个人随笔,
需求:
1、hr和shouhou两个部门,部门之间不可访问
2、hr shouhou 部门组成员可读写
3、各用户目录,只有本人可访问
4、public全员可读写
5、readonly全员可读,不可写
安装
docker run -dit -p 139:139 \
-p 445:445 \
--restart always \
--name samba \
-v /usr/local/docker_samba:/data \
--privileged centos7_ssh:latest /usr/sbin/init
docker exec -it samba /bin/bash
yum -y install glibc-common langpacks-zh_CN gimp-help-zh_CN.noarch kde-l10n-Chinese glibc-common
yum groupinstall "fonts" -y
localedef -c -f UTF-8 -i zh_CN zh_CN.UFT-8
source /etc/profile
export LANG=zh_CN.uft8
yum install samba passwd -y
useradd shouhou -g shouhou
useradd hr -g hr
useradd hr1 -g hr
useradd hr2 -g hr
useradd shouhou1 -g shouhou
useradd shouhou2 -g shouhou
smbpasswd -a hr1
smbpasswd -a hr2
smbpasswd -a shouhou1
smbpasswd -a shouhou2
/etc/profile
umask 002
配置
vim /etc/samba/smb.conf
vim /etc/samba/smb.conf
[global]
workgroup = WORKGROUP
hosts allow = 192. 127. 172.
[readonly]
path = /data/readonly
read only = yes
public = no
vaild users = @hr,@shouhou
[public]
path = /data/public
read only = no
public = yes
create mode = 0777
directory mode = 0777
vaild users = @hr,@shouhou
write list = @hr,@shouhou
[hr]
path = /data/hr
read only = no
public = no
create mode = 0770
directory mode = 0770
vaild users = @hr
write list = @hr
[hr1]
path = /data/hr1
read only = no
public = no
create mode = 0700
directory mode = 0700
vaild users = hr1
write list = hr1
[hr2]
path = /data/hr2
read only = no
public = no
create mode = 0700
directory mode = 0700
vaild users = hr2
write list = hr2
[shouhou]
path = /data/shouhou
read only = no
public = no
create mode = 0770
directory mode = 0770
vaild users = @shouhou
write list = @shouhou
[shouhou1]
path = /data/shouhou1
read only = no
public = no
create mode = 0700
directory mode = 0700
vaild users = shouhou1
write list = shouhou1
[shouhou2]
path = /data/shouhou2
read only = no
public = no
create mode = 0700
directory mode = 0700
vaild users = shouhou2
write list = shouhou2
目录创建
mkdir -p /data/hr ;chown -R hr. /data/hr
mkdir -p /data/hr1 ;chown -R hr1. /data/hr1 ;chmod 700 -R /data/hr1
mkdir -p /data/hr2 ;chown -R hr2. /data/hr2 ;chmod 700 -R /data/hr2
mkdir -p /data/shouhou ;chown -R shouhou. /data/shouhou
mkdir -p /data/shouhou1 ;chown -R shouhou1. /data/shouhou1 ;chmod 700 -R /data/shouhou1
mkdir -p /data/shouhou2 ;chown -R shouhou2. /data/shouhou2 ;chmod 700 -R /data/shouhou2
mkdir -p /data/public ;chmod 777 -R /data/public/
mkdir -p /data/readonly
开机启动
systemctl restart smb.service
systemctl enable smb.service
手动脚本 - 自建容器时可用到
mkdir -p /run/samba/ncalrpc
[root@19183ce6c6e4 ~]# cat /etc/init.d/smb
#!/bin/sh
#
# smb This shell script takes care of starting and stopping
# the Samba daemons.
#
# Source function library.
#. /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
start)
echo -n "Starting SMB services: "
/usr/sbin/smbd --configfile=/etc/samba/smb.conf
/usr/sbin/nmbd --configfile=/etc/samba/smb.conf
echo
;;
stop)
echo -n "Shutting down SMB services: "
killall smbd
killall nmbd
echo
;;
restart)
$0 stop
$0 start
;;
*)
echo "Usage: smb {start|stop|restart}"
exit 1
esac
exit 0
注:
windows清空samba用户密码信息
cmd中执行 net use * /del /y
C:\Users\Administrator>net use * /del /y
你有以下的远程连接:
\\192.168.0.60\hr1
\\192.168.0.60\shouhou1
\\192.168.0.60\shouhou2
\\192.168.0.60\IPC$
继续运行会取消连接。
命令成功完成。