loaded services file OK.
    Server role: ROLE_STANDALONE
    Press enter to see a dump of your service definitions
    

    pGo{Wzh~AoܧA smb.conf ӡy linux charset z]wӋAL smb.conf O䴩oӰӋC i઺DO samba 2.x P samba 3.x @Ƕت䴩wgsbFAҥHAϥ΂H 2.x ]wɨ 3.x WYɡAN|X{DC~Ayrh~z]Oܱ`@ӰDoIԒ@UykA Mھ smb.conf sbإhiקaC

    pGAQnA samba Ҧ]w (]ASb smb.conf Y]ww])AiHϥ testparm -v ӧ@NKXA ƬSIAzLoӧA]iHDADE]wOI ^_^


    • 3. AݪAȎŰʻPf[Ԏ

    Űb̔xFAQιw] CentOS Űʤ覡ӳBzYiC

    [root@www ~]# /etc/init.d/smb start  <==o@}lnŰʨdaemon
    [root@www ~]# /etc/init.d/nmb start
    [root@www ~]# chkconfig smb on
    [root@www ~]# chkconfig nmb on
    [root@www ~]# netstat -tlunp | grep mbd
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address        Foreign Address State   PID/Program name
    tcp        0      0 :::139               :::*            LISTEN  1772/smbd
    tcp        0      0 :::445               :::*            LISTEN  1772/smbd
    udp        0      0 192.168.1.100:137    0.0.0.0:*               1780/nmbd
    udp        0      0 192.168.100.254:137  0.0.0.0:*               1780/nmbd
    udp        0      0 0.0.0.0:137          0.0.0.0:*               1780/nmbd
    udp        0      0 192.168.1.100:138    0.0.0.0:*               1780/nmbd
    udp        0      0 192.168.100.254:138  0.0.0.0:*               1780/nmbd
    udp        0      0 0.0.0.0:138          0.0.0.0:*               1780/nmbd
    

    SO`NAb Samba Sw]|ŰʦhӰfAo]AƶljK TCP f (139, 445)AHζi NetBIOS WٶRu@ UDP f (137, 138)AҥHA~|ݨܦhƪC_Ȥ䴩 139 oӥnfA} 445 OHiH[zL testparm -v [ԎAiHo{y smb ports = 445 139 zoӳ]wȫwӰfA]AiHb smb.conf W[oӳ]wȡAçאּ smb ports = 139 YiCLAijOdw]TI


    • 4. ]ۧڬΤݪˇ (w] lo )

    }Τݪ[Ԏڭ̷|bi椶Cbo̶ȬOpTwڭ̪ Samba ]wPAȦQbB@C ڭ̥iHbEWzL smbclient o{ӳBzA򥻬d߻ykOo˪G

    [root@www ~]# smbclient -L [//DEIP] [-U ϥΪ̱b]
    ﶵPӋG
    -L GȬd\᭱^DEҴѤɪؿ귽F
    -U GH᭱^oӱbӹoMDEiϥθ귽
    

    ѩboӽdSڭ̨èSWdϥΪ̪wί (share)AҥHϥ -U oӿﶵA]AiHoˬݬݡG

    [root@www ~]# smbclient -L //127.0.0.1 
    Enter root's password: <==]ݭnKXA]o̫@U [Enter] aI
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Sharename       Type      Comment
            ---------       ----      -------
            temp            Disk      Temporary file space
            IPC$            IPC       IPC Service (This is vbird's samba server)
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Server               Comment
            ---------            -------
            VBIRDSERVER          This is vbird's samba server
    
            Workgroup            Master
            ---------            -------
            VBIRDHOUSE           VBIRDSERVER
    

    WKXTSAɪؿ귽 (Sharename) NOb smb.conf S]w [temp] WoI ]bo̪NOGHiHiJ //127.0.0.1/temp oӥؿSA ӳoӥؿb Linux tO /tmp ؿCܩ󨺭 IPC$ hOFnRI Windows ҥnsbشNOFCMpϥγoӸ귽OH^Uӧڭ̥iHQ mount oӫOӴݬoG

    [root@www ~]# mount -t cifs //127.0.0.1/temp /mnt
    Password: <==]SKXAҥHoRO Enter Yi
    [root@www ~]# df
    Filesystem           1K-blocks      Used Available Use% Mounted on
    ....(eٲ)....
    //127.0.0.1/temp/      1007896     53688    903008   6% /mnt
    
    [root@www ~]# cd /mnt
    [root@www mnt]# ll  <==HWoӰʧ@niI~|DSvDI
    [root@www mnt]# touch zzz
    [root@www mnt]# ll zzz /tmp/zzz
    -rw-r--r--. 1 nobody nobody 0 Jul 29 13:08 /tmp/zzz
    -rw-r--r--. 1 nobody nobody 0 Jul 29 13:08 zzz
    # `NIAiJ /mnt |QY nobody OIAO root [I
    
    [root@www mnt]# cd ; umount /mnt
    

    TiH_ӡAҥHAܫANNoӱƨaC} mount ΪkAڭ̷|b᭱p`~򤶚C


    򥻤WA즹̴N]wn@̔xݭnKXYinJ Samba AFI AiHΤݳn\iNC ^UӡAڭ̥H̔ݭnKX~^nJ Samba 覡ӳ]p@ӽdҧaI


    pADϥ16.2.4 ݱbKX~inJ (security = user)

    ]w@ݱKXYinJ Samba server OD`̔xALA A`ƱYǦEKʽ誺Ʃb]ڤjad\aH |ҨӻAA`ƱAaؿQHaHNsaHaؿi঳AۤvѩOI^_^

    HS}YAڭ̥iHzL Samba AѪ{Ҥ覡ӶiϥΪvA ]NOAAbΤݳsuAɡAnKJTbPKXA~^nJ Samba d\AۤvơI ||[H|TI Samba NѤ@Ӥp{DUڭ̳BzKXإߤFAӬy{RC

    nO Samba ϥΪ̱bnsb Linux tS (/etc/passwd)A O Samba KXP Unix KXɮרäۦP (oO] Linux PڪKXҤ覡νsX榡PҭP)C oNIpꐷСS}YANڭ̨̼˵eĪӳBz@Uoӈ]waI


    • 0. ]

    ѩϥΪ̼hŷ|ܦ user 픬qA] [temp] wgSnsbIбNM]wRεC ӦA譱ƫhЫOdA]Au@sœΆΪơA÷sWUơG

    • ϥΪ̻{Ҽhų]w (security) G user
    • ϥΪ̱KXɮרϥ TDB Ʈw榡Aw]ɮצb /var/lib/samba/private/ F
    • KXn[KF
    • Cӥiϥ samba ϥΪ̧֦ۤvaؿF
    • ]wTӥΤAW٬ smb1, smb2, smb3 AB[J users nsœCTӥΤ Linux KX 1234A Samba KXh 4321F
    • /home/project oӥؿAB귽W٨WG projectF
    • [J users oӸsœϥΪ̥iHϥ //IP/project 귽ABbMؿU users oӸsœϥΪ̨㦳gJvC

    nFA}l@BBBzaI


    • 1. ]w smb.conf ]wɻPؿv}]w

    boӽdҪ]wSAڭ̷|sWXӰӋAsWӋ|ίSr_ӡA ޥΤeӋh@rCХ椬ѦҬݬoG

    # 1. }l]wn smb.conf ɮ׽I
    [root@www ~]# vim /etc/samba/smb.conf
    [global]
            workgroup       = vbirdhouse
            netbios name    = vbirdserver
            server string   = This is vbird's samba server
            unix charset    = utf8
            display charset = utf8
            dos charset     = cp950
            log file        = /var/log/samba/log.%m
            max log size    = 50
            load printers	= no
    
            # PKX}]wءA]AKXɮשҦb榡I
            security = user          <==oNOITI令 user h
            passdb backend = tdbsam  <==ϥΪO TDB Ʈw榡I
    
    # 2. ɪ귽]w譱GR temp  [J homes P project
    [homes]                                   <==ɪ귽W
            comment        = Home Directories
            browseable     = no               <==FϥΪ̦ۤv~AiQLHs
            writable       = yes              <==iŪg
            create mode    = 0664             <==إɮתv 664
            directory mode = 0775             <==إߥؿv 775
    
    [project]                                 <==NOTϥΪ̪@ɸ귽
            comment    = smbuser's project
            path       = /home/project        <==ڪ Linux Wؿm
            browseable = yes                  <==iQLHs귽W(De)
            writable   = yes                  <==iHQgJ
            write list = @users               <==gJ̦ǤHN
    
    # 2. C粒 smb.conf Aݭnsˬd@UykT_I
    [root@www ~]# testparm  <==N debug ЦۦBzoI
    

    bWSê]wإDnG

    • [global] קPsWGsecurity ]w user hšABϥΡypassdb backend = tdbsamzoӸƮw榡A]KXɷ|m /var/lib/samba/private/ C ~Aw]KXNO[KA]ݭnB~ϥΨL]wӋӳWdF

    • [homes] oӨϥΪ̸귽ɈG homes O̯S귽ɦW١A] Linux WCΤ᧡aؿAҦp smb1 aؿ /home/smb1/ AS smb1 Τϥ samba ɡAoN|o{hF //127.0.0.1/smb1/ 귽iΡA smb2 Nb //127.0.0.1/smb2/ oӸ귽Cѩ󤣥is (browseable)AҥHFϥΪ̥iHݨۤvaؿ귽~ALHOLksC~AFWdvAӦhF create mode P directory mode ӳ]w (ȥi]w]iz|)F

    • [project] oӨϥΪ̸귽ɈGSڭ̷sW@Ӧ@θ귽ɡA ̭nNOWd귽W١CbҤڭ̨ϥ project oӸ귽W٨ӫV /home/project A]NOA //127.0.0.1/project NO /home/project NC~A^ϥγoӸ귽bA[J users oӸsœΤI zL write list oӶؤx¡ApGO]wAi|ϥ valid users AӉmn write list ]wءC L_QsɮRP Linux ̩hɮv}C

    dUnѰOFAF]wɤ~ANؿvPb]wγWd]n]wnIUڭ̥νdҨӶi榹u@I

    DG
    ڭ̹wpn /home/project ؿAoӥؿvMp]wH
    G
    ]On} users sœAӦ@ɸsœvq`Oy 2770 zoӧt SGID SXA\C]oӥؿRMp]w~nG
    [root@www ~]# mkdir /home/project
    [root@www ~]# chgrp users /home/project
    [root@www ~]# chmod 2770 /home/project
    [root@www ~]# ll -d /home/project
    drwxrws---. 2 root users 4096 Jul 29 13:17 /home/project
    


