首页 > 代码库 > linux下samba服务器的搭建(案列模拟)

linux下samba服务器的搭建(案列模拟)

模拟案列:

ABC公司有4个部门:sales+design+develop+ops

现在要分别给这四个部门设立各自独立的共享文件夹和一个都能读写的share文件夹

考虑到误删或者恶意删除同部门其他员工的文件,需要用到sticky属性,sticky一般作用在目录上,一旦作用了,那么这么目录下的文件只能由文件创始人或者root删除。

开干!

Step1 创建目录结构

mkdir -p /ABC/{design,sales,develop,ops,share{design,sales,develop,ops}}
[root@localhost ABC]# tree
/ABC//ABC/|-- design|-- develop|-- ops|-- sales`-- share |-- design |-- develop |-- ops `-- sales

Step2 添加账户

我们为每个部门创建2个用户,编写脚本user.sh

#/bin/bash#DEPART=(sales design develop ops)for g in ${DEPART[@]};do    groupadd $g    for i in $(seq 1 2);do        useradd -M -s /sbin/nologin -g ${g} ${g}$i    donedone

Step3 配置smb.conf

#======================= Global Settings =====================================[global]        workgroup = SAMBA        server string = Samba Server        netbios name = SAMBA# --------------------------- Logging Options -----------------------------        # logs split per machine        log file = /var/log/samba/log.%m        # max 50KB per log file, then rotate        max log size = 50# ----------------------- Standalone Server Options ------------------------        security = user        passdb backend = tdbsam        load printers = yes        cups options = raw#============================ Share Definitions ==============================;[homes];       comment = Home Directory;        browseable = no;        writeable = no[sales]        comment = sales share        path = /ABC/sales        browsable = yes        guest ok = no        writable = no        write list = @sales[design]        comment = design share        path = /ABC/design        browsable = yes        guest ok = no        writable = no        write list = @design[develop]        comment = develop share        path = /ABC/develop        browsable = yes        guest ok = no        writable = no        write list = @sales[ops]        comment = ops share        path = /ABC/ops        browsable = yes        guest ok = no        writable = no        write list = @sales[share]        comment = public share        path = /ABC/share        browsable = yes        guest ok = no        writable = yes

Step4.设定权限

chown :design /ABC/design

chown :sales /ABC/sales

chown :develop /ABC/develop

chown :ops /ABC/ops

 

chown :design /ABC/share/design

chown :sales /ABC/share/sales

chown :develop /ABC/share/develop

chown :ops /ABC/share/ops

 

chmod 1770 /ABC/{design,sales,ops,develop}

chmod 775 /ABC/share

chmod 1775 /ABC/share/{design,sales,ops,develop}

 

最后阶段:测试效果

以sales1用户为例,

相对根目录:sales1无法进入除了sales和share文件夹以外的其他目录。

相对sales目录:sales1可以新建,删除自己的文件。但无法删除sales2建立的文件(sticky起作用了)

相对share目录:sales1可以访问所有目录但只在sales目录内有写权限,同样由于设置了sticky权限,sales1无法删除sales2建立的文件。

 

至此,完成

linux下samba服务器的搭建(案列模拟)