1、在Centos7中搭建php-fpm工作方式的LAMP环境,实现wordpress正常访问
实验环境:
mysql服务器IP:192.168.170.8
php-fpm服务器IP:192.168.170.9
httpd服务器IP:192.168.170.10
二、搭建Lamp
1、mysql服务的搭建
在mysql服务器上执行下面的命令:
[root@mysql ~]# yum install -y mariadb-server
安装完成后,编辑/etc/my.cnf文件,添加常用参数:
[root@mysql ~]# vi /etc/my.cnf
[mysqld]
innodb_file_per_table=ON
skip-name-resolve=ON
保存后启动mariadb服务:
[root@mysql ~]# systemctl start mariadb
[root@mysql ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@mysql ~]# mysql_secure_installation #对mysql数据库进行安全加固
授权test账号:
[root@mysql ~]# mysql -uroot -p123456
MariaDB [(none)]> GRANT ALL ON *.* TO 'test'@'192.168.%.%' IDENTIFIED BY "magedu";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
2、php-fpm服务器的搭建
在php服务器输入下面的命令安装php-fpm:
[root@fpm ~]# yum install -y php-fpm php-mysql php-mbstring php-mcrypt
注意:如果找不到php-mcrypt包,需先安装epel-release:
[root@mysql ~]# yum install epel-release
安装完成后,会生成相关的配置文件,包括:
服务配置文件:/etc/php-fpm.conf,/etc/php-fpm.d/*.conf
php环境配置文件:/etc/php.ini,/etc/php.d/*.ini
[root@fpm php-fpm.d]# vim /etc/php-fpm.d/www.conf
listen = 192.168.170.9:9000 #修改监听的端口和IP
listen.backlog = -1 #后援队列,指最大的等待队列,-1表示无限制;
listen.allowed_clients = 192.168.170.10 #指定允许哪些IP能访问此服务,此处允许httpd服务器访问
user = apache #运行进程的用户
group = apache #运行进程的用户组
pm = dynamic #指定fpm的运行模式
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
pm.status_path = /status
ping.response = pong
ping.path = /ping
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session #此目录不存在,需手动创建,并将属主属组指定为httpd的运行用户
随后创建指定的目录:
[root@fpm php-fpm.d]# mkdir -pv /var/lib/php/session
mkdir: created directory ‘/var/lib/php/session’
[root@fpm php-fpm.d]# chown apache:apache /var/lib/php/session/
最后启动php-fpm服务:
[root@fpm php-fpm.d]# systemctl start php-fpm.service
[root@fpm php-fpm.d]# ss -tnl | grep 9000
LISTEN 0 128 192.168.170.9:9000 *:*
[root@fpm php-fpm.d]# ps aux | grep fpm
root 23953 0.4 1.0 335604 10604 ? Ss 17:18 0:00 php-fpm: master process (/etc/php-fpm.conf)
apache 23955 0.0 0.4 335604 4732 ? S 17:18 0:00 php-fpm: pool www
apache 23956 0.0 0.4 335604 4732 ? S 17:18 0:00 php-fpm: pool www
apache 23957 0.0 0.4 335604 4736 ? S 17:18 0:00 php-fpm: pool www
apache 23958 0.0 0.4 335604 4736 ? S 17:18 0:00 php-fpm: pool www
apache 23959 0.0 0.4 335604 4736 ? S 17:18 0:00 php-fpm: pool www
root 23968 0.0 0.0 112660 976 pts/0 R+ 17:19 0:00 grep --color=auto fpm
3、搭建httpd服务
在httpd服务器上安装httpd服务:
[root@httpd ~]# yum install -y httpd
安装完成后,确认是否加载了模块proxy_fcgi_module:
[root@httpd ~]# httpd -M |grep fcgi
proxy_fcgi_module (shared)
随后编辑创建/etc/httpd/conf.d/fcgi.conf配置文件:
[root@httpd ~]# vim /etc/httpd/conf.d/fcgi.conf
DirectoryIndex index.php #设置默认主页为index.php
ProxyRequests off #关闭正向代理
#将以.php结尾的URL代理转发给fcgi://192.168.109:9000