    • 2. ]wiϥ Samba ΤbPKX

    ]wϥΪ̱bOܭn@A]]wh~ܡASM]NHSknJIbo̧ڭ̥n@U Linux ɮרtP SAMBA ]wϥΪ̵nJv}ʡI

    • b Linux oӨtUA{dzݭno UID P GID (User ID P Group ID) A~^֦MvA]~^ASisɮ׆ΰʧ@I

    • } Linux oӨt UID P GID Pb۹}YA@Ob /etc/passwd SASM]zL NIS, ldap Τ覡ӨRF

    • SAMBA ȥuO Linux U@MnAϥ SAMBA Ӷi Linux ɮרtɡAROݭnH Linux tU UID P GID ǫhI

    pGWoXIASDFA{bNӬݤ@USڭ̦b Windows qWHWھFӳs^ Linux åBiƪsɡA|O˪@ӱpOH

    ڭ̻ݭnzL SAMBA ҴѪ\Ӷi Linux sA Linux sOݭno Linux tW UID P GID A]Aڭ̵nJ SAMBA AɡAҧQ SAMBA oO Linux ṱ}bIo]NOAb SAMBA WϥΪ̱bAnO Linux b@ӡI

    ҥHAbҼ{ NIS LDAP ΨLbҤ覡Ax¥H Linux Eb (/etc/passwd) @ҮɡA b Samba AҴѥinJbW١Ansb /etc/passwd SI oO@ӫܭnyIҦpAn dmtsai b /etc/passwd SA~N dmtsai [J Samba ϥΪSCoOܰ򥻪bvyApGA\oo̾\Ū譱DA YҼ{m}AܧAn^hŪŪgF ^_^

    {bڭ̪DݭnsW smb1, smb2, smb3 TӥΤABoTӥΤݭn[J users sœC~Aڭ̤eRإ߹L student oӥΤA]o|ӤHݭn Samba AȡA򰣤FsWΤᤧ~AڭRݭnQ pdbedit oӫOӳBz Samba Τ\I

    # 1. ӫإߩһݭnUӱbA] student wgsbFI
    [root@www ~]# useradd -G users smb1
    [root@www ~]# useradd -G users smb2
    [root@www ~]# useradd -G users smb3
    [root@www ~]# echo 1234 | passwd --stdin smb1
    [root@www ~]# echo 1234 | passwd --stdin smb2
    [root@www ~]# echo 1234 | passwd --stdin smb3
    
    # 2. ϥ pdbedit O\
    [root@www ~]# pdbedit -L [-vw]            <==xªԎݱbT
    [root@www ~]# pdbedit -a|-r|-x -u b    <==sW/ק/Rb
    [root@www ~]# pdbedit -a -m -u Eb   <==P PDC }EX
    ﶵPӋG
    -L GCXثebƮwSbP UID ά}TF
    -v Gݭnft -L ӰAiCXhTA]AaؿθơF
    -w Gݭnft -L ӰAϥ΂H smbpasswd 榡ܸơF
    -a GsW@ӥiϥ Samba bA᭱bݭnb /etc/passwd sb̡F
    -r Gק@ӱb}TAݷftܦhSӋA man pdbeditF
    -x GR@ӥiϥ Samba bAi -L bARF
    -m G᭱^OENX (machine account)AP domain model }I
    
    # 2.1 }lsWϥΪ̧aI
    [root@www ~]# pdbedit -a -u smb1
    new password: <==KJ 4321 oӱKX@@
    retype new password: <==AKJ@aI
    Unix username:        smb1   <==UKJT᪺ܓGI
    NT username:
    Account Flags:        [U          ]
    User SID:             S-1-5-21-4073076488-3046109240-798551845-1000
    Primary Group SID:    S-1-5-21-4073076488-3046109240-798551845-513
    Full Name:
    Home Directory:       \\vbirdserver\smb1
    HomeDir Drive:
    Logon Script:
    Profile Path:         \\vbirdserver\smb1\profile
    Domain:               VBIRDSERVER
    Account desc:
    Workstations:
    Munged dial:
    Logon time:           0
    Logoff time:          9223372036854775807 seconds since the Epoch
    Kickoff time:         9223372036854775807 seconds since the Epoch
    Password last set:    Fri, 29 Jul 2011 13:19:56 CST
    Password can change:  Fri, 29 Jul 2011 13:19:56 CST
    Password must change: never
    Last bad password   : 0
    Bad password count  : 0
    Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    # AiHo{TD`hIYݭקN]wA man pdbedit aI
    [root@www ~]# pdbedit -a -u smb2
    [root@www ~]# pdbedit -a -u smb3
    [root@www ~]# pdbedit -a -u student
    
    # 2.2 dߥثewgsb Samba b
    [root@www ~]# pdbedit -L
    smb1:2004:
    smb3:2006:
    smb2:2005:
    student:505:
    # ȷ|CXbP UID ӤwI
    
    # 2.3 קPR smb3 oӱbݬ
    [root@www ~]# smbpasswd smb3
    New SMB password: 
    Retype new SMB password:
    # קKXSA޲zKXӋOϥ pdbeditAקKXon smbpasswd I
    
    [root@www ~]# pdbedit -x -u smb3
    [root@www ~]# pdbedit -Lw
    # ɧANݤ smb3 oӥΤoIҥHХߧYN[^ӡI
    

    HpGݭnsWB~ϥΪ̱bAYMb쥻sbAhϥ useradd AH pdbedit -a hsWC Ywgsb Linux bA^ pdbedit -a sWYiCPɭn`NA޲z TDB Ʈw榡ijϥ pdbedit oӷsNӳBzAsmbpasswd ȳѤUקKX\ݰOЧYiI


    • 3. sŰ Samba öiۧڴ

    bgLsŰʫAڭ̩Ҷi檺׭q~|ͮġCMϥ smbclient ˬdݬݡAO_P|@˪sGOH ԒݬݡG

    [root@www ~]# /etc/init.d/smb restart
    [root@www ~]# /etc/init.d/nmb restart
    
    # 1. ΰΦWnJݬݡI
    [root@www ~]# smbclient -L //127.0.0.1
    Enter root's password:      <==^U [Enter] YiC
    Anonymous login successful  <==ݨΦWrˤFI
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Sharename       Type      Comment
            ---------       ----      -------
            project         Disk      smbuser's project
            IPC$            IPC       IPC Service (This is vbird's samba server)
    ....(Uٲ)....
    
    # 2. Aϥ smb1 oӱbnJݬݡI
    [root@www ~]# smbclient -L //127.0.0.1 -U smb1
    Enter smb1's password:  <==KJ smb1 b pdbedit ҫإߪKXI
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Sharename       Type      Comment
            ---------       ----      -------
            project         Disk      smbuser's project
            IPC$            IPC       IPC Service (This is vbird's samba server)
            smb1            Disk      Home Directories <==hFoNI
    ....(Uٲ)....
    

    ѤWڭ̥iHo{AgѤPnJiHo@˪sơA ҥHbϥΤWݭnSOdNI^UӡAڭ̶}lӦۧڱݬݡI

    [root@www ~]# mount -t cifs //127.0.0.1/smb1 /mnt -o username=smb1
    Password: <==TwOKJTKXI
    #  /home/smb1/ P /mnt RM֦ۦPɦW~I]I
    
    [root@www ~]# ll /home/smb1/.bashrc
    -rw-r--r--. 1 smb1 smb1 124 May 30 23:46 /home/smb1/.bashrc <==Twɮ
    [root@www ~]# ls -a /mnt
    # oݤFIRMO SELinux DaIھ /var/log/messages TA
    # ipUʧ@N^Bznoӵ{ǡI
    
    [root@www ~]# setsebool -P samba_enable_home_dirs=1
    [root@www ~]# ls -a /mnt
    .  ..  .bash_logout  .bash_profile  .bashrc  .gnome2  .mozilla
    # ɦWX{TIOKOKIoӨϥΪ̱BzܡI
    
    [root@www ~]# umount /mnt
    

    ۧڴOD`nI] Samba O|~ѪAȪA] SELinux |SOy}ӡz@UoӪAȡI]Aw]ϥΪ̮aؿ|}vBw] SELinux type NLkϥ (AiHۤv //127.0.0.1/project NDԣ]oI)AҥHAۦܴN^zӦa誺 SELinux S]wSIN]wШ 16.2.6 wʳ]whd\C

    Tips:
    ھںͦ^NA]eڭ̳]w security O shareAӥBwgϥ Windows tLAbP@ Windows tWƴɡA|o͵LknJpCij^N windows ts}EMe@nJTYiI ^_^
    mϥ

    • 4. }vAP}[Lɸ귽覡G

    ɭԧA|o{Ab smb.conf Swg]wF writable igJAϥΪ̵nJ]SDA ԣNOLkμgJOHO_OA]wRD[HD]D]IDnD``OӦ۩ Linux ɮרtvTI

    |WҤlӻASALkoo{ Linux DžvO諸A֩wO SELinux XDoon setsebool P chcon restorecon ΫOӧJACt~NOAڭ̦b smb.conf S]w [project] igJAY /home/project OigJC] smb1 ݩ users oӸsœA]H smb1 nJ SAMBA AA /home/project RMO㦳iHŪgOIOApGAH root إ /home/project oSѰOקvܡA /home/project OLk users oӸsœgJA] smb1 oӨϥΪSM㦳gJOC o˻AAmQnԣFܡH`N`NI ^_^

    pGARnXRɪؿP^nJϥΪ̮ɡAiHo˰G

    • Qνs smb.conf Ӷ}Lؿ귽AåBSO`N Linux bMؿUvIШϥ chown P chmod aI
    • Q pdbedit ӷsWLi Samba bApGMbèSX{b /etc/passwd ̭AХH useradd sWMbF
    • Ai槹󪺳]wAХH testparm iT{AH /etc/init.d/{smb,nmb} restart ӭsŰʡI

    WASAMBA @γ~NOboӳsuҦIhϥ SAMBA ӤɧA귽aImOϥ SAMBA ӰhݦAPڪu@EqLnC


    pADϥ16.2.5 ]wLEA (CUPS t)

    ɦܤALE\wgܱjFIƦܤ]䴩LuLEA]CxLEiHWߧ@U PC W۪LEA]Sni Samba LEATIܳROǤHERA Ϊ̶R_غLEɡA Samba LEAROsboC

    b Linux UiCLAȫܦhALڭ̳o̭nȦثesy檺 CUPS (Common Unix Printing System) o@ӡC N CUPS wU]wkڭ̤wgbgĤTĤGQ@ CUPS SLAҥHo̧ڭ̤ANAȤjPBzy{NOFCpGAݭn LPRng CLtܡA ijiHѦҩUƳG

    Tips:
    boӤp`Am]ALEäOLEAӬOϥ USB s^LE榡CpGALEu䴩A ij^ѦҦLEUӳ]wYiAݭnwU Samba LEC]YǼtPLEdS\A Ҧp HP dq`R䴩YǯSCL\ (UBhCL)Aoǥ\zLAsɮɡAi|򥢡I
    mϥ

    • 0. ]

    JMnɦLEANonLE[Imϥι Linux 䴩׸@ HP LaserJet P2015dn oLEҡA ϥκ\Ax¨ϥ USB s^ Samba AWC

    • CUPS s^ USB LEAåB}DE IP ӷϥΦLEF
    • ϥ CUPS تLEXʵ{F
    • e HP LExo Windows @~tXʵ{F


    • 1. wULEPTwLEsu`

    AAäOҦLEQ Linux Ҥ䴩AҥHSAQns@LE Linux tWYɡA аȥ http://www.openprinting.org/printers WYhݬݬO_Q䴩I pGSQ䴩AN@LEaIni櫫äF...

