smaba

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了smaba相关的知识,希望对你有一定的参考价值。


samba

1samba作用

提供cifs协议实现共享文件

2安装

yum install samba samba-common samba-client -y

systemctl start smb nmb

systemctl enable smb nmb

3添加smb用户

首先系统中要有用户

[[email protected] ~]# id student

uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)

[[email protected] ~]# smbpasswd -a student  创建smb用户

New SMB password:

Retype new SMB password:

Added user student.

[[email protected] ~]# pdbedit -L  查看smb用户信息

student:1000:Student User

[[email protected] ~]# pdbedit -x student  删除smb用户

[[email protected] ~]# pdbedit -L

[[email protected] ~]# setsebool -P samba_enable_home_dirs on  在selinux中可以访问自己的家目录

测试

[[email protected] ~]# smbclient //172.25.254.114/student -U student

Enter student‘s password: 

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

  .                                   D        0  Thu Jul 10 19:06:52 2014

  ..                                  D        0  Thu Jul 10 18:19:09 2014

  .bash_logout                        H       18  Wed Jan 29 07:45:18 2014

  .bash_profile                       H      193  Wed Jan 29 07:45:18 2014

  .bashrc                             H      231  Wed Jan 29 07:45:18 2014

  .ssh                               DH        0  Thu Jul 10 18:19:10 2014

  .config                            DH        0  Thu Jul 10 19:06:53 2014


40913 blocks of size 262144. 28544 blocks available

4共享目录

[[email protected] ~]# vim /etc/samba/smb.conf 

        [jj]                     共享名称

        comment = local.public   对共享目录的描述

        path = /mnt        共享目录的绝对路径

        workgroup = WESTOS  共享目录的组

当共享目录为用户自建目录时

[[email protected] mnt]# mkdir /smbshare

[[email protected] mnt]# touch /smbshare/westosxxx

[[email protected] mnt]# vim /etc/samba/smb.conf 

        [jj]

        comment = local.public

        path = /smbshare

[[email protected] mnt]# setsebool -P samba_enable_home_dirs 0

[[email protected] mnt]# semanage fcontext -a -t samba_share_t ‘/smbshare(/.*)?‘

/etc/selinux/targeted/contexts/files/file_contexts.local:  line 4 has invalid regex /smbshare(/.*)?:  missing )

PCRE compilation failed for ^/smbshare(/.*)?$ at offset 21: missing )

libsemanage.sefcontext_compile: sefcontext_compile returned error code 255. Compiling /etc/selinux/targeted/contexts/files/file_contexts.local

/etc/selinux/targeted/contexts/files/file_contexts.local:  line 4 has invalid regex /smbshare(/.*)?:  missing )

PCRE compilation failed for ^/smbshare(/.*)?$ at offset 21: missing )

libsemanage.sefcontext_compile: sefcontext_compile returned error code 255. Compiling /etc/selinux/targeted/contexts/files/file_contexts.local

ValueError: Could not commit semanage transaction

[[email protected] mnt]# restorecon -RvvF /smbshare

[[email protected] mnt]# smbclient //172.25.254.114/jj -U student

Enter student‘s password: 

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

  .                                   D        0  Sat Jun  3 02:36:48 2017

  ..                                  D        0  Sat Jun  3 02:36:38 2017

  westosxxx                           N        0  Sat Jun  3 02:36:48 2017


40913 blocks of size 262144. 28544 blocks available

smb: \> 

semanage fcontext -a -t samba_share_t ‘目录名称(/.*)?‘  配置安全上下文

restorecon -RvvF 目录名称 



当共享目录为系统目录时

[[email protected] ~]# touch /mnt/file{1..10}

[[email protected] ~]# cd /mnt

[[email protected] mnt]# ls

file1  file10  file2  file3  file4  file5  file6  file7  file8  file9

[[email protected] mnt]# smbclient //172.25.254.114/jj -U student

Enter student‘s password: 

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

  .                                   D        0  Thu Jul 10 19:06:52 2014

  ..                                  D        0  Thu Jul 10 18:19:09 2014

  .bash_logout                        H       18  Wed Jan 29 07:45:18 2014

  .bash_profile                       H      193  Wed Jan 29 07:45:18 2014

  .bashrc                             H      231  Wed Jan 29 07:45:18 2014

  .ssh                               DH        0  Thu Jul 10 18:19:10 2014

  .config                            DH        0  Thu Jul 10 19:06:53 2014


40913 blocks of size 262144. 28545 blocks available

smb: \> 

[[email protected] mnt]# setsebool -P samba_export_all_ro on  只读共享

[[email protected] mnt]# setsebool -P samba_export_all_rw on  读写共享

[[email protected] ~]# setsebool -P samba_enable_home_dirs on

[[email protected] mnt]# smbclient //172.25.254.114/jj -U student

Enter student‘s password: 