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.170.9:9000/var/www/html/$1
ProxyPassMatch ^/(ping|status)$ fcgi://192.168.170.9:9000/$1
若是配置虚拟主机的话,可参考下面的配置:
Listen 8080
<VirtualHost *:8080>
DirectoryIndex index.php
ServerName www.a.com
DocumentRoot /data/www/html
ProxyRequests off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.170.9:9000/var/www/html/$1
ProxyPassMatch ^/(ping|pmstatus)$ fcgi://192.168.170.9:9000/$1
<Directory "/data/www/html">
options none
Allowoverride None
Require all granted
</Directory>
</VirtualHost>
4、在php-fpm服务器上创建编辑index.php 和mysql.php进行测试
#首先创建对应的存放目录,此处设置与httpd服务上设置的fcgi://192.168.109:9000/var/www/html/$相一致
[root@fpm ~]# mkdir -pv /var/www/html/
[root@fpm ~]# vim /var/www/html/index.php #
<?php
phpinfo();
?>
[root@fpm ~]# vim /var/www/html/mysql.php
<?php
$conn = mysql_connect('192.168.170.8','test','magedu');
if ($conn)
echo "Connected to mysql.";
else
echo "Fail";
?>
最后测试httpd是否能连接到php访问相应的页面:
红框中的信息说明网页是以php-fpm的方式工作的
httpd是否能连接到数据库
访问status页面
访问ping页面
至此以php-fpm工作方式运行的lamp已搭建完毕。
三、wordpress的搭建
在php-fpm服务器上通过命令下载wordpress的安装包并解压复制到/var/www/html目录下:
[root@fpm ~]# wget https://cn.wordpress.org/wordpress-4.9.4-zh_CN.tar.gz
[root@fpm ~]# tar xf wordpress-4.9.4-zh_CN.tar.gz
[root@fpm ~]# cp -a wordpress /var/www/html/
[root@fpm ~]# chown -R apache:apache /var/www/html/wordpress/
随后在httpd服务器上创建/var/www/html/wordpress目录:
#此举是为了访问URL/wordpress时能正常代理转发到php-fpm服务器上,否则会提示/wordpress不存在
[root@localhost ~]# mkdir /var/www/html/wordpress
随后访问随后访问192.168.170.10/wordpress/wp-admin/setup-config.php
wordpress初始化页面
提示需要复制wp-config.smaple.php 到wp-config.pnp 并编辑内容保持和创建数据库的用户名和密码等信息一致。
此时需要为wordpress的搭建提供相应的数据库账号及建立相应的数据库:
[root@mysql ~]# mysql -uroot -p123456
MariaDB [(none)]> CREATE DATABASE wordpress;
MariaDB [(none)]> GRANT ALL ON wordpress.* TO 'wpuser'@'192.168.%.%' IDENTIFIED BY 'magedu';
MariaDB [(none)]> FLUSH PRIVILEGES;
exit
[root@mysql wordpress]# cp wp-config-sample.php wp-config.php
[root@mysql wordpress]# vi wp-config.php
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL数据库密码 */
define('DB_PASSWORD', '123456');
/** MySQL主机 */
define('DB_HOST', '192.168.170.8');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
接着继续wordpress的初始化操作:
DML:数据操纵语言,主要用管理表中的数据,实现数据的增、删、改、查(INSERT, DELETE, UPDATE, SELECT);
以示例来说明:
MariaDB [(none)]> CREATE DATABASE student;
Query OK, 1 row affected (0.03 sec)
MariaDB [(none)]> USE student;
Database changed
创建数据表books,并定义各个字段。
MariaDB [student]> CREATE TABLE books
-> (
-> id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
-> name VARCHAR(40) NOT NULL,
-> authors VARCHAR(200) NOT NULL,
-> price INT(11) NOT NULL,
-> pubdate YEAR NOT NULL,
-> note VARCHAR(255) NULL,
-> num INT NOT NULL DEFAULT 0
-> );
Query OK, 0 rows affected (0.42 sec)