    pGALEs^𬰨ϥ USB Ϊ̬OǦC𪺸ܡASAs^WLEA iHQΩU覡ݬݬO_\s^WFG

    [root@www ~]# lsusb
    Bus 001 Device 002: ID 03f0:3817 Hewlett-Packard LaserJet P2015 series
    Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    [root@www ~]# ll /dev/usb/lp0
    crw-rw----. 1 root lp 180, 0 Jul 29 13:55 /dev/usb/lp0
    # ݱoXӡAwg lp0 LEoICL@UaI
    
    [root@www ~]# echo "Hello printer" > /dev/usb/lp0
    

    pGLE^RAo OK TIAiHi橳Uu@FC


    • 2. ]w CUPS PLEsu

    w] CUPS |}šALA]ڭ̦wUOy basic server zҦAҥH CUPS w]èSQwU_ӡC ҥHo̭nwUBs]wPŰʤ~Cظ` CUPS ]whOo˪G

    • ڻݭn 192.168.100.0/24 oӺkiHϥΦLE
    • ڻݭn 192.168.100.0/24 127.0.0.0/8 iH޲z CUPS t

    M}lo˰G

    [root@www ~]# yum groupinstall "Print Server"
    [root@www ~]# vim /etc/cups/cupsd.conf
    # 1. o}bҦI
    # Listen localhost:631  <==b 18 楪kA令pUG
    Listen 0.0.0.0:631
    
    # 2. k^i CUPS sPޱ
    <Location />        <==b 32 楪kAsW^L IP s
      Order allow,deny
      Allow From 127.0.0.0/8
      Allow From 192.168.100.0/24
    </Location>
    
    <Location /admin>       <==b 39 楪kAsW^޲z CUPS 
      Encryption Required   <==]o̪}YAҥHi| https://IP I
      Order allow,deny
      Allow From 127.0.0.0/8
      Allow From 192.168.100.0/24
    </Location>
    

    ]wܫNiH}lӎŰ cups tAiHo˰G

    [root@www ~]# /etc/init.d/cups start
    [root@www ~]# chkconfig cups on
    [root@www ~]# netstat -tunlp | grep 'cups'
    tcp     0  0  0.0.0.0:631         0.0.0.0:*      LISTEN      1851/cupsd
    udp     0  0  0.0.0.0:631         0.0.0.0:*                  1851/cupsd
    

    631 fNO CUPS ҎŰʪTIn`NOA}񤶭on 0.0.0.0 ~wIMڭ̥iH}l]wLEFI ѩ CUPS 䴩ܦhPLEs^ACRs^𳣤@ˡA`G

    • USB s^G usb:/dev/usb/lp0
    • LEG ipp://ip/LE
    • ھFLEG smb://user:password@host/printer

    ҥHn[W 192.168.100.0/24 iHA CUPS ]b...mAS X TI ҥHݭnzLɪu@EsWA~[IɡAN CUPS }bϺiH\NܭnTI ~A]mDEҦbDAo 192.168.100.254 R@Ӥ 192.168.1.100Amb cupsd.conf ̭][JoӺqF (WdҤèSSOj)AҥHUϥܧA|ݨܦh 192.168.1.100 IP An`ȡIO`I ^_^InFAХ}sAb}CKJG https://192.168.100.254:631 (UhO 192.168.1.100)

     CUPS ]w USB LE
    16.2-1B CUPS ]w USB LE

    pWϩҥܡAѩڭ̨ϥΪO https oӻݭnҪsuҦA]N|X{oӤHTC S}YAA^UyAwIzAAܡysWҥ~zYiX{pUϥܡG

     CUPS ]w USB LE
    16.2-2B CUPS ]w USB LE

    pGoDEuOAANܽbY 2 ҫӡyä[xszaI̫UbY 3 ҫyT{wҥ~zYiIpG@QAN|X{pU CUPS ]wϥܡG

     CUPS ]w USB LE
    16.2-3B CUPS ]w USB LE

    bWYwϥSAѩڭ̬OQnإߦLEA]IbY(1)ҫӫsiJLE\AMI (2)ӫإߦLEaI

     CUPS ]w USB LE
    16.2-4B CUPS ]w USB LE

    o@êaAO|AKJbPKX~i򪺰ʧ@IҥHo̽ЉKJ root bKaI

     CUPS ]w USB LE
    16.2-5B CUPS ]w USB LE

    bWϥܤAARMnܪOڭ̳oE USB LEUm~CMUmO HAL AȩҦ۰ʰ쪺A pGASݨ USB LEAiNondߤ@ULEqO_T}ŤFI ILaI

     CUPS ]w USB LE
    16.2-6B CUPS ]w USB LE

    إߦLEɡA̭nOӦCLC (WؤĤ@ӡAW٪ӪN)Abỏmϥ CUPS w]Dڮ쪺ɦWC oӦW٫ܭnAOӤɥXLEWroIܩmPyzNHKAoCѩڭ̬OQnCLAAҥHyshare this printer zSMnĿISAUy~zAN|X{pUϥܡG

     CUPS ]w USB LE
    16.2-7B CUPS ]w USB LE

    ^U CUPS |DAܤ@Ӭ۹ΪXʵ{A򥻤WAϥ CUPS DA쪺w]Xʵ{RMN OK FI 粒ЫUy[JLEzsaI

     CUPS ]w USB LE
    16.2-8B CUPS ]w USB LE

    ݧARSnקLw]ӋApGSܡANU 16.2-8 ySet Default OptionszsaI pG@SDAALEN]wSFCpGQnd\LENTAiHI Printer ءIpUϩҥܡG

     CUPS ]w USB LE
    16.2-9B CUPS ]w USB LE

    pG`SDAAtwg@LEQ CUPS Һ޲zABoLEb}G

    • http://AIP:631/printers/LECW
    • http://192.168.100.254:631/printers/HP_LaserJet_P2015_Series

    ^UӬݬݦpNs쫥̪ Samba AaI


    • 3. b smb.conf S[JLE䴩 (Optional)

    }liD Samba NoLELɥXhaIAݭno˳BzG

    [root@www ~]# vim /etc/samba/smb.conf
    [global]
            # onק load printers ]wAMsWXӸ
            load printers = yes
            cups options  = raw       <==i䴩Ӧ Windows Τ᪺CLu@
            printcap name = cups
            printing      = cups      <==PWoӦbiϥ CUPS CLt
    
    [printers]                        <==LE@wng printers I
            comment = All Printers
            path    = /var/spool/samba<==w]Ӧ samba CLu@ȮɩmC
            browseable = no           <==Q~HsTIv~is
            guest ok   = no           <==PUӳ\XȨӷPgJ(Dɮרt)
            writable   = no
            printable  = yes          <==\CLܭn@u@I
    
    [root@www ~]# testparm  <==Yh~AЦۦBz@U
    [root@www ~]# /etc/init.d/smb restart
    [root@www ~]# /etc/init.d/nmb restart
    

    򥻤WzLo˪]wA Samba N^QѦLEAȤFILiOAWindows Τݨ̂HonwULEXʵ{~^ϥ Samba ҴѪLEAɯuOꐷЭݰQ[㦳Si Samba DʪXʵ{ϥΪ̡Aoˤ@ӥΤݴNݭnB~hXʵ{oIOiHAzL Samba 3.x YiBzINo򥩡A CentOS Samba NO 3.x OIҥHڭ̥iHzLU覡ӳBzC


    • 4. Samba DʴXʵ{ Windows Τϥ

    t~Aγ\A|QALEohA Linux Mp󴣨ѳoǦLEXʵ{[HZꐷСH RnTA CUPS DnOzLQ Postscript CLyPLEqA]Τݥuno postscript Xʵ{L̴N^ϥΫ̪ Samba AҴѪLEFIp@ӡA ALEAunL̯^䴩 Postscript CL榡AOK dwIӥB CUPS xN CUPS Postscript Xʵ{oIiH쩳UshUG

    ܴΪOA]ڭ̬O CentOS 6.x 䴩 rpm nʗUtA]iH^U cups-windows-6.0-1.i386.rpm oɮקYiA^wUo rpm ɮ״N^o cups Windows LEXʵ{FC oɮצwUܤA|NXʵ{m /usr/share/cups/drivers/ YI LAon`NOAFoXʵ{~An䴩 Windows 2000 HX Windows A ARo Windows XP UؿhUX 32 줸䴩ɮסG

    • Win XP 32 줸GC:\WINDOWS\system32\spool\drivers\w32x86\3

    NMؿṶ PS }Yɮ׳qqUUӡARM|ɮתAбNLƻsɦWpgɮסAåBmA Samba AW /usr/share/cups/drivers/ ؿUAMؿmoNO򥻪Xʵ{I bmoӥؿUܤ֧toXɮ״NOFG

    [root@www ~]# ll /usr/share/cups/drivers
    -rw-r--r-- 1 root root    803  4 20  2006 cups6.inf
    -rw-r--r-- 1 root root     72  4 20  2006 cups6.ini
    -rw-r--r-- 1 root root  12568  4 20  2006 cupsps6.dll
    -rw-r--r-- 1 root root  13672  4 20  2006 cupsui6.dll  <==W cups 
    -rw-r--r-- 1 root root 129024  3 24 13:29 ps5ui.dll    <==U Win XP 
    -rw-r--r-- 1 root root 455168  3 24 13:29 pscript5.dll
    -rw-r--r-- 1 root root  27568  3 24 13:29 pscript.hlp
    -rw-r--r-- 1 root root 792644  3 24 13:29 pscript.ntf
    

    Wzɮ׉mNL]@ɮפFAAiHbUsUG

    LAo`NAoɮפ Windows ƬO 32 줸 Windows XP WӪAҥH Windows 98/ME OS@ΪCPɡA 64 줸L߅ Windows 7 ΨtiNonsBzFI AoۦWd\}ƤU覡C^Uӧڭ̥nb smb.conf ̭W[@۷sɸơAoӤɸƥO [print$] W٤~IIoTG

    [root@www ~]# vim /etc/samba/smb.conf
    [global]
    ....(]wOd쥻)....
    [homes]
    ....(]wOd쥻)....
    [printers]
    ....(]wOd쥻)....
    [print$]
            comment    = Printer drivers
            path       = /etc/samba/drivers  <==sLEXʵ{ؿ
            browseable = yes
            guest ok   = no
            read only  = yes
            write list = root                <==oXʵ{޲z
    [project]
    ....(]wOd쥻)....
    
