我的环境:
- VirtualBox运行Linux Mint
- VirtualBox有两个网络适配器:
- 适配器1 = NAT(10.0.2.15为enp0s3)
- 适配器2 =仅限主机(192.168.56.101为enp0s8)
- 主机正在运行Windows 10
想要实现:
- 主机应该能够以最小的安全性(没有密码或限制,如果可能)通过Samba(在仅限主机的网络接口上)访问整个VirtualBox HDD
- VirtualBox应该能够访问NAT网络接口上的外部网络/互联网,但是拒绝通过此接口访问任何目录(我认为无论如何都会自动进入NAT)。
VirtualBox的ifconfig:
enp0s3 Link encap:Ethernet HWaddr 08:00:27:8b:1a:a4
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::abf3:b5bf:9f3a:b8c7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:60866 errors:0 dropped:0 overruns:0 frame:0
TX packets:15402 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:70878227 (70.8 MB) TX bytes:1168864 (1.1 MB)
enp0s8 Link encap:Ethernet HWaddr 08:00:27:cd:c9:9a
inet addr:192.168.56.101 Bcast:192.168.56.255 Mask:255.255.255.0
inet6 addr: fe80::b1d2:7dfd:4114:9257/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:161 errors:0 dropped:0 overruns:0 frame:0
TX packets:134 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:21522 (21.5 KB) TX bytes:20314 (20.3 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:407 errors:0 dropped:0 overruns:0 frame:0
TX packets:407 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:44489 (44.4 KB) TX bytes:44489 (44.4 KB)
Samba配置:
[global]
workgroup = WORKGROUP
server string = %h server (Samba, Ubuntu)
dns proxy = no
interfaces = 127.0.0.0/8 enp0s8
bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
server role = standalone server
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
[root]
browseable = yes
path = /
guest ok = yes
read only = no
create mask = 0644
directory mask = 0755
force user = root
writable = yes
valid users = root
admin users = root
public = yes
Samba用户(pdbedit -L -v):
Unix username: root
NT username:
Account Flags: [U ]
User SID: S-1-5-21-2575914641-1571404728-2205854153-1000
Primary Group SID: S-1-5-21-2575914641-1571404728-2205854153-513
Full Name: root
Home Directory: \\mintbox\root
HomeDir Drive:
Logon Script:
Profile Path: \\mintbox\root\profile
Domain: MINTBOX
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 17:06:39 SAST
Kickoff time: Wed, 06 Feb 2036 17:06:39 SAST
Password last set: Wed, 02 Nov 2016 20:40:47 SAST
Password can change: Wed, 02 Nov 2016 20:40:47 SAST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Samba守护程序状态:
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
Loaded: loaded (/etc/init.d/smbd; bad; vendor preset: enabled)
Active: active (running) since Thu 2016-11-03 08:01:06 SAST; 3min 26s ago
Docs: man:systemd-sysv-generator(8)
Process: 24631 ExecStop=/etc/init.d/smbd stop (code=exited, status=0/SUCCESS)
Process: 24645 ExecStart=/etc/init.d/smbd start (code=exited, status=0/SUCCESS)
Tasks: 3 (limit: 512)
CGroup: /system.slice/smbd.service
├─24663 /usr/sbin/smbd -D
├─24664 /usr/sbin/smbd -D
└─24666 /usr/sbin/smbd -D
Nov 03 08:01:06 MintBox systemd[1]: Starting LSB: start Samba SMB/CIFS daemon (smbd)...
Nov 03 08:01:06 MintBox smbd[24645]: * Starting SMB/CIFS daemon smbd
Nov 03 08:01:06 MintBox smbd[24645]: ...done.
Nov 03 08:01:06 MintBox systemd[1]: Started LSB: start Samba SMB/CIFS daemon (smbd).
NMB守护程序状态:
● nmbd.service - LSB: start Samba NetBIOS nameserver (nmbd)
Loaded: loaded (/etc/init.d/nmbd; bad; vendor preset: enabled)
Active: active (running) since Thu 2016-11-03 08:01:14 SAST; 4min 39s ago
Docs: man:systemd-sysv-generator(8)
Process: 24689 ExecStop=/etc/init.d/nmbd stop (code=exited, status=0/SUCCESS)
Process: 24704 ExecStart=/etc/init.d/nmbd start (code=exited, status=0/SUCCESS)
Tasks: 1 (limit: 512)
CGroup: /system.slice/nmbd.service
└─24724 /usr/sbin/nmbd -D
Nov 03 08:01:14 MintBox systemd[1]: Starting LSB: start Samba NetBIOS nameserver (nmbd)...
Nov 03 08:01:14 MintBox nmbd[24704]: * Starting NetBIOS name server nmbd
Nov 03 08:01:14 MintBox nmbd[24704]: ...done.
Nov 03 08:01:14 MintBox systemd[1]: Started LSB: start Samba NetBIOS nameserver (nmbd).
当我尝试从主机(Windows 10)访问VirtualBox共享时,我得到:
Windows无法访问\\ 192.168.56.101
问题:如何配置Samba以允许以最低安全性(如果可能没有密码或限制)完全访问整个HDD(根目录)?