将表8.2中的记录插入books表中,分别使用不同的方法插入记录,执行过程如下。
表创建好之后,使用SELECT语句查看表中的数据,结果如下:
MariaDB [student]> SELECT * FROM books;
Empty set (0.00 sec)
可以看到,当前表中为空,没有任何数据,下面向表中插入记录。
(1)指定所有字段名称插入记录,SQL语句如下。
MariaDB [student]> INSERT INTO books
-> (id, name, authors, price, pubdate,note,num)
-> VALUES(1, 'Tale of AAA', 'Dickes', 23, '1995', 'novel',11);
Query OK, 1 row affected (0.10 sec)
语句执行成功,插入了一条记录。
(2)不指定字段名称插入记录,SQL语句如下。
MariaDB [student]> INSERT INTO books
-> VALUES (2,'EmmaT','Jane lura',35,'1993', 'joke',22);
Query OK, 1 row affected (0.01 sec)
语句执行成功,插入了一条记录。
使用SELECT语句查看当前表中的数据:
MariaDB [student]> SELECT * FROM books;
+----+------------------+-----------+-------+---------+---------+-----+
| id | name | authors | price | pubdate | note | num |
+----+-----------------+-----------+---------+---------+---------+-----+
| 1 | Tale of AAA | Dickes | 23 | 1995 | novel | 11 |
| 2 | EmmaT | Jane lura | 35 | 1993 | joke | 22 |
+----+----------------+-------------+---------+----------+-------+------+
2 rows in set (0.00 sec)
可以看到,两条语句分别成功插入了两条记录。
(3)同时插入多条记录。
使用INSERT语句将剩下的多条记录插入表中,SQL语句如下:
MariaDB [student]> INSERT INTO books
-> VALUES(3, 'Story of Jane', 'Jane Tim', 40, '2001', 'novel', 0),
-> (4, 'Lovey Day', 'George Byron', 20, '2005', 'novel', 30),
-> (5, 'Old Land', 'Honore Blade', 30, '2010', 'law',0),
-> (6,'The Battle','Upton Sara',33,'1999', 'medicine',40),
-> (7,'Rose Hood','Richard Kale',28,'2008', 'cartoon',28);
Query OK, 5 rows affected (0.00 sec)
Records: 5 Duplicates: 0 Warnings: 0
由结果可以看到,语句执行成功,总共插入了5条记录,使用SELECT语句查看表中所有的记录:
MariaDB [student]> SELECT * FROM books;
+----+----------------------+--------------+---------+--------------+--------------+-----+
| id | name | authors | price | pubdate | note | num |
+----+------------------------+-------------+----------+-------------+---------------+-----+
| 1 | Tale of AAA | Dickes | 23 | 1995 | novel | 11 |
| 2 | EmmaT | Jane lura | 35 | 1993 | joke | 22 |
| 3 | Story of Jane | Jane Tim | 40 | 2001 | novel | 0 |
| 4 | Lovey Day | George Byron | 20 | 2005 | novel | 30 |
| 5 | Old Land | Honore Blade | 30 | 2010 | law | 0 |
| 6 | The Battle | Upton Sara | 33 | 1999 | medicine | 40 |
| 7 | Rose Hood | Richard Kale | 28 | 2008 | cartoon | 28 |
+----+-----------------------+-----------------+----------+--------------+-------------+-----+
7 rows in set (0.00 sec)
由结果可以看到,所有记录成功插入表中。
将小说类型(novel)的书的价格都增加5。
执行该操作的SQL语句为:
UPDATE books SET price = price + 5 WHERE note = ‘novel’;
执行前先使用SELECT语句查看当前记录:
MariaDB [student]> SELECT id, name, price, note FROM books WHERE note = 'novel';
+----+----------------------+-------+-------+
| id | name | price | note |
+----+----------------------+-------+-------+
| 1 | Tale of AAA | 23 | novel |