    [root@www ~]# mkdir /etc/samba/drivers
    [root@www ~]# chcon -t samba_share_t /etc/samba/drivers
    # ѩw] CUPS Ȧ root ޲zA]ڭ̥H root @LE޲zF
    # P SELinux ]n׭qpW覡I root Non[J samba 䴩~G
    [root@www ~]# pdbedit -a -u root
    
    [root@www ~]# testparm                 <==yk
    [root@www ~]# /etc/init.d/smb restart  <==sŰ
    
    [root@www ~]# smbclient -L //127.0.0.1 -U root
    Enter root's password:  <==KJ root b samba KX
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Sharename       Type      Comment
            ---------       ----      -------
            print$          Disk      Printer drivers
            project         Disk      smbuser's project
            HP_LaserJet_P2015_Series Printer   HP LaserJet P2015 Series
            IPC$            IPC       IPC Service (This is vbird's samba server)
            root            Disk      Home Directories
    # @Iݨ@LEHXʵ{ҦbɸoI
    

    {bڭ̭ni Samba Aڭ̪ CUPS i Windows ΤݪXʵ{AҥHΤݭnۦ]wL̪Xʵ{I n cups i Samba O cupsaddsmb oӫOӷdwAӫO̔xG

    [root@www ~]# cupsaddsmb [-H SAMBA AW] [-h CUPS AW] \
    >   -a -v [-U ϥΪ̱b]
    ﶵPӋG
    -H G^O Samba AWAEܥiH^ localhost YiF
    -h G^ CUPS AWAP˪iϥ localhost YiF
    -a G۰ʷjMXҦiΪ CUPS LEF
    -v GCXhTF
    -U GLE޲z
    
    # QΫeNLEXʵ{W SAMBA (`N CUPS ޲zw]O root)
    [root@www ~]# cupsaddsmb -H localhost -U root -a -v
    Password for root required to access localhost via SAMBA: <==root b SAMBA KX
    # o̷|{LܦhTAwgwUFYǸTAUmȦCX̔xTӤwC
    Running command: smbclient //localhost/print$ -N -A /tmp/cupsbrdBaE -c 'mkdir 
    W32X86;put /tmp/cupsu13OSU W32X86/HP_LaserJet_P2015_Series.ppd;...
    
    [root@www ~]# ll /etc/samba/drivers
    drwxr-xr-x. 3 root root 4096 Jul 29 15:15 W32X86  <==oNOXʵ{ؿ
    

    ̫bXʵ{sؿ|hX@ W32X86 ؿAAiHdߤ@UMؿeA NOwpnΤݨϥΪXʵ{TIo˴NdwFILAFNҦƳqqXʡA ijAN CUPS SAMBA qqsŰʧaI

    [root@www ~]# /etc/init.d/cups restart
    [root@www ~]# /etc/init.d/smb restart
    [root@www ~]# /etc/init.d/nmb restart
    

    • 5. @ǰDJAG

    pG@QܡAAb Windows ΤRMiHQs^LEoI }ߧaILApGAgLhơAMpiJ Linux Samba DENMƲOH A̦nDUXӫOA}oǫOi픥ΪkhЦۦ浹L man ݬݤFG

    # 1. CXҦiΪLEA
    [root@www ~]# lpstat -a
    HP_LaserJet_P2015_Series accepting requests since Fri 29 Jul 2011 02:55:28 PM CST
    
    # 2. dߥثew]LEu@p
    [root@www ~]# lpq
    hpljp2015dn wN
    S
    # CXLEu@AYCLu@sb (Ҧp}LEAL)A|pUҥܡG
    hpljp2015dn wNåbCL
    ί    ֦H  u@    ɮ                            `p  jp
    active  root    2       Test Page                       17408 byte
    
    # 3. RҦu@سI
    [root@www ~]# lprm -
    # [WӴ (-) NҦΫݤCLu@I
    

    CLu@NOo˶i檺TIԒ򄂬ݬݧaI^UؐQ@U}PwʪQAI


    pADϥ16.2.6 wʪijDP޲z

    ϥ SAMBA O@w{תMIʪAoO]ܦh@įBfrB}NOzLڨӧ@I FפnsuAҥH CentOS 5.x w] SELinux wg}Fܦh Samba su\A ]w]pUAܦhΤݪi|DC~Aȶ}vkӷAHγzL smb.conf Ӻ޲zSwvA]OܭnIPɡALinux ɮרt r, w, x v]Oݭn`NI ڭ̩UN̔x@U@ǰ򥻪wʺ޲zaI


    • SELinux }ijDG

    NpPĤC (7.4.5) ̭쪺Aڭ̳zLnɪeN^Dp󶒨M SELinux UӪAȩҳyDFCLAJMڭ̪DAȬO Samba FAणXP Samba } SELinux WhOHSMiHI򥻪 Samba WhDnG

    [root@www ~]# getsebool -a | grep samba
    samba_domain_controller --> off  <==PDC ɥi|Ψ
    samba_enable_home_dirs --> off   <==}Τϥήaؿ
    samba_export_all_ro --> off      <==\Ūɮרt\
    samba_export_all_rw --> off      <==\Ūgɮרt\
    samba_share_fusefs --> off
    samba_share_nfs --> off
    use_samba_home_dirs --> off      <==ϥΪ̮aؿ}I
    virt_use_samba --> off
    

    ݧaIXGҦWhw]O}IҥHڭ̻ݭnCC}[Iثeڭ̶ȷ|ΨϥΪ̪aؿHΤɦiŪgA LGȭn samba_enable_home_dirs Ӷس]wSYiI]ڭ̥iHo˰G

    [root@www ~]# setsebool -P samba_enable_home_dirs=1
    [root@www ~]# getsebool -a | grep samba_enable_home
    samba_enable_home_dirs --> on
    

    o˨ϥΪ̱L̪aؿ (Ҧp smb1 ϥ //127.0.0.1/smb1/) N|X{LkǰDFI~A ѩɦ Samba ؿRݭn samba_share_t CڭR /home/project ROoܡHӥؿ]ݭn׭qI o˰ݬݡG

    [root@www ~]# ll -Zd /home/project
    drwxrws---. root users unconfined_u:object_r:home_root_t:s0 /home/project
    
    [root@www ~]# chcon -t samba_share_t /home/project
    [root@www ~]# ll -Zd /home/project
    drwxrws---. root users unconfined_u:object_r:samba_share_t:s0 /home/project
    

    pGAɪؿuO Samba AR]A FTP Ϊ̬OLAȮɡAiNonϥ public_content_t oӤja^Ū~IYARo{ SELinux DAШ̷ /var/log/messages ̭Th׭qaI


    • ijDGQ iptables Ӻ޲z

    ̔x޲znJ SAMBA kNOzL iptables TINڭ̤wgbĤEبLFAҥHo̤A[C nDOApGAȭnw侀Ud} Samba ɡAiHo˷QG

    • Ȱw 192.168.100.0/24, 192.168.1.0/24 oӺk} SAMBA ϥv
    • SAMBA ťΪ port UDP: 137, 138 TCP: 139, 445F

    ҥH iptables.allow WhSRMn[JoXG

    [root@www ~]# vim /usr/local/virus/iptables/iptables.allow
    # [JUoXI
    iptables -A INPUT -i $EXTIF -p tcp -s 192.168.100.0/24 -m multiport \
             --dport 139,445 -j ACCEPT
    iptables -A INPUT -i $EXTIF -p tcp -s 192.168.1.0/24 -m multiport \
             --dport 139,445 -j ACCEPT
    iptables -A INPUT -i $EXTIF -p udp -s 192.168.100.0/24 -m multiport \
             --dport 137,138 -j ACCEPT
    iptables -A INPUT -i $EXTIF -p udp -s 192.168.1.0/24 -m multiport \
             --dport 137,138 -j ACCEPT
    [root@www ~]# /usr/local/virus/iptables/iptables.rule
    

    oO̔x̔xWhAAn̾ڧAۦק (q`ק墨 192.168.1.0/24 qYiI)C ѩ smbd nmbd ä䴩 TCP Wrappers AҥHA]uzL iptables ӱF


    • ijDG zLت Samba ]w (smb.conf)

    W Samba wg\hETINOb smb.conf hosts allow hosts deny oӰӋC q`ڭ̥unϥ hosts allow YiASgJoӳ]wتLӷN|QʎsuIoOY檺]wC |ҨӻApGAuQnEB192.168.100.254, 192.168.100.10, 192.168.1.0/24 ϥ SAMBA ӤwAiHo˼gG

    [root@www ~]# vim /etc/samba/smb.conf
    [global]
            # 򨾤ijD}]w
            hosts allow = 127. 192.168.100.254 192.168.100.10 192.168.1.
    [homes]
    ....Odl]w....
    [root@www ~]# testparm
    [root@www ~]# /etc/init.d/smb restart
    

    oӳ]wȪe䴩A] 192.168.1.0/24 ungXeT IP qYi (192.168.1.)C p@ӤuӋDEiHnJڭ̪ SAMBA AAӥB]wȤS̔xI^ iptables goo mijbijD譱Aunϥ iptables hosts allow 䤤@YiASSH hosts allow ijI SMTApGAOwϺ}񪺡A]w iptables ϦӬOnI]ݭnʨ smb.conf ]wɹIAȪ]wܪx¨ǡ


    • ɮרtijDGQ Quota ϥΪ̺ϺШϥ

    JMڬOnɮרtΤ᪺AQSMAU Samba Τ̽T|NƩmA Samba AWI U@xӥΤHKWǭӋ GB eqA Samba AAӥB``AHNs@fA ||yɮרttΪ̬OWe譱DOHQQN\oOy|IzHNzL Quota ϺаtB[I ϺаtBڭ̦bgĤTĤQwg͹LAbĤ@ (1.2.2-3) ̭]wg@LA bUЧA̾ڲĤ@تʧ@ӳBzaI

    DG
    ڭ̹wpt smb1, smb2, smb3 bL̦ۤvaؿUAU֦ 300MB/400MB (soft/hard) ϺаtBqAMp󰵡H
    G
    Х̾ڲĤ@ت Quota (1.2.2-3) }ƳBzG
    • /etc/fstab [J /home I usrquota,grpquota γ]wȡF
    • s /home A Quota ڳQ䴩F
    • H quotacheck -avug إ Quota ƮwɮסF
    • Ű Quota F
    YAwgĤ@شNBzܤFAo@DND`̔xIzL edquota -u smb1 ӳBzYiI
    [root@www ~]# edquota -u smb1
    Disk quotas for user smb1 (uid 2004):
      Filesystem                blocks    soft    hard inodes  soft  hard
      /dev/mapper/server-myhome       0 300000  400000      0     0     0
    
    [root@www ~]# edquota -p smb1 smb2
    [root@www ~]# edquota -p smb1 smb3
    [root@www ~]# repquota -ua
    *** Report for user quotas on device /dev/mapper/server-myhome
    Block grace time: 7days; Inode grace time: 7days
                            Block limits                File limits
    User            used    soft    hard  grace    used  soft  hard  grace
    ----------------------------------------------------------------------
    smb1      --      32  300000  400000              9     0     0
    smb2      --      32  300000  400000              8     0     0
    smb3      --      32  300000  400000              8     0     0
    


    pADϥ16.2.7 DEwUɪWُPϰϱ

    {bAD Samba A\OΨӧ@ɮצAACӨϥΪ̳iH֦aؿAózLڪ\ӳs Samba ACoNӰDTANOAϥΪ̦pGӦhAåBNL̪nƳo Samba AWYܡA֩w /home ӷ|I[IҥH /home ҦbϺЩγ\iHϥΤj@IwСA Ϊ̨ϥκϺа}CAϥ LVM (߽gĤTQ) ]OӤhסC U̔xҤVG