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

  .                                   D        0  Sat Jun  3 02:28:28 2017

  ..                                  D        0  Sat Jun  3 01:30:28 2017

  file1                               N        0  Sat Jun  3 02:28:28 2017

  file2                               N        0  Sat Jun  3 02:28:28 2017

  file3                               N        0  Sat Jun  3 02:28:28 2017

  file4                               N        0  Sat Jun  3 02:28:28 2017

  file5                               N        0  Sat Jun  3 02:28:28 2017

  file6                               N        0  Sat Jun  3 02:28:28 2017

  file7                               N        0  Sat Jun  3 02:28:28 2017

  file8                               N        0  Sat Jun  3 02:28:28 2017

  file9                               N        0  Sat Jun  3 02:28:28 2017

  file10                              N        0  Sat Jun  3 02:28:28 2017


40913 blocks of size 262144. 28545 blocks available

smb: \> 



匿名用户登陆

[[email protected] mnt]# smbclient //172.25.254.114/jj 

Enter root‘s password: 

Anonymous login successful

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

tree connect failed: NT_STATUS_ACCESS_DENIED

[[email protected] mnt]# vim /etc/samba/smb.conf 

123         security = user

124         passdb backend = tdbsam

125         map to guest = bad user

321         [jj]

322         comment = local.public

323         path = /smbshare

324         guest ok = yes

[[email protected] mnt]# systemctl  restart smb.service 

[[email protected] mnt]# smbclient //172.25.254.114/jj 

Enter root‘s password: 

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \> ls

  .                                   D        0  Sat Jun  3 02:36:48 2017

  ..                                  D        0  Sat Jun  3 02:36:38 2017

  westosxxx                           N        0  Sat Jun  3 02:36:48 2017


40913 blocks of size 262144. 28545 blocks available

smb: \> 

访问控制

hosts allow = 域名  仅允许

host deny = 域名  仅拒绝

        [jj]

        comment = local.public

        path = /smbshare

        valid users = westos    当前共享有效用户

        valid users = +westos   当前共享有效用户组

        valid users = @westos   当前共享有效用户组

[[email protected] mnt]# smbclient //172.25.254.114/jj -U student

Enter student‘s password: 

Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

tree connect failed: NT_STATUS_ACCESS_DENIED

所有用户均可写

服务器

[[email protected] mnt]# vim /etc/samba/smb.conf 

       [jj]

        comment = local.public

        path = /mnt

        writable = yes                是否可写

[[email protected] mnt]# setsebool -P samba_export_all_rw on  

[[email protected] mnt]# chmod o+w /mnt

客机

[[email protected] ~]# mount -o username=student,password=westos //172.25.254.114/jj /mnt/  【smb共享目录】                   【smb用户名以及密码】

[[email protected] ~]# cd /mnt

[[email protected] mnt]# ls

file1  file10  file2  file3  file4  file5  file6  file7  file8  file9  jj

[[email protected] mnt]# touch kill

[[email protected] mnt]# ls

file1  file10  file2  file3  file4  file5  file6  file7  file8  file9  jj  kill

[[email protected] mnt]# 

指定用户可写

write list = student        可写用户

write list = +student       可写用户组

write list = @student       

admin users = westos      共享超级用户指定

smb多用户挂载

在客机上【不在服务器】

[[email protected] ~]# vim /root/westos

username=student

password=westos

[[email protected] ~]# chmod 600 /root/westos

[[email protected] ~]# yum install cifs-utils -y

[[email protected] ~]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.114/jj /mnt/

credentials=/root/westos 指定挂载时的认证文件

sec=ntlmssp  smb认证方式

multiuser  支持多用户认证



测试

su - kiosk

ls /mnt

[[email protected] ~]$ ls /mnt

ls: cannot access /mnt: Permission denied    没有认证无法访问

[[email protected] ~]$ cifscreds add -u student 172.25.254.114  认证

Password: 

[[email protected] ~]$ ls /mnt

file1  file10  file2  file3  file4  file5  file6  file7  file8  file9  jj  kill


                  


以上是关于smaba的主要内容,如果未能解决你的问题,请参考以下文章

smaba服务

ubuntu安装smaba服务中出错,提示如下图!请教各位高手!!谢谢!

Linux网络文件共享服务之smaba

Linux Smaba服务器配置

搭建虚拟机和source insight开发环境

2020-11-8