Samba服务

ftp服务器、 Samba服务器、NFS服务器的区别 :

---->http://bbs.51cto.com/thread-943979-1.html

Samba服务

Samba与Nfs区别:

    nfs主要用于linux--linux之间的共享
    samba:实现数据远端存储

[samba 服务器的安装及调试]

[root@samba Desktop]# yum install samba-client.x86_64 samba-common.x86_64 samba.x86_64 -y #安装软件
[root@samba Desktop]# systemctl start smb #开启服务
[root@samba Desktop]# systemctl stop firewalld.service #关闭火墙
[root@samba Desktop]# getsebool -a | grep samba #查看samba服务状态
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off     #只读
samba_export_all_rw --> off #可读可写
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
[root@samba Desktop]# setsebool -P samba_enable_home_dirs on #允许进入家目录
[root@samba Desktop]# pdbedit -L #列出 samba 用户
[root@samba Desktop]# smbpasswd -a student  #添加samba用户(此用户必须是存在的)
New SMB password:
Retype new SMB password:
Added user student.
[root@samba Desktop]# pdbedit -L
student:1000:Student User
[root@samba Desktop]# pdbedit -x student #删除 samba 用户
测试:
[root@samba Desktop]# smbclient -L //172.25.254.130 -U student
Enter student's password: 
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

    Sharename       Type      Comment
    ---------       ----      -------
    IPC$            IPC       IPC Service (Samba Server Version 4.1.1)
    student         Disk      Home Directories
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

    Server               Comment
    ---------            -------

    Workgroup            Master
    ---------            -------
[root@samba Desktop]# cd /home/student/
[root@samba student]# touch file{1..5}
[root@samba student]# smbclient //172.25.254.130/student -U student  #登陆到student
Enter student's password: 
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
  .                                   D        0  Fri Mar 17 21:40:03 2017
  ..                                  D        0  Thu Jul 10 18:19:09 2014
  .bash_logout                        H       18  Wed Jan 29 07:45:18 2014
  .bash_profile                       H      193  Wed Jan 29 07:45:18 2014
  .bashrc                             H      231  Wed Jan 29 07:45:18 2014
  .ssh                               DH        0  Thu Jul 10 18:19:10 2014
  .config                            DH        0  Thu Jul 10 19:06:53 2014
  file1                               N        0  Fri Mar 17 21:40:03 2017
  file2                               N        0  Fri Mar 17 21:40:03 2017
  file3                               N        0  Fri Mar 17 21:40:03 2017
  file4                               N        0  Fri Mar 17 21:40:03 2017
  file5                               N        0  Fri Mar 17 21:40:03 2017

        40913 blocks of size 262144. 28520 blocks available
smb: \> exit
[root@samba student]# logout
[root@samba ~]# cd /home/student/
[root@samba student]# ls -a
.   .bash_logout   .bashrc  file1  file3  file5
..  .bash_profile  .config  file2  file4  .ssh
[root@samba student]# 

[samba 共享目录]

[root@samba student]# mkdir /linux
[root@samba student]# touch /linux/file{1..5}
[root@samba student]# ls /linux
file1 file2 file3 file4 file5
[root@samba student]# vim /etc/samba/smb.conf #配置文件
…..
workgroup = linux #修改工作组(MYGROUP——>linux)
…..
[linux]
common = local directory linux #共享说明
path = /linux #共享文件路径
…..
[root@samba student]# systemctl restart smb.service

1.共享自建目录

需要修改 selinux 熟悉哦属性,只针对单一的目录
[root@samba student]# ls -Z /linux/
-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file1
-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file2
-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file3
-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file4
-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file5
[root@samba student]# semanage fcontext -a -t public_content_t "/linux(/.*)?" #修改安全上下文
[root@samba student]# restorecon -FvvR /linux/   #刷新安全上下文
[root@localhost student]# ls -Z /linux/
-rw-r--r--. root root system_u:object_r:public_content_t:s0 file1
-rw-r--r--. root root system_u:object_r:public_content_t:s0 file2
-rw-r--r--. root root system_u:object_r:public_content_t:s0 file3
-rw-r--r--. root root system_u:object_r:public_content_t:s0 file4
-rw-r--r--. root root system_u:object_r:public_content_t:s0 file5
[root@localhost student]# 
测试:
[root@samba student]# smbclient //172.25.254.130/linux -U student
Enter student's password: 
Domain=[LINUX] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
  .                                   D        0  Fri Mar 17 22:14:30 2017
  ..                                  D        0  Fri Mar 17 22:14:15 2017
  file1                               N        0  Fri Mar 17 22:14:30 2017
  file2                               N        0  Fri Mar 17 22:14:30 2017
  file3                               N        0  Fri Mar 17 22:14:30 2017
  file4                               N        0  Fri Mar 17 22:14:30 2017
  file5                               N        0  Fri Mar 17 22:14:30 2017