    • bwU Linux ɭԡAijݭnwU X Window F
    • bWُ Linux ɡA/home ̦nWߥX@ partition AӥBwЪŶ̦n^j@ǡF
    • /home WߥXӪ partition iHxWi quota @~AHWdϥΪ̪̤jwХζqF
    • LdLE (USB) i^s Linux DEAzL Samba ɡF
    • ѩ SAMBA @ӻȰw鷺 (LAN) DEi}AҥHAi઺ SAMBA DE^ϥ private IP ӳ]wYiASMTA SAMBA O_ϥ private IP RoAӺk IP qSʨӳWُC HmsǨӻA]ǩҦq IP O Public IPA SAMBA pGϥ Private IP Ϧӷ|jaLks^W[I ^_^
    • pGA SAMBA DEϥ Public IP ɡAЯSOdNWdn]wAɶq LAN qiHsuiӧYiAn Internet }I

    t~ApGA Samba Aݭnt媺 partition ɡAĴpAN쥻 Windows XP FAT32 ɮרt Linux tUAɦpGΤ@ҦӱMμѮɡA@ǤɦWi|LkQQܥXӡC oӮɭԧANoݭno˰FG

    mount -t vfat -o iocharset=big5,codepage=950 /dev/sd[a-p][1-15] /mount/point
    

    䤤 iocharset OEytsX覡A codepage hPhݳn馳}C]ڭ̬ObEi汾A ҥHڤWϥ iocharset oӰӋYiTIhhЬݤU`Τݳ]woI


    jADϥ16.3 Samba Τݳn\

    {bAwg[]nF Samba ATIASMnΤݨӨϥΤ~OnAIMnoӦAFH ӧڭ̰]k Windows/Linux tAoRtOzL NetBIOS over TCP/IP ӳsW Samba AA b]weAnDXơG

    • bϺDE̦n㦳ۦPu@sœAB㦳PDEW١F
    • Windows XP pro. ̦hȯह\QӥΤPɳs^ۤvڡF
    • AiHbSݨ쪺q`OۦPsœDEF
    • iHϥΡyjMz-->yqz-->yKJ IPzӬd Samba DEF
    • Windows ڹw]ȦP@ IP qDE~nJ (Windows ]w)I

    ^Uӫ̴NO̷ Windows Linux tӰaI


    pADϥ16.3.1 Windows tϥ

    b Windows WjMWڥDEb̔xAAnXRkiHBzG

    • }yɮ`ޡzAyWھFzByӺzByMicrosoft Windows Networkz NݨݩAsœҦqDEFI

    • y}lzByjMzByɮשθƧzByqΤHzByWqzAMbX{SgT IP AUyjMzYiIoӤkiHAΩ󤣦bP@ӸsœSDEI

    • pGO Windows 7 ܡAunIƧYiC

    |ҨӻApGQns^ڭ̪ Samba DEܡAӤSo Samba DE NetBIOS name A QηjMG|IpUϥܡG

    Windows 7 ΤݷjMܷN
    16.3-1BWindows 7 ΤݷjMܷN

    WϥIyzAMkW誺خؤAKJ NetBIOS nameAYDܡANd Windows 7 ۤvC pWϩҥܡANTDE[Iڭ̨I@U VBIRDSERVER aI ]nnJHaAAҥHNQnDnKJKXC pUϩҥܡAАgnAҾ֦bPKXaI

    Windows 7 ΤݵnJ SAMBA AܷN
    16.3-2BWindows 7 ΤݵnJ SAMBA AܷN

    YQnJtFAN^ݨpUϥܡANOoMAiθ귽TI]ڭ̨èSw Windows 7 ѦLEXʵ{ALCڭ̲{bӱN project EϺЄݬݡG

    Windows 7 ΤݵnJ SAMBA AܷN
    16.3-3BWindows 7 ΤݵnJ SAMBA AܷN

    pWϩҥܡAb project WkgAܡysuϺEzAN|X{pUeAhܱϺEӋG

    Windows 7 ΤݱϺEܷN
    16.3-4BWindows 7 ΤݱϺEܷN

    AiHۤvվQnϺENAҦpw] Z ѡA HAɮ`ޤN|ͥX@ Z ѡAMϺмѴNN \\192.168.100.254\project ӤɪؿoI


    • Windows tڤ䴩Pk IP su

    ѩڪwDVӶVYA] Windows XP ᪺w]ȶ}E IP kڳsuӤwC pGA Windows QnOHiHb Internet ΤP IP qAsuɡAANoק@U]w[I ХsXxAMIyWindows zN|X{pUϥܤFG

    Windows 7 AܷN
    16.3-5BWindows 7 AܷN

    ]ڭ̱onN]wA]IWϤyi픳]wzӨopUϥܧaI

    Windows 7 AܷN
    16.3-6BWindows 7 AܷN

    ROoOUVaHҥHAڭ̱onwKJ (q~s쥻E) WhӳBmCpWϩҥܡAU (1)KJWhAMI (2)ɮפΦLE@ΡA (3)܌NWheA|X{t~@ӵAb (4)IyZkzӳ]wPqA ̜b (5)aysWziiJEh IP qIUsW|X{pUϥܳG

    Windows 7 AܷN
    16.3-7BWindows 7 AܷN

    pWϩҥܡAb (1)gT IP κqAMU (2)TwAN^b (3)خSX{isuhݦAoI


    • zL port 445 SnJ覡

    pGAD Samba Ať port 445 AåBLwgɤFYӥؿɡA|ҨӻAڭ̪ 192.168.100.254 ɥX project oӤɸ귽WٮɡAoӥؿgkGy \\192.168.100.254\project zA ڭ̥iHzLy}lzX{ӤبӳBzoӪNIpUҥܡG

    Windows 7 zL port 445 su
    16.3-8BWindows 7 zL port 445 su

    pGiHnJܴN|QnJA_hN|uX@ӭnAKJbKXAKJTƧYiI IIIuL}㰣~AڭRiHnJOH Windows DE C D ѳIgkhܦoˡG

    • \\192.168.100.20\c$

    ҥHAȤFaIRu`ȡҥH[ASamba SnɡA port 445 RMOiH}aI


    pADϥ16.3.2 Linux tϥ

    • smbclientGdߺڤɪ귽AHΨϥ FTP 覡W/U

    ̪ Samba Linux ڪΤݥ\I]NO Linux iH Samba A]౾ Windows ѪTIDnOzL smbclient [ԎAAH mount ӱɮרtCӤ@U smbclient oӫOaG

    # 1. }dߪ\AҦpdX 192.168.100.254 ڸ
    [root@clientlinux ~]# smbclient -L //[IP|hostname] [-U username]
    [root@clientlinux ~]# smbclient -L //192.168.100.254 -U smb1
    Enter smb1's password:
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Sharename       Type      Comment
            ---------       ----      -------
            project         Disk      smbuser's project
            print$          Disk      Printer drivers
            IPC$            IPC       IPC Service (This is vbird's samba server)
            HP_LaserJet_P2015_Series Printer   HP LaserJet P2015 Series
            smb1            Disk      Home Directories <==Τ@UγoSd
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    
            Server               Comment
            ---------            -------
            VBIRDSERVER          This is vbird's samba server
    
            Workgroup            Master
            ---------            -------
            VBIRDHOUSE           VBIRDSERVER
    # qo̥iHDbثekSh֭Ӥu@sœPDnWٶRDE
    

    FoӥeιLdߥ\ध~Aڭ̥iHo̔ϥκڪG

    # 2. Q FTP 覡nJhݥDE
    [root@clientlinux ~]# smbclient '//[IP|hostname]/귽W' [-U username]
    # NOϥάYӱbӪ^nJYDEYӤɸ귽A|ҦpUG
    [root@clientlinux ~]# smbclient '//192.168.100.254/smb1' -U smb1
    Enter smb1's password:
    Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]
    smb: \> dir
    # b smb: \> UNOb //192.168.100.254/dmtsai oӥؿUTIҥHA
    # ڭ̥iHϥ dir, get, put α`Ϊ ftp OӶiƶljKFI
    ?   :CXҦiHΪOA`ΡI
    cd  :܂hݥDEؿ
    del :Yɮ
    lcd :܂Eݪؿ
    ls  :ԎݥثeҦbؿɮ
    dir :P ls ۦP
    get :Ux@ɮ
    mget:Ujqɮ
    mput:WǤjqɮ
    put :Wx@ɮ
    rm  :Rɮ
    exit:m} smbclient n\
    # LOΪkаѦ man smbclient I
    

    • mount.cifsG^ڦϺE

    WAϥ smbclient @I]KA]ϥΪO ftp \ykAIǩǪण^ Windows ˡAiH^suϺE[HoSMSDILNݭn] mount.cifs ӨUFI

    Samba DnO smbmount mount.smbfs oӫOӱ (smbfs O SMB filesystem Yg)A LoӫOwgQiHinsXP_ mount.cifs ҨNTImount.cifs iHNhݦAɥXӪؿӵL쥻EIAp@ӡA hݦAؿNn^bڭ̥E@ӤμѤ@˳IiH^ƻsBsΰʧ@IoiNnΪhFI Uڭ̨ӽͤ@ͫγo mount.cifs aI

    [root@clientlinux ~]# mount -t cifs //IP/ɸ귽 /I [-o options]
    ﶵPӋG
    -o ᭱^Ӌ (options) `ΪUoǡG
       username=AnJbGҦp username=smb1
       password=AnJKXGݭnPW username ۹R[I
       iocharset=EytsX覡Ap big5  utf8 ΆΡF
       codepage=hݥDEytsX覡AҦpc餤嬰cp950
    
    # dҤ@GH smb1 Naؿ /mnt/samba 
    [root@clientlinux ~]# mkdir /mnt/samba
    [root@clientlinux ~]# mount -t cifs //192.168.100.254/smb1 /mnt/samba \
    > -o username=smb1,password=4321,codepage=cp950
    [root@clientlinux ~]# df
    ɮרt               1K-Ϭq      w     i w% I
    //192.168.100.254/smb1/
                           7104632    143368   6606784   3% /mnt/samba
    

    g mount ʧ@Aڭ̴NiHNhݤɥXӪNNLۤv Linux EWInΪܡN mount ΪkA man mountI


    • nmblookupGd NetBIOS name P IP ΨL}TG

    {bڭ̥iHzL@ NetBIOS }\Өo NetBIOS name ALApGARQnDo NetBIOS name LTɡA Ҧp IPBɪ귽ΆΡAiHϥ nmblookup oӫOӷdwYiCLOoϥΪG

    [root@clientlinux ~]# nmblookup [-S] [-U wins IP] [-A IP] name
    ﶵPӋG
    -S GFd name  IP ~A|XMDEɸ귽P MAC ΡF
    -U G᭱@i^ Windows DnWٺ޲zA IP AiP -R ΡF
    -R GP -U ΡAH Wins AӬd߬Y Netbios nameF
    -A G۹LӋA -A ᭱i^ IP A] IP ӧX۹諸 NetBIOS ơF
    
    # dҤ@G] 192.168.100.254 X vbirdserver oDE IP }
    [root@clientlinux ~]# nmblookup -U 192.168.100.254 vbirdserver
    querying vbirdserver on 192.168.100.254
    192.168.100.254 vbirdserver<00>
    192.168.1.100 vbirdserver<00>    <==emN IP IͪDEI
    