| 3 | Story of Jane | 40 | novel |
| 4 | Lovey Day | 20 | novel |
+----+---------------+-------+-------+
3 rows in set (0.00 sec)
使用UPDATE语句执行更新操作:
MariaDB [student]> UPDATE books SET price = price + 5 WHERE note = 'novel';
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
由结果可以看到,该语句对3条记录进行了更新,使用SELECT语句查看更新结果:
MariaDB [student]> SELECT id, name, price, note FROM books WHERE note = 'novel';
+----+-------------------+-------+-------+
| id | name | price | note |
+----+------------------+----------+-------+
| 1 | Tale of AAA | 28 | novel |
| 3 | Story of Jane | 45 | novel |
| 4 | Lovey Day | 25 | novel |
+----+-----------------+-----------+-------+
对比可知,price的值都在原来的价格之上增加了5。
将名称为EmmaT的书的价格改为40,并将说明改为drama。
修改语句为:
MariaDB [student]> UPDATE books SET price=40,note= 'drama 'WHERE name= 'EmmaT ';
执行修改前,使用SELECT语句查看当前记录:
MariaDB [student]> SELECT name, price, note FROM books WHERE name='EmmaT';
+---------+-------+------+
| name | price | note |
+----------+-------+------+
| EmmaT | 35 | joke |
+---------+-------+------+
1 row in set (0.00 sec)
下面执行修改操作:
MariaDB [student]> UPDATE books SET price=40,note='drama' WHERE name='EmmaT';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
结果显示修改了一条记录,使用SELECT查看执行结果:
MariaDB [student]> SELECT name, price, note FROM books WHERE name='EmmaT';
+---------+--------+-------+
| name | price | note |
+---------+---------+-------+
| EmmaT | 40 | drama |
+---------+---------+-------+
1 row in set (0.00 sec)
可以看到,price和note字段的值已经改变,修改操作成功。
删除库存为0的记录。
删除库存为0的语句为:
DELETE FROM books WHERE num=0;
删除之前使用SELECT语句查看当前记录:
MariaDB [student]> SELECT * FROM books WHERE num=0;
+----+----------------+----------------+---------+---------+-------+-----+
| id | name | authors | price | pubdate | note | num |
+----+-----------------+---------------+----------+---------+-------+-----+
| 3 | Story of Jane | Jane Tim | 45 | 2001 | novel | 0 |
| 5 | Old Land | Honore Blade | 30 | 2010 | law | 0 |
+----+------------------+----------------+--------+---------+--------+-----+
2 rows in set (0.00 sec)
可以看到,当前有两条记录的num值为0,下面使用DELETE语句删除这两条记录,SQL语句如下:
MariaDB [student]> DELETE FROM books WHERE num=0;
Query OK, 2 rows affected (0.00 sec)
语句执行成功,查看操作结果:
MariaDB [student]> SELECT * FROM books WHERE num=0;
Empty set (0.00 sec)
可以看到,查询结果为空,表中已经没有库存量为0的记录。
3、简述ftp的主动和被动模式,并实现基于pam认证的vsftpd
一、安装所需要程序
1、安装mysql和pam_mysql
[root@node1 ~]# yum -y install mysql-server mysql-devel pam_mysql vsftpd
注意:pam_mysql由epel源提供。
二、创建虚拟用户账号
1.准备数据库及相关表
首先请确保mysql服务已经正常启动。而后,按需要建立存储虚拟用户的数据库即可,这里将其创建为vsftpd数据库。
[root@node1 ~]# mysql -uroot -p123456
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 60
Server version: 5.5.60-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> create database vsftpd;