        40913 blocks of size 262144. 28519 blocks available
smb: \> quit
[root@samba student]# 

2.共享系统自建目录时

此方式修改针对所有的目录,一但开放,selinux 不保护目录
[root@samba student]# getsebool -a | grep samba
samba_create_home_dirs –> off
samba_domain_controller –> off
samba_enable_home_dirs –> on
samba_export_all_ro –> off #只读
samba_export_all_rw –> off #可写可读
samba_portmapper –> off
samba_run_unconfined –> off
samba_share_fusefs –> off
samba_share_nfs –> off
sanlock_use_samba –> off
use_samba_home_dirs –> off
virt_sandbox_use_samba –> off
virt_use_samba –> off
[root@samba student]# setsebool -P samba_export_all_rw on #打开读写权限
[root@samba student]# setsebool -P samba_export_all_ro on #打开可读权限 

[匿名用户访问]

[root@samba student]# vim /etc/samba/smb.conf 
123         security = user
124         passdb backend = tdbsam
125         map to guest = bad user     #允许匿名用户访问

    [linux]
            common = local directory linux #共享说明
            path = /linux           #共享文件路径
            guest ok = yes      #允许匿名用户访问
[root@samba student]# systemctl restart smb.service
[root@samba student]# smbclient //172.25.254.130/linux -U student
Enter student's password: 
Domain=[LINUX] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
  .                                   D        0  Fri Mar 17 22:14:30 2017
  ..                                  D        0  Fri Mar 17 22:14:15 2017
  file1                               N        0  Fri Mar 17 22:14:30 2017
  file2                               N        0  Fri Mar 17 22:14:30 2017
  file3                               N        0  Fri Mar 17 22:14:30 2017
  file4                               N        0  Fri Mar 17 22:14:30 2017
  file5                               N        0  Fri Mar 17 22:14:30 2017

        40913 blocks of size 262144. 28505 blocks available
smb: \> quit
[root@samba student]# mount //172.25.254.130/linux /mnt -o username=guest   #挂载
[root@samba student]# df
Filesystem             1K-blocks    Used Available Use% Mounted on
/dev/vdb1               10473900 3176484   7297416  31% /
devtmpfs                  481120       0    481120   0% /dev
tmpfs                     496708      84    496624   1% /dev/shm
tmpfs                     496708   13064    483644   3% /run
tmpfs                     496708       0    496708   0% /sys/fs/cgroup
/dev/sr0                 3947824 3947824         0 100% /run/media/root/RHEL-7.2 Server.x86_64
//172.25.254.130/linux  10473900 3176484   7297416  31% /mnt
[root@samba student]# cd /mnt/
[root@samba mnt]# ls
file1  file2  file3  file4  file5
[root@samba student]# umount /mnt/

[samba 共享目录参数管理]

[root@samba mnt]# vim /etc/samba/smb.conf 
        [linux]
        common = local directory linux
        path = /linux
        guest ok = yes
        writable = yes          #所有用户可写
        write list = tom | +/@tom   #tom | tom组可写   
        valid user = tom        #tom | tom组可登陆
        browseable = no         #是否允许浏览
        admin user = lee        #lee 以超级用户的身份登陆

[root@samba linux]# id student
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)
[root@samba linux]# id tom
uid=1001(tom) gid=1001(tom) groups=1001(tom)
[root@samba linux]# usermod -G tom student #将 student 用户放入 tom 组里
[root@samba linux]# id student
uid=1000(student) gid=1000(student) groups=1000(student),1001(tom)

测试:
错误1:NT_STATUS_NO_SUCH_FILE listing \-fr #系统没有开放权限
错误2rm: cannot remove ‘file1’: Permission denied #文件权限不够

[samba 多用户挂载]

1.保护服务器信息

[root@foundation30 ~]# yum install cifs-utils -y
[root@foundation30 ~]# vim /root/smbpassfile
[root@foundation30 ~]# cat /root/smbpassfile
username=kiosk
password=redhat
[root@foundation30 ~]# mount //172.25.254.130/linux /mnt -o credentialss=/root/smbpassfile,multiuser,sec=ntlmssp   #这样挂载之后,访问的用户需要通过认证
[root@foundation30 ~]# smbpasswd -a kiosk #将 kiosk 加入到samba 用户里面
New SMB password:
Retype new SMB password:
Added user kiosk.
[root@foundation30 ~]# su - kiosk
Last login: Sat Mar 18 08:22:58 CST 2017 on :0
[kiosk@foundation30 ~]cd/mnt
[kiosk@foundation30mnt] ls
ls: reading directory .: Permission denied
[kiosk@foundation30 mnt]$ cifscreds add 172.25.254.130 #认证用户
Password:
[kiosk@foundation30 mnt]$ ls
file2 file3 file4 file5
[kiosk@foundation30 mnt]$

—–END—–

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值