两个软件对于other用户都添加可写权限
[sambadir]
comment = centos7_vsftpd
path = /var/vsftpd/pub/
read only = No
create mask=0666
directory mask=0777
force create mode = 0222
#这里再加点说明,samba有个默认文件是744,文件夹是755,加上上面的force就成了文件766文件夹777
#文件再与mask相与,文件最终是666
Option | Parameters | Function | Default | Scope |
---|---|---|---|---|
create mask (create mode) | numeric | Maximum permissions for files created by Samba. | 0744 | Share |
directory mask (directory mode) | numeric | Maximum permissions for directories created by Samba. | 0744 | Share |
force create mode | numeric | Forces the specified permissions (bitwise or) for directories created by Samba. | 0000 | Share |
force directory mode | numeric | Forces the specified permissions (bitwise or) for directories created by Samba. | 0000 | Share |
force group (group) | string ( group name) | Effective group for a user accessing this share. | None | Share |
force user | string (username) | Effective username for a user accessing this share. | None | Share |
delete readonly | Boolean | Allows a user to delete a read-only file from a writable directory. | no | Share |
map archive | Boolean | Preserve DOS archive attribute in user execute bit (0100). | yes | Share |
map system | Boolean | Preserve DOS system attribute in group execute bit (0010). | no | Share |
map hidden | Boolean | Preserve DOS hidden attribute in world execute bit (0001). | no | Share |
inherit permissions | Boolean | If yes, permissions on new files and directories are inherited from parent directory. | no | Share |
https://www.samba.org/samba/docs/using_samba/ch08.html
[root@localhost pub]# cat /etc/vsftpd/vuser_conf/admin
local_root=/var/vsftpd/pub/
write_enable=YES
anon_umask=000
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES.
#这里再多说点,这的umask是用来减的
另外,win10若不能验证samba则修改如下
按window+R键输入gpedit.msc 来启动本地组策略编辑器。
依次找到“计算机配置-管理模板-网络-Lanman工作站”这个节点,在右侧内容区可以看到“启用不安全的来宾登录”这一条策略设置。状态是“未配置”。
双击“启用不安全的来宾登录”这一条策略设置,将其状态修改为“已启用”并单击确定按钮。
win10系统下同时按住win+R运行secpol.msc,
在本地安全策略页面依次点击“本地策略”—“安全选项”—“网络安全:LAN管理器身份验证级别”,
双击后更改为仅发送NTLMV2响应,拒绝LM和NTLM(&),点击确定保存。
2022.6.8更新:
LTSC2021据说是新增的bug,修改注册表才行
HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters “AllowInsecureGuestAuth”=dword:1
\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation,将AllowInsecureGuestAuth设置为1