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> grant select on vsftpd.* to vsftpd@node3 identified by 'www.magedu.com';
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> grant select on vsftpd.* to vsftpd@127.0.0.1 identified by 'www.magedu.com';
Query OK, 1 row affected (0.01 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> use vsftpd;
MariaDB [vsftpd]> create table users (
id int AUTO_INCREMENT NOT NULL,
name char(20) binary NOT NULL,
password char(48) binary NOT NULL,
primary key(id)
);
Query OK, 1 row affected (0.01 sec)
2、添加测试的虚拟用户
根据需要添加所需要的用户,需要说明的是,这里将其密码为了安全起见应该使用PASSWORD函数加密后存储。
MariaDB [vsftpd]> insert into users(name,password) values('magedu1',password('magedu'));
Query OK, 1 row affected (0.01 sec)
MariaDB [vsftpd]> insert into users(name,password) values('magedu2',password('magedu'));
Query OK, 1 row affected (0.01 sec)
三、配置vsftpd
1.建立pam认证所需文件
[root@node1 ~]#vi /etc/pam.d/vsftpd.mysql
添加如下两行
auth required /lib/security/pam_mysql.so user=vsftpd passwd=www.magedu.com host=node3 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
account required /lib/security/pam_mysql.so user=vsftpd passwd=www.magedu.com host=node3 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
注意:由于mysql的安装方式不同,pam_mysql.so基于unix sock连接mysql服务器时可能会出问题,此时,建议授权一个可远程连接的mysql并访问vsftpd数据库的用户。
2.修改vsftpd的配置文件,使其适应mysql认证
建立虚拟用户映射的系统用户及对应的目录
[root@node1 ~]# useradd -s /sbin/nologin -d /var/ftproot vuser
[root@node1 ~]# chmod go+rx /var/ftproot
请确保/etc/vsftpd.conf中已经启用了以下选项
[root@node1 ~]# vi /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
chroot_local_user=YES
而后添加以下选项
guest_enable=YES
guest_username=vuser
并确保pam_service_name选项的值如下所示
pam_service_name=vsftpd.mysql
四、启动vsftpd服务
[root@node1 ~]# systemctl start vsftpd
[root@node1 ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
[root@node1 ~]#
查看端口开启情况
[root@node1 ~]# netstat -tnlp | grep :21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23286/vsftpd
使用虚拟用户登录,验正配置结果,以下为本机的命令方式测试,你也可以在其它Win Box上用IE或者FTP客户端工具登录验正
# ftp node3
这是实验我之前已经测试过了,没有任何问题,
5、简述samba服务,并实现samba配置
实验环境:
smb 服务端192.168.170.8
smb 客户端192.168.170.9
注:确保防火墙关闭和selinux功能
yum安装smb服务器
[root@node1 samba]# yum -y install samba
[root@node1 samba]# systemctl start smb.serivce
yum安装smb客户端
[root@node3 ~]# yum -y install samba
[root@node3 ~]# smbclient -L 192.168.170.8
Enter SAMBA\root's password:
Anonymous login successful
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.7.1)
Reconnecting with SMB1 for workgroup listing.
Anonymous login successful
Server Comment
--------- -------
Workgroup Master
--------- -------
添加Samba用户和密码
[root@node1 samba]# useradd smbuser1
[root@node1 samba]# smbpasswd -a smbuser1
New SMB password:
Retype new SMB password:
Added user smbuser1.