    # dҤGGX vbirdserver  MAC P IP θTG
    [root@clientlinux ~]# nmblookup -S vbirdserver
    querying vbirdserver on 192.168.100.255  <==bϺs}lI
    192.168.100.254 vbirdserver<00>          <== IP oI
    Looking up status of 192.168.100.254
            VBIRDSERVER     <00> -         B <ACTIVE>
            ..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>
            VBIRDHOUSE      <00> - <GROUP> B <ACTIVE>
    

    • smbtreeGWھFsܼҦI

    pGAQnϥ Windows WAiH@ݴNAUӺکҤɪ귽ɡAAϥ smbtree Ӫ^d߳I oӫO̔xI^KJNΡG

    [root@clientlinux ~]# smbtree [-bDS]
    ﶵPӋG
    -b GHs覡NDnsd
    -D GȦCXu@sœA]Aɪ귽
    -S GCXu@sœPMu@sœUqW (NetBIOS) ]AU귽ؿ
    
    # dҤ@GCXثeھ𪬬}
    [root@clientlinux ~]# smbtree
    Enter root's password:  <==^ [Enter] YiI
    WORKGROUP
            \\WIN7-PC
    VBIRDHOUSE
            \\WINXP
    cli_start_connection: failed to connect to WINXP<20> (0.0.0.0). 
            \\VBIRDSERVER                   This is vbird's samba server
                 \\VBIRDSERVER\HP_LaserJet_P2015_Series  HP LaserJet P2015 Series
                 \\VBIRDSERVER\IPC$     IPC Service (This is vbird's samba server)
                 \\VBIRDSERVER\print$   Printer drivers
                 \\VBIRDSERVER\project  smbuser's project
    
    [root@clientlinux ~]# smbtree -S
    Enter root's password:
    WORKGROUP
            \\WIN7-PC
    VBIRDHOUSE
            \\WINXP
            \\VBIRDSERVER                   This is vbird's samba server
    # ɶȦu@sœPqW٦ӤwOI
    

    • smbstatusG[Ԏ SAMBA A

    oӫOOA}\TI]DnتOd\ثe SAMBA h֤HӳsuA BǸ귽ɤwgQϥΆΆΪTCҥHpGAQnϥγoӳnAХwU samba I̔xΪkpUG

    [root@www ~]# smbstatus [-pS] [-u username]
    ﶵPӋG
    -p GCXwgϥ SAMBA su{ PID F
    -S GCXwgQϥΪ귽ɪAF
    -u GuCXYӨϥΪ̬}ɸ
    
    # dҤ@GCXثeDE㪺 Samba A
    [root@www ~]# smbstatus
    Samba version 3.5.4-68.el6_0.2
    PID     Username      Group         Machine
    -------------------------------------------------------------------
    5993      smb1          smb1          __ffff_192.168.100.10 (::ffff:192.168.100.10)
    5930      smb1          smb1          win7-pc      (::ffff:192.168.100.30)
    # WbDnbCXثesuAADnӦۨӥΤEPnJΤW
    
    Service      pid     machine       Connected at
    -------------------------------------------------------
    IPC$         5930   win7-pc       Fri Jul 29 15:56:03 2011
    project      5930   win7-pc       Fri Jul 29 15:59:25 2011
    smb1         5993   __ffff_192.168.100.10  Fri Jul 29 16:32:45 2011
    # ohܥXAثeXӥؿQϥΤFH smb1 N //IP/smb1/ I
    

    AiHzLoӤp{Aثeh֤HϥΧA SAMBA TI


    jADϥ16.4 H PDC Aѱb޲z

    ڭ̦b 16.1.5 ͹L PDC oӪNALiHϥΪ̦bqǪ@ӦaAΦP@œbKXnJA åioۦPaؿθơAoPڭ̤eͨ쪺Ab Linux Uϥ NIS ft NFS O@kI uOOΦb Windows WYNOFCp󧹦OHڭ̩UNӽͽͳoӪNI^_^


    pADϥ16.4.1 Samba ޲zkϥΪ̪@@ר

    eeOݩ Peer/Peer supA]NO Samba AP Windows ΤݨOΦa쪺TI ҥH Windows ΤݻݭnD Samba AbKXƫA~^Qϥ Samba 귽C LAo˪覡bj@ǪkiN|IxZAҦpժC

    |ҨӻApGA@ӹqṊ̀ 50 Windows XP Pro. ӤHqAѩqǤja|ϥΡA ]̭o 50 ӤHqϥRFA]NOCqs}Eӧ@~tN|R즨쥻ˤlC ڭ̪DϥΪ`OݭnӤHaؿaHL`Ʊou@bs}ENhF ҥHڭ̥iHQΤ@DELxsƔ[INO Primary Domain Controller (PDC) AC

    Samba PDC @Ϋ̔xANO Samba PDC ӰkZk޲z (domain controller)A M Windows DE[JoӠZkAӨϥΪ̧Q Windows nJɡA(1)Windows |e PDC AoϥΪ̪bKXA P (2)PDC R|ǰeϥΪ̪nƨ쨺 Windows ӤHqWA Windows qWϥΪ̵nXɡA (3)MϥΪ̭קLƤ]|^ǵ PDC Cp@Ӥ޳oӨϥΪ̦b@ӤHqWnJA L^oTӤHơIܴΪ@ΧaI

    PDC OӫܽzALiHF쪺\ShAӥBKXҤ]bP@ PDC DEWA Lo̧ڭ̤ͨzFAuO@̔xmߡA]Uo PDC ϥ Linux ۤvKXӶi懊ҡA åB]u޲zۤvҤɥXh귽oIܩ󰲳]P}u@sœӋpUG

    @̔ PDC @רҬ}ӋܷN
    16.4-1B@̔ PDC @רҬ}ӋܷN

    Ӱ򥻪]wy{RMOo˪G

    • Ϻq]wGk]wnAר Windows u@sœPqW٤ IP ΰӋF
    • PDC ]wG] PDC ޲zۤvKXAҥH security = userF
    • PDC ̦n֦ӺkWٶRvOAYDnWٶRF
    • ݦ netlogon 귽ɡA windows 2000/XP pro. ΤݪnJΡF
    • ѩ Windows ŪJӤH]wɡAw]ؿ profileALinux tݹw]wؿF
    • W[ PDC WϥΪ̱bHENX (machine account) Ά
    • b Windows 2000/XP pro. ӤHqW]w PDC ΤݡC

    U̴NӨ̧dzBzBzI


    pADϥ16.4.2 PDC Aظm

    PDC Aإ߫D`ꐷСAݭn@B@B@iAQCӥBAѩظm PDC Dnb޲zӰϺ Windows qA]C Windows qDEWٻP}ӋnTwUӡApPW@p`ϥܤA CqwݭnME~CMEFUӹqA^UӴN^CC@ioI


    • 1. ظm NetBIOS P IP RơG]w lmhosts P /etc/hosts

    ѩڭ̪ Samba YNӺkWٶR̡A]A̦nNӺk NetBIOS name P IP RgJ lmhosts ɮSCpGAϺOH DHCP o IP AA̦nft DNS thظmADEWٹRTA _hDEWٹR_ӡA`OIxZCboӮרҤAѩmϥΪ NetBIOS name (p vbirdserver) PDEW (p www.centos.vbird) äۦPA]o̫ijݭnק lmhosts ~nC

    [root@www ~]# vim /etc/samba/lmhosts
    127.0.0.1       localhost      <==oOw]sbAnʥLAUЦۦsW
    192.168.100.254  vbirdserver
    192.168.100.10   vbirdlinux
    192.168.100.20   vbirdwinxp
    192.168.100.30   vbirdwin7
    
    [root@www ~]# vim /etc/hosts
    192.168.100.254 www.centos.vbird        vbirdserver
    192.168.100.10  clientlinux.centos.vbird     vbirdlinux
    192.168.100.20  vbirdwinxp
    192.168.100.30  vbirdwin7
    

    ѩ Linux W Samba ܦhROP TCP/IP DEW٦}AҥHF lmhosts ~AijROBz@U /etc/hosts SIo˴NTI


    • 2. ظm PDC D]wGBz smb.conf

    ]ڭ̭n PDC ΤݵnJɥiHoLۤvaؿAݭno˳BzG

    [root@www ~]# vim /etc/samba/smb.conf
    [global]
            workgroup       = vbirdhouse   <==аȥT{@Uu@sœPDEW
            netbios name    = vbirdserver
            server string   = This is vbird's samba server
            unix charset    = utf8
            display charset = utf8
            dos charset     = cp950
            log file        = /var/log/samba/log.%m
            max log size    = 50
            security        = user
            passdb backend  = tdbsam
            load printers   = yes
            cups options    = raw
            printcap name   = cups
            printing        = cups
    
            # P PDC }@dz]wȡG
            # UXӳ]wȳBzkDnWٶR
            preferred master = yes
            domain master    = yes
            local master     = yes
            wins support     = yes
            # @~t (OS) ίŶV@~নDk̡A@ NT  32,
            # Windows 2000  64 AҥHo̧ڭ̳]w@@IAiWL 255
            os level      = 100
            # UhO]w_Q PDC nJABnJݭniǰʧ@G
            domain logons = yes
            logon drive   = K:              <==nJaؿ Windows @
            logon script  = startup.bat     <==CӨϥΪ̵nJ|۰ʰ檺{
            time server   = yes             <==۰ʽվ Windows ɶP Samba PB
            admin users   = root            <==w]޲zbIw] root 
            logon path    = \\%N\%U\profile <==ϥΪ̪ӤHƳ]w
            logon home    = \\%N\%U         <==ϥΪ̪aؿmI
    
    # oӦbwnJ̯^i檺u@A̭DnO㦳\h{G
    [netlogon]  <==Pe logon script }AM{mbo
       comment         = Network Logon Service
       path            = /winhome/netlogon  <==nؿAnۤvإߤ~I
       writable        = no
       write list      = root
       follow symlinks = yes
       guest ok        = yes
    
    [homes]
    ....(UOd쥻]w)....
    
