首页 > 代码库 > samb
samb
#######################samba###################
###############################################
1.samba作用
提供cifs协议实现共享文件
2.安装
[root@localhost ~]# yum install -y samba samba-common samba-clien
[root@localhost ~]# systemctl start smb nmb
[root@localhost ~]# systemctl enable smb nmb
3.添加smb用户
smb用户必须是本地用户
smbpasswd -a student
New SMB password: ##输入smb当前用户密码
Retype new SMB password: ##确认密码
[root@localhost ~]# pdbedit -L ##查看smb用户信息
student:1000:Student User
pdbedit -x smb用户 ##删除用户
[root@localhost ~]# smbclient -L //172.25.254.101 -U student ##在selinux中设定smb用户可以访问自己的家目录
4.共享目录的基本设定
[root@localhost ~]# mkdir /lin
[root@localhost ~]# touch /lin/linwei
[root@localhost ~]# vim /etc/samba/smb.conf
321 [westos]
322 comment = local directory
323 path = /lin
当共享目录为用户自己建立的目录时
[root@localhost ~]# semanage fcontext -a -t samba_share_t ‘/lin(/.*)?‘
[root@localhost ~]# restorecon -RvvF /lin
restorecon reset /lin context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /lin/linwei context unconfined_u:object_r:default_t:s0->sy
当共享目录为系统建立的目录时
[root@localhost ~]# setsebool -P samba_export_all_ro on ##只读共享
[root@localhost ~]# setsebool -P samba_export_all_rw on ##读写共享
5.samba的配置参数
#匿名用户的访问
321 [westos]
322 comment = local directory
323 path = /lin
324 guest ok = yes
125 map to guest = bad user
#访问控制
1)hosts allow = 172.25.254.11 ##只允许,其他拒绝
[root@foundation11 ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Fri Jun 9 00:15:59 2017
.. D 0 Thu Jun 8 23:53:42 2017
file1 N 0 Fri Jun 9 00:15:59 2017
file2 N 0 Fri Jun 9 00:15:59 2017
2)hosts deny = 172.25.254.11 ##只拒绝
[root@foundation11 ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
tree connect failed: NT_STATUS_ACCESS_DENIED
3)valid users = westos ##当前共享的有效用户为westos
[root@foundation11 ~]# smbclient //172.25.254.101/westos -U westos
Enter westos‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Fri Jun 9 00:15:59 2017
.. D 0 Thu Jun 8 23:53:42 2017
file1 N 0 Fri Jun 9 00:15:59 2017
[root@foundation11 ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
tree connect failed: NT_STATUS_ACCESS_DENIED
4)valid users = +westos|@westos ##当前共享的有效用户为westoszu
[root@localhost ~]# usermod -G westos student
[root@foundation11 ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> quit
#读写控制
所有用户都可写
[root@localhost ~]# chmod o+w /mnt
[root@localhost ~]# setsebool -P samba_export_all_rw on
[root@localhost ~]# vim /etc/samba/smb.conf
321 [westos]
322 comment = local directory
323 path = /lin
324 writable = yes
设定指定用户可写
1)write list = student ##可写用户
[root@foundation11 ~]# mount -o username=westos,password=2 //172.25.254.101/westos /mnt
[root@foundation11 ~]# cd /mnt
[root@foundation11 mnt]# touch westos
touch: cannot touch ‘file’: Permission denied
2)write list = +student|@student ##可写的用户组
[root@localhost ~]# usermod -G student westos
[root@foundation11 ~]# mount -o username=westos,password=2 //172.25.254.101/westos /mnt
[root@foundation11 ~]# cd /mnt
[root@foundation11 mnt]# touch file
[root@foundation11 mnt]# cd ~
3)admin users = student ##共享的超级用户指定
在client上进行多用户挂载
[root@localhost ~]# vim /root/westos
[root@localhost ~]# chmod 600 /root/westos
[root@localhost ~]# yum install -y cifs-utils
[root@localhost ~]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.101/westos /mnt
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3163272 7310628 31% /
devtmpfs 927072 0 927072 0% /dev
#credentials=/root/westos 指定挂载时所用到的用户文件
#multiuser 支持多用户认证
#sec=ntlmssp 认证方式为标准smb认证方式
测试:
[root@localhost ~]# su student
[student@localhost root]$ ls /mnt
ls: cannot access /mnt: Permission denied ##因为没有作smb的认证而无法访问smb共享
[student@localhost root]$ cifscreds add -u westos 172.25.254.101
Password: ##输入用户westos的sambmima
[student@localhost root]$ ls /mnt
file file10 file3 file5 file7 file9 westos
file1 file2 file4 file6 file8 lin
samb