通过帮助命令查看Sambapasswd相关选项使用
[root@node1 samba]# smbpasswd -h
When run by root:
smbpasswd [options] [username]
otherwise:
smbpasswd [options]
options:
-L local mode (must be first option)
-h print this usage message
-s use stdin for password prompt
-c smb.conf file Use the given path to the smb.conf file
-D LEVEL debug level
-r MACHINE remote machine
-U USER remote username (e.g. SAM/user)
extra options when run by root or in local mode:
-a add user
-d disable user
-e enable user
-i interdomain trust account
-m machine trust account
-n set no password
-W use stdin ldap admin password
-w PASSWORD ldap admin password
-x delete user
-R ORDER name resolve order
测试node3测试Samba
[root@node3 ~]# smbclient -L 192.168.170.8 -U smbuser1
Enter SAMBA\smbuser1's password:
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.7.1)
smbuser1 Disk Home Directories
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
[root@node3 ~]#
[root@node3 ~]# smbclient //192.168.170.8/smbuser1 -U smbuser1
Enter SAMBA\smbuser1's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Fri Nov 2 14:04:28 2018
.. D 0 Fri Nov 2 14:04:28 2018
.bash_logout H 18 Wed Apr 11 08:53:01 2018
.bash_profile H 193 Wed Apr 11 08:53:01 2018
.bashrc H 231 Wed Apr 11 08:53:01 2018
29345792 blocks of size 1024. 27224188 blocks available
smb: \> get .bashrc
getting file \.bashrc of size 231 as .bashrc (3.0 KiloBytes/sec) (average 3.0 KiloBytes/sec)
smb: \> put fstab
fstab does not exist
smb: \> ls
. D 0 Fri Nov 2 14:04:28 2018
.. D 0 Fri Nov 2 14:04:28 2018
.bash_logout H 18 Wed Apr 11 08:53:01 2018
.bash_profile H 193 Wed Apr 11 08:53:01 2018
.bashrc H 231 Wed Apr 11 08:53:01 2018
29345792 blocks of size 1024. 27224228 blocks available
smb: \> lcd /tmp/
smb: \> get .bashrc
getting file \.bashrc of size 231 as .bashrc (75.2 KiloBytes/sec) (average 5.9 KiloBytes/sec)
smb: \> lcd /etc/
smb: \> put fstab
putting file fstab as \fstab (2.3 kb/s) (average 2.3 kb/s)
smb: \>
[root@node3 ~]# ls -a /tmp/
. .. .bashrc .font-unix .ICE-unix ks-script-ajrb3k .Test-unix .X11-unix .XIM-unix yum.log
[root@node3 ~]#
[root@node1 tmp]# cd
[root@node1 ~]# cd /etc/
[root@node1 etc]# su - smbuser1
[smbuser1@node1 ~]$ ls
fstab
[smbuser1@node1 ~]$
[root@node1 ~]# mkdir /data/samba/files -pv
[root@node1 samba]# vi smb.conf
[myfiles]
comment = A test shared dir.
guest ok = Yes
path = /data/samba/files
read only = No
[root@node1 samba]# systemctl restart smb.service
[root@node3 samba]# smbclient -L 192.168.170.8 -U smbuser1
Enter SAMBA\smbuser1's password:
Sharename Type Comment
--------- ---- -------
myfiles Disk A test shared dir.
IPC$ IPC IPC Service (Samba Server Version 4.7.1)
smbuser1 Disk Home Directories
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
[root@node3 samba]#
[root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser2
Enter SAMBA\smbuser2's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Fri Nov 2 14:52:55 2018
.. D 0 Fri Nov 2 14:52:55 2018
29345792 blocks of size 1024. 27223668 blocks available
smb: \>
smb: \> put fstab
fstab does not exist
smb: \> lcd /etc/
smb: \> put fstab
putting file fstab as \fstab (25.8 kb/s) (average 25.8 kb/s)
smb: \> exit
[root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser1
Enter SAMBA\smbuser1's password:
Try "help" to get a list of possible commands.
smb: \>
smb: \>
smb: \> ls
. D 0 Sat Nov 3 00:28:46 2018
.. D 0 Fri Nov 2 14:52:55 2018
fstab A 501 Sat Nov 3 00:28:46 2018
29345792 blocks of size 1024. 27223652 blocks available
smb: \>
smb: \> lcd /etc/
smb: \> put fstab
NT_STATUS_ACCESS_DENIED opening remote file \fstab
smb: \>
[root@node1 samba]# useradd smbuser2
[root@node1 samba]# smbpasswd -a smbuser2
New SMB password:
Retype new SMB password:
Added user smbuser2.
