Server | 192.168.1.151 |
Client | 192.168.1.152 |
os | rhel 7.2 |
1、需求
selinux 与 firewalld 默认关闭.
创建 /common目录,该目录只有192.168.1.段的可以浏览。
创建 /app 目录,该目录只有192.168.1.段可以访问,客户端需要用app1用户挂载,但可以用app用户获取读写权限。
2、Server 端配置
# yum -y install samba samba-client
# systemctl enable smb nmb
# vi /etc/samba/smb.conf
[global] workgroup = SAMBA security = user
passdb backend = tdbsam
printing = cups printcap name = cups load printers = yes cups options = raw
[homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes
[printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No
[print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = root create mask = 0664 directory mask = 0775
[common] path = /common browseable = yes hosts allow = 192.168.1.
[app] path = /app browseable = yes hosts allow = 192.168.1. writable = no write list = app |
# mkdir /common
# mkdir /app
# useradd app
# useradd app1
# mbpasswd -a app
# mbpasswd -a app1
# setfacl -m u:app:rwx /app
# systemctl start smb nmb
3、Client 端配置
# yum -y install samba-client cifs-utils
# mkdir /common
# mkdir /app
# smbclient -L //192.168.1.151 -U app
Enter SAMBA\app's password: Domain=[MYSQL-DATA01] OS=[Windows 6.1] Server=[Samba 4.6.2]
Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers common Disk app Disk IPC$ IPC IPC Service (Samba 4.6.2) Domain=[MYSQL-DATA01] OS=[Windows 6.1] Server=[Samba 4.6.2]
Server Comment --------- -------
Workgroup Master --------- ------- 12580 GYK H3C HFW3281 SAMBA MYSQL-DATA01 WORKGROUP 12580-PC |
# vi /etc/fstab
/dev/mapper/rhel-root / xfs defaults 0 0 UUID=85cd26b6-5915-476e-b462-13b389daabe8 /boot xfs defaults 0 0 /dev/mapper/rhel-swap swap swap defaults 0 0 //192.168.1.151/common /common cifs defaults,multiuser,username=app1,password=app1,sec=ntlmssp 0 0 //192.168.1.151/app /app cifs defaults,multiuser,username=app1,password=app1,sec=ntlmssp 0 0 |
# mount -a
# df -h
文件系统 容量 已用 可用 已用% 挂载点 /dev/mapper/rhel-root 18G 1.2G 17G 7% / devtmpfs 1.9G 0 1.9G 0% /dev tmpfs 1.9G 0 1.9G 0% /dev/shm tmpfs 1.9G 8.5M 1.9G 1% /run tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup /dev/sda1 497M 124M 373M 25% /boot tmpfs 380M 0 380M 0% /run/user/0 //192.168.1.151/common 18G 1.3G 17G 8% /common //192.168.1.151/app 18G 1.3G 17G 8% /app |
4、测试
# useradd app
# useradd app1
# su - app1
# cd /common
# ls
# touch 1
touch: 无法创建"1": 权限不够
# exit
# su - app
# cd /app
# touch 1
touch: 无法创建"1": 权限不够
# cifscreds add 192.168.1.151
Password:app
# touch 1
# ls