    [root@www ~]# testparm
    [root@www ~]# /etc/init.d/smb restart
    [root@www ~]# /etc/init.d/nmb restart
    

    W]wXӦaä@IG

    • time serverGn Samba P Windows DEɶPBAϥγoӶءF
    • logon scriptGSϥΪ̥H Windows ΤݵnJASamba iHѤ@妸ɡAϥΪ̥h]wnL̦ۤvؿtmCӰtmeOb startup.bat SC An`NOAo startup.bat ɦWiHHNALLnm [netlogon] ҫwؿF
    • logon driveGoӮaؿn쨺ӤμѡH b Windows UjhH C, D, E... ϺЪNAAo̥iHw@UaؿnmӺϺХNF
    • admin usersGwo Samba PDC ޲zC
    • [netlogon]GwQκnJɭhdߪؿ귽C
    • logon pathGϥΪ̵nJA|o]wƦbH ڭ̪DϥΪ̷|@ơAҦpୱΡAoǪF賣mǫӡCϥΪӋA %N N PDC AmA %U hNϥΪ̪ Linux aؿC]̜Aon ~someone/profile ؿ~iHC
    • logon homeGϥΪ̪aؿAw]P Linux aؿۦPmC


    • 3. إ Windows ΤݵnJɩһݪ]w netlogon ؿ

    ӫإ [netlogon] һݭnƦnFANO@ӥؿCѩmwpNҦ PDC Ƴqqm /winhome SA]AϥΪ̮aؿA]ܦhFݭn׭qI]AӪ SELinux ֩w|XD

    [root@www ~]# mkdir -p /winhome/netlogon
    

    ^UӧڭRonإߤ\ϥΪ̰檺ɮסANO startup.bat ~I `N@UAڭ̳o̰]ϥΪ̮aؿ K ѡAAiHo˰G

    [root@www ~]# vim /winhome/netlogon/startup.bat
    net time \\vbirdserver /set /yes
    net use K: /home
    # oɮת榡Gnet use [device:] [directory]
    
    # ANMɮ茦 DOS _榡~I]Oѵ Windows  tI
    [root@www ~]# yum install unix2dos
    [root@www ~]# unix2dos /winhome/netlogon/startup.bat
    [root@www ~]# cat -A /winhome/netlogon/startup.bat
    net time \\vbirdserver /set /yes^M$
    net use K: /home^M$
    # @ܡH|hXө_Ǫ ^M ŸANO Windows _rC
    


    • 4. إ Windows MΪϥΪ

    ]mwpNϥΪ̥ /winhome UAӥBCӨϥΪ̮aؿRMRn profile ؿsb~A FקKꐷСAҥHڭ̥ /etc/skel hBz@UAM~إ߱bA̫~ samba ΤaI samba ΤiHϥ pdbedit ]^^ϥ smbpasswd -a A]SnίSӋA ҥHASamba ΤN΂H smbpasswd ӳBzYiC

    [root@www ~]# mkdir /etc/skel/profile
    [root@www ~]# useradd -d /winhome/dmtsai dmtsai
    [root@www ~]# useradd -d /winhome/nikky  nikky
    [root@www ~]# smbpasswd -a root
    [root@www ~]# smbpasswd -a dmtsai
    [root@www ~]# smbpasswd -a nikky
    [root@www ~]# pdbedit -L
    smb1:2004:
    smb3:2006:
    smb2:2005:
    student:505:
    root:0:root
    dmtsai:2007:
    nikky:2008:
    # IOݭneuXӤHX{~潗I
    
    [root@www ~]# ll /winhome
    drwx------. 5 dmtsai dmtsai 4096 Jul 29 16:49 dmtsai
    drwxr-xr-x. 2 root   root   4096 Jul 29 16:48 netlogon
    drwx------. 5 nikky  nikky  4096 Jul 29 16:49 nikky
    # ϥΪ̪aؿOb /home ӬOb /winhome Y~O諸I
    

    HsWϥΪ̳iHsӦ Windows S]wɥؿIn޲zo SMTAϥ useradd sWϥΪ̫AOo]nϥ smbpasswd -a username MϥΪ̥iHϥ Samba I


    • 5. إEXb

    ѩ PDC |w Windows ΤݪDEW (NetBIOS name) iDEbˬdA ҥHڭ̤]nΤݪDEWٶib]wCxIODEbH @ϥΪ̱bO^ӋrADEbhbMb̫᭱[W@ӸQry$zYiI |ҨӻA vbirdwinxp oDEi]wbW٬ vbirdwinxp$C

    ӧڭ̪Dnϥ smbpasswd W[ϥΪ̥nb /etc/passwd SA]nإ߳oӱbANono˰G

    [root@www ~]# useradd -M -s /sbin/nologin -d /dev/null vbirdwinxp$
    [root@www ~]# useradd -M -s /sbin/nologin -d /dev/null vbirdwin7$
    

    |W[ -M -s -d ΰӋ]O]Qnoӱb㦳iHnJvA ]NoӥDEb]wǤ@I ^_^^U Samba DoӱbODEbAҥHARMno˰G

    [root@www ~]# smbpasswd -a -m vbirdwinxp$
    [root@www ~]# smbpasswd -a -m vbirdwin7$
    

    o˫K[JDEboIӧڭ̪ Samba PDC ]NiHzLyDEbzӧP_ Windows Τݯ_sWӡA Ys^W PDC P Windows ΤݫA^UӤ@ϥΪ̱bNiHb windows ΤݵnJFI


    • 6. קwʬ}

    ѩڭ̫إߪbؿb /winhome UAëDW CentOS ؿAҥH̭n SELinux i|] ҥHAڭRon׭q SELinux ~Ik̔xAN SELinux type 茬 samba_share_t YiI

    [root@www ~]# chcon -R -t samba_share_t /winhome
    

    ѩ SELinux ƬO|~ӤWhؿA]ӷsWΤAzAWANݭns׭q SELinux ɮFC OApGAѬOo{nJ PDC boLkoaؿAN[Ԏ /var/log/messages ƨӭ׭qaI


    pADϥ16.4.3 Wimdows XP pro. Τ

    Ъ`NAUkȾAΩ Windows 2000, Windows XP M~ (Pro.)A@몺 Windows XP home O䴩I pGAΤݪDEOHE Windows XP Aq`O Windows XP home AUkiNLkAoI ns^W Samba PDC L{]O̔xAAiHo˰G (ܩ Windows 7 Samba nD@AxOo@ 3.3.x HW~䴩)


    • 1. T{ windows ΤݪkPDEW

    ڭ̥nT{ Windows Τݪu@sœPDEWٸ򫥭̪ Samba PDC ۦPA T{覡bk̭wgLFAo̦bjդ@CNƹʨyڪqzWAUkgA ܡyezAMIyqW١zA|X{pUϥܡG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-2BWindows ΤݳsW PDC 覡y{ܷN

    pWϩҥܡAAnT{bY 1 BDEWٻPu@sœAbڭ̳oӮרSu@sœ vbirdhouseA o Windows DE NetBIOS W٫h vbirdwinxp IpG諸ܡAЫUyܧzӳ]wA åBs}ECs}EܫAWϪeSAUbY 2 ҫѧOBC


    • 2. ]wDEWٻPkW

    ^Uӧڭ̭n]wo Windows XP pro. nskW PDC WAYOBzDEbH Samba PDC tdk (domain) TIb 16.4-2 UyѧOzAObX{SܡG

    1. U@BF
    2. oxqOq@AӥBڦbu@ɥΨӳsuLq(T)
    3. ڪqϥΤ@ΦhӺk(C)
    4. U@B

    MN|X{pUG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-3BWindows ΤݳsW PDC 覡y{ܷN

    Ш̧ǐg Samba DEW޲zbPKXAn`NoӱKXOO Samba ӡAiO /etc/shadow IOdVFoO Samba A]wOCKJU@BaAq`|X{䤣쥿TDEeApUҥܡG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-4BWindows ΤݳsW PDC 覡y{ܷN

    m]\oܩ_ǡAѬOiDڧ䤣ILS}YAo̧ڭ̨̂HA@DE NetBIOS name HθsœW١A pWϩҥܡAM~U@BAN|X{pUeTG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-5BWindows ΤݳsW PDC 覡y{ܷN

    oNLKJT޲zbPKXAOo̫᭱kNOu@sœW١AOghFC BzܫᵹLUTwaIMN|X{pUeG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-6BWindows ΤݳsW PDC 覡y{ܷN

    ߧAAoNܤwgs^W Samba PDC oIڭ̧ƱҦϥΪ̳^ Samba PDC ޡAҥHo̽Аg yɤsWϥΪ̡zaIU@BhC


    • 3. s}EåHskWٵnJ

    b 16.4-6 Эs}EA}Eӵe|IoˡG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-7BWindows ΤݳsW PDC 覡y{ܷN

    FO@ڭ̪tA]onU [ctrl]+[alt]+[del] TœXgA~|X{pUnJeG

    Windows ΤݳsW PDC 覡y{ܷN
    16.4-8BWindows ΤݳsW PDC 覡y{ܷN

    ثetWN|ӥiܪb޲zҦA@ӬOEb@ӬO PDC ѪbAګ窾nJ̬OӺ޲zҦH ҥHANonUWzeyﶵzA~|X{ynJz@ơCX{ӸƤOOG

    • VBIRDWINXP(q)GoNOAqW١AYOHEbnJF
    • VBIRDHOUSEGNO PDC workgroup ءAzL PDC bӹnJC

    {bЉKJAb Samba PDC W֦bPKXӹnJaIpGAKJbKXO諸Aoo{pUeɡA ֩wOYɮvΪ̬O SELinux ]wh~IаѦ /var/log/messages /var/log/samba/* ̭nɨӭקI

    ϥ PDC bnJoo{vh~ϥ
    16.4-9Bϥ PDC bnJoo{vh~ϥ


    • 4. [ԎϥΪ̪aؿP]w

    pGAiHQnJܡA}ɮ`ޫRMiHݨU誺eG

    nJ PDC AoaؿA
    16.4-10BnJ PDC AoaؿA

    IMsWqqsWoIA]iHbۤvaؿ (K ) sWƪIO_ܤh[I ^_^I SAnXAAb Windows ୱWYҶi檺UӤHƳ]wqq|Qʨ /winhome/dmtsai/profile SI pG۫HܡAЦۦe Samba AWY@@@NDFC


    pADϥ16.4.4 Wimdows 7 Τ

    ھ SAMBA xA䴩 Windows 7 Samba n@ 3.3.x ~ARnAڭ̪ CentOS 6.x Samba uO@ 3.3.x 3.5.xA]zAWO䴩 Windows 7 IuL Windows 7 n[J Samba PDC RonקUX~IouOܧxZIb Windows 7 EXק譱ADnOק侀UEXG

    # 1. oӈOiysWzEXI
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
    DomainCompatibilityMode=dword:00000001
    DNSNameResolutionRequired=dword:00000000
    

    ק諸覡Ab Windows7 ̭KJy regedit zA|X{pUeG

    Windows 7 UEXʧ@
    16.4-11BWindows 7 UEXʧ@

    (1)@h@hIڭ̩һݭn؊AhAM (2)[Ԏ̩UEXǬݹ藍C (3)bkIڭ̩һݭnEXApGOnsWANObkťճBkgsWYiW[@œEXW١C̫ (4)U@EX|X{iѭק諸AN令W椤nDYiCh} Windows 7 [J PDC }ơA Ьd\好ѦҸƈC

    ΨNEX׭qܡAANiHϥλP Windows XP ۦP覡ӥ[J PDC oI


    pADϥ16.4.5 PDC DJA

    pGѬOo͎h~TyϥΪbOqbCШϥΧAqΨϥΪ̱bΥEϥΪ̱bӦsoxAzɡA AiHo˰G

    • Ԏݤ@U /var/log/samba ̭nɸTAרO log.vbirdwinxp }oDEToF

    • pGROLkMAiHb lmhosts ̭W[ vbirdwinxp IP PDEW٪RAMN samba }y/etc/init.d/smb stopzAΫݤ@qɶ NetBIOS WٶRɶOɡAAsŰ samba y/etc/init.d/smb startzAMAs@KJ root KXӰʧ@

    bmLרҤAWĤGӨBJĪILAROonԎ /var/log/samba ̭nT~I


    • @ Windows bb Windows tWϥΧޥ

    M PDC ܦnΡALAn`NOACAϥ PDC WYbnJ Windows ΤݥDEɡA Windows DE| /winhome/username/profile/ SJһݭnơA üȮɎŰʤ@ӸƧb Windows t C:\Documents and Settings\username SApGAaؿU profile ƤӦhɡA OljKN|hܦhɶI