[root@node1 samba]#
[root@node1 samba]#
[root@node1 samba]# smbclient -L 172.16.0.68 -U smbuser2
WARNING: no network interfaces found
Connection to 172.16.0.68 failed (Error NT_STATUS_IO_TIMEOUT)
[root@node1 samba]# smbclient -L 192.168.170.8 -U smbuser2
WARNING: no network interfaces found
Enter MYGROUP\smbuser2's password:
Sharename Type Comment
--------- ---- -------
myfiles Disk A test shared dir.
IPC$ IPC IPC Service (Samba Server Version 4.7.1)
smbuser2 Disk Home Directories
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
[root@node1 samba]# vi smb.conf
write list= smbuser1
[root@node1 samba]# ll -d /data/samba/files/
drwxr-xr-x. 2 root root 6 Nov 2 14:52 /data/samba/files/
[root@node1 samba]# setfacl -m u:smbuser2:rwx /data/samba/files/
[root@node1 samba]# getfacl /data/samba/files/
getfacl: Removing leading '/' from absolute path names
# file: data/samba/files/
# owner: root
# group: root
user::rwx
user:smbuser2:rwx
group::r-x
mask::rwx
other::r-x
[root@node1 samba]#
[root@node1 samba]# setfacl -m u:smbuser1:rwx /data/samba/files/
[root@node1 samba]# getfacl /data/samba/files/
getfacl: Removing leading '/' from absolute path names
# file: data/samba/files/
# owner: root
# group: root
user::rwx
user:smbuser1:rwx
user:smbuser2:rwx
group::r-x
mask::rwx
other::r-x
[root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser1
Enter SAMBA\smbuser1's password:
Try "help" to get a list of possible commands.
smb: \> lcd /etc/
smb: \> put favicon.png
putting file favicon.png as \favicon.png (35.1 kb/s) (average 35.1 kb/s
[root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser2
Enter SAMBA\smbuser2's password:
Try "help" to get a list of possible commands.
smb: \> lcd /etc/
smb: \> put passwd
NT_STATUS_ACCESS_DENIED opening remote file \passwd
[root@node1 samba]# groupadd smbgroup
[root@node1 samba]# setfacl -m g:smbgroup:rwx /data/samba/files/
[root@node1 samba]# getfacl /data/samba/files/
getfacl: Removing leading '/' from absolute path names
# file: data/samba/files/
# owner: root
# group: root
user::rwx
user:smbuser1:rwx
user:smbuser2:rwx
group::r-x
group:smbgroup:rwx
mask::rwx
other::r-x
[root@node1 samba]# vi smb.conf
write list= +smbgroup
browseable = yes
"smb.conf" 320L, 11505C written
[root@node1 samba]#
[root@node1 samba]#
[root@node1 samba]# !sys
systemctl restart smb.service
[root@node1 samba]# useradd -G smbgroup smbuser3
[root@node1 samba]# useradd -G smbgroup smbuser4
[root@node1 samba]# smbpasswd -a smbuser3
New SMB password:
Retype new SMB password:
Added user smbuser3.
[root@node1 samba]# smbpasswd -a smbuser4
New SMB password:
Retype new SMB password:
Added user smbuser4.
[root@node1 samba]#
[root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser3
Enter SAMBA\smbuser3's password:
Try "help" to get a list of possible commands.
smb: \> lcd /etc/
smb: \> put group
putting file group as \group (113.0 kb/s) (average 113.0 kb/s)
smb: \>
[root@node1 samba]# ls /mnt/
[root@node1 samba]# mount -t cifs //192.168.170.8/myfiles /mnt -o username=smbuser3,password=123456
[root@node1 samba]# mount