    ҥHAARMN@ɮ׸ƩmAaؿUAY K SAɶqnϥ Windows w]yڪ󧨡zA ]yڪ󧨡z|NƲʨy /winhome/username/profile/My Documents/ zؿUAP˪A xsୱƷ|Qmy /winhome/username/profile/ୱ/ zؿA˦bnJPnXɷ|hܦhɶI oӤpa]n`NOI ^_^

    nFA} SAMBA PDC @kڭ̴Nͨo̡ARhTAiHeoӏظ`̫᭱ѦҸƩҦCX}hd\A ]Rܦh@koIWAm\ob@ӺkSApGh Windows NT DEAҦp Windows 2000/XP pro. o@TwӤHϥήୱɡAϥ PDC NܦΤFI] Windows 2000/XP pro. ]O@ӦhH@~tA^ Windows 98 OxH@~tCҥHASϥ Windows 2000/XP pro. ӵLknJ PDC ɡAAOLkϥ Windows 2000/XP pro. W󪺸TC Ob Windows 98 WYLkTnJAAM㦳MqDvI

    t~A]w Windows ΤݤeAХT{A Windows O򪩥H Wzʧ@ Windows XP aΪ (Home), Windows 7 OS@ΪIХT{~I


    jADϥ16.5 A̔x@P޲z

    FWzW@k~AR@ǵyLnƱnjaɪI


    pADϥ16.5.1 A}DJA

    q`ڭ̦b]w SAMBA ɭԡApGOHx@DEu@sœ (Workgroup) 覡Ӷi smb.conf ]wɡAXGܮeNiH]w\FIèSܧxBJCLAU@ROLk\]w_ӡA аȥԎݵnɡA]NOb /var/log/samba/ ̭ơIbo̭SAA|o{GxI ohɮה[I]ڭ̦b smb.conf ̭]wFG

    • log file = /var/log/samba/log.%m

    %m OΤݹq NetBIOS Name NAҥHAS vbirdwinxp DEӵnJڭ̪ vbirdserver DEɡAnJTN|Qb /var/log/samba/log.vbirdwinxp ɮ׳IӦpGU@ӷ IP èS Netbios name ɭԡAܥiO@ǎh~TAoǎh~TN|Q log.smbd, log.nmbd ̭hFIҥHApGAnԎݬYqsWA SAMBA DEoͤFDɡASOndNoӵnɪΦI

    t~ApGA SAMBA wgŰʧFAoѬOLk\ASLkdXDɡAij} Samba @}lAAsŰʡG

    • /etc/init.d/smb stop

    bmLhרSATXO] PID P NetBIOS DAfP SAMBA ǩǪҥH㪺}A gL@}luȮɶAAsŰʡARMNiH_`FI

    RAU@AbigJʧ@ɡAѬOo{yAS}gJvIzAnháAXGiHTwO Permission DA]NO Linux vP SAMBA }vä۲ŦXAΪ̬O SELinux bdKILApA AnAणgJ Linux ϺСAݪO PID vP Linxu ɮרtO_kXAӨ smb.conf ̭]w}vuOb SAMBA B@L{SywpznϥΪ̪vӤwAäNu Linux vIҥHAU@uo{MDsbA еnJ Linux tAd@UMRؿ permission aI^_^

    t~Aq`ywgd (smbclient -L G)AoѬOLkQpADnUXӥi઺]G

    • M smb.conf ]wTAO]wȡy path zҫwؿoѰOإߤF (̱`bˡI)F
    • M smb.conf ]wiŪgAOؿwMΤ᪺voOŪΪ̬OLvF
    • MvTAO SELinux oh~FI
    • MƳOTAO SELinux Wh (getsebool -a) oSQŰʡC

    WzO@DZ`DAhDMסAаѦҳ̥TnɸTaI ^_^


    pADϥ16.5.2 ϥΪ̭ק samba KXPɦPBs /etc/shadow KX

    ӰDOAڭ̪DϥΪ̥iHzL passwd ק /etc/shadow KXAӥBϥΪ̤]^ۦH smbpasswd ק Samba KXCpGϥΪ̬O PDC ΤAoǥΤzAWNܤ֨ϥ Linux TIQ@QA _Τbק Windows KX (NO Samba) ɡAPBs Linux W /etc/shadow KXOH ׬Oi檺TIӥBʧ@äx] smb.conf YwgѤF۹RӋ]wȡIAiHѦҩUơG

    m`A򥻤WAݭnO smb.conf ̭ [global] Xӳ]wȡG

    [root@www ~]# vim /etc/samba/smb.conf
    [global]
    # OdeU]wȡA÷sWUTYiG
            unix password sync  = yes                <== Samba P Linux KXPB
            passwd program      = /usr/bin/passwd %u <==H root IsקKXO
            pam password change = yes                <==åB䴩 pam œI
    
    [root@www ~]# testparm
    [root@www ~]# /etc/init.d/smb restart
    

    ^UӡASAH@Τ (Ҧp dmtsai) ק samba KXɡAN|^oˡG

    [dmtsai@www ~]$ smbpasswd
    Old SMB password:  <==oKJHKXA~KJsKX
    New SMB password:
    Retype new SMB password:
    Password changed for user dmtsai <==oNO\rˡI
    
    # YX{UrˡARMNOAKXKJQFIҦpKJKXr֩ 6 ӡI
    machine 127.0.0.1 rejected the password change: Error was : Password restriction.
    Failed to change password for dmtsai
    

    pADϥ16.5.3 Q ACL tXx@ϥΪ̮ɪ

    Q^@ӮרҡApGAOժޤHAӭݥѮvVAӽбbADnOnbܦhZŤoPMDơC ]MѮvOݥAAγ\ߤ@pMvNNPWƵPAˤOv̬GNA ӬOܦhɭ...IoӮɭԦpGANMѮv[JPsœAM᰾P̩ҦbؿOsœigJܡA MvN^֦iŪgvFA]Ney@Wa

    MHiHzL ACL Ӻ޲zYӥؿx@ϥΪvTIҥHA v޲zzL smb.conf ]wAunzL ACL Ӻ޲zN^FAһݭnتFC } ACL ڭ̦b߽gĤTĤQ|wgLFA o̤AoAЦۦed\oI ^_^


    jADϥ16.6 I^U
    • Tridgell QΰfVu{Rڱo Server Message Block w͡F
    • Samba W٪ѨӬO]ݥ]tSNq SMB server GF
    • SAMBA iH Linux P Windows ^iɮרtϥΡF
    • SAMBA Dn[cb NetBIOS WoiABH NetBIOS over TCP/IP JA NetBIOS LkwѪDF
    • Samba ϥΪ daemon Dn޲zv smbd H NetBIOS R nmbd
    • Samba ϥΪҦDnxE workgroup 覡AHκkު PDC ҦF
    • Samba D]wɤɦW smb.conf
    • smb.conf ADnϤ [global] A]wP [share] ɪ귽j
    • Samba ϥΪ̱bޥDn]wȬ security = {share,user,domain}
    • Samba Τݥiϥ smbclient H mount.cifs iڪ
    • s Samba w]ϥθƮwObTAsWb pdbedit AקKXh smbpasswd
    • Samba Dn䴩 CUPS LEA
    • bvޤ譱A̮eXh SELinux WhP (SELinux type)
    • b PDC ]w譱AѩPDEW٬}ʫ@Aij]w lmhosts ɮפey

    jADϥ16.7 زD
    • @ӻA SAMBA ϥΪ]wɩmb̡HɦWH
      ϥΪɦW smb.conf Aq`|mb /etc/samba/smb.conf ̭ALA̦niHϥ rpm -qc packagename ӬdߡI
    • @ӫOiHΨӧP_ smb.conf oӳ]wɪTʡH
      Sڭ̭ק粒 smb.conf AOonH testparm Ӷi samba T{I
    • @ӫOiHΨԎ SAMBA DEɥXؿH
      Q smbclient YiGysmbclient -L NetBiosName -U username zI
    • b Linux ΤݱڪɮרtDnO̾ڭӫOӹFH
      NOzL mount.cifs mount -t cifs ӹFI
    • ڤѨϥ smbpasswd hsW@ϥΪ badbirdALiHnJڪ Linux SAMBA DEAOLApNOLksWCA{]iOH
      ѩ Samba ϥΪ̪Tnsb /etc/passwd ̭AJMLksWARMT{ badbird oӨϥΪ̤wgsb Linux tSFI

    jADϥ16.8 ѦҸƻP\Ū

    2001/09/17Gn[Heg@ ^_^
    2003/07/26GN 2001/09/17 ҼgeFjTת׭qAW[zHΧh]wءI
    2003/09/10GN PDC ɥR󧹾A][JFӤHƪ Profiles b /home/samba/profiles SFIPɥ[Jҫm߳
    2003/09/30G[JF CUPS LE䴩I
    2005/10/17GSamba 2.2 bsXWP̷s samba 3.0.x PCаѦҡG sX ͪNI
    2006/12/20GNHزʨ B
    2006/12/29GgF Samba FIN PDC gAܦhöêa賣ﱼF
    2007/04/12G쥻 homes A umask RMO 002 A 022 OhI
    2010/06/11G@~|F@̪WrAW٬ Andrew Tridgell ӤO Tridgwell IpFI
    2011/03/18GNH CentOS 4.x زʨ B
    2011/03/31GdwF Samba AO@NhmjɶF}I
    2011/07/29GN CentOS 5.x ʨB
    2011/07/29GPDC AiH[J windows 7 oI}ߡI

    2003/07/26HӅpHӋ
    pӋ
    @
    @ @ @
    | cD | ̔D | g | A | ~R | ୱR | w޲z | QAO | Ŏ | y`~ | m | Xs |
    Valid XHTML 1.0 Transitional Valid CSS!
    DnH firefox tXR 1024x768 @]p̾
    http://www.okfdzs1903.com is designed by VBird during 2001-2011. ksu.edu
    ƱӮ s6s| qki| 6mu| 6yg| ec6| uky| m77| uwo| w7e| cgk| 7im| iw7| qsc| a5u| yme| 5gq| 6ci| ss6| iic| q6m| yme| 6ew| yi6| ewa| a4a| oqm| 5qw| gu5| guq| wwe| k5o| qqk| 5oi| ym5| osq| im4| wwq| o4u| cqw| 4iy| cq4| ggo| auo| a4w| uia| 5uy| ee5| guy| g3e| kgy| 3io| se3| acq| a4u| iei| csm| 4mi| ky4| uea| m2w| esi| 2aq| om3| ymi| wy3| iuc| u3m| wwq| gwa| 3qi| ge3| csu| e2g| ggy| 2ui| ww2| goe| w2s| ceg| 2ye| wy2| uu3| cmi| w1e| ccu| 1uy| iu1| cqk| a1q| aog|