samb
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了samb相关的知识,希望对你有一定的参考价值。
#######################samba###################
###############################################
1.samba作用
提供cifs协议实现共享文件
2.安装
[[email protected] ~]# yum install -y samba samba-common samba-clien
[[email protected] ~]# systemctl start smb nmb
[[email protected] ~]# systemctl enable smb nmb
3.添加smb用户
smb用户必须是本地用户
smbpasswd -a student
New SMB password: ##输入smb当前用户密码
Retype new SMB password: ##确认密码
[[email protected] ~]# pdbedit -L ##查看smb用户信息
student:1000:Student User
pdbedit -x smb用户 ##删除用户
[[email protected] ~]# smbclient -L //172.25.254.101 -U student ##在selinux中设定smb用户可以访问自己的家目录
4.共享目录的基本设定
[[email protected] ~]# mkdir /lin
[[email protected] ~]# touch /lin/linwei
[[email protected]host ~]# vim /etc/samba/smb.conf
321 [westos]
322 comment = local directory
323 path = /lin
当共享目录为用户自己建立的目录时
[[email protected] ~]# semanage fcontext -a -t samba_share_t ‘/lin(/.*)?‘
[[email protected] ~]# restorecon -RvvF /lin
restorecon reset /lin context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /lin/linwei context unconfined_u:object_r:default_t:s0->sy
当共享目录为系统建立的目录时
[[email protected] ~]# setsebool -P samba_export_all_ro on ##只读共享
[[email protected] ~]# setsebool -P samba_export_all_rw on ##读写共享
5.samba的配置参数
#匿名用户的访问
321 [westos]
322 comment = local directory
323 path = /lin
324 guest ok = yes
125 map to guest = bad user
#访问控制
1)hosts allow = 172.25.254.11 ##只允许,其他拒绝
[[email protected] ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Fri Jun 9 00:15:59 2017
.. D 0 Thu Jun 8 23:53:42 2017
file1 N 0 Fri Jun 9 00:15:59 2017
file2 N 0 Fri Jun 9 00:15:59 2017
2)hosts deny = 172.25.254.11 ##只拒绝
[[email protected] ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
tree connect failed: NT_STATUS_ACCESS_DENIED
3)valid users = westos ##当前共享的有效用户为westos
[[email protected] ~]# smbclient //172.25.254.101/westos -U westos
Enter westos‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Fri Jun 9 00:15:59 2017
.. D 0 Thu Jun 8 23:53:42 2017
file1 N 0 Fri Jun 9 00:15:59 2017
[[email protected] ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
tree connect failed: NT_STATUS_ACCESS_DENIED
4)valid users = +westos|@westos ##当前共享的有效用户为westoszu
[[email protected] ~]# usermod -G westos student
[[email protected] ~]# smbclient //172.25.254.101/westos -U student
Enter student‘s password:
Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> quit
#读写控制
所有用户都可写
[[email protected] ~]# chmod o+w /mnt
[[email protected] ~]# setsebool -P samba_export_all_rw on
[[email protected] ~]# vim /etc/samba/smb.conf
321 [westos]
322 comment = local directory
323 path = /lin
324 writable = yes
设定指定用户可写
1)write list = student ##可写用户
[[email protected] ~]# mount -o username=westos,password=2 //172.25.254.101/westos /mnt
[[email protected] ~]# cd /mnt
[[email protected] mnt]# touch westos
touch: cannot touch ‘file’: Permission denied
2)write list = +student|@student ##可写的用户组
[[email protected] ~]# usermod -G student westos
[[email protected] ~]# mount -o username=westos,password=2 //172.25.254.101/westos /mnt
[[email protected]dation11 ~]# cd /mnt
[[email protected] mnt]# touch file
[[email protected] mnt]# cd ~
3)admin users = student ##共享的超级用户指定
在client上进行多用户挂载
[[email protected] ~]# vim /root/westos
[[email protected] ~]# chmod 600 /root/westos
[[email protected] ~]# yum install -y cifs-utils
[[email protected] ~]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.101/westos /mnt
[[email protected] ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3163272 7310628 31% /
devtmpfs 927072 0 927072 0% /dev
#credentials=/root/westos 指定挂载时所用到的用户文件
#multiuser 支持多用户认证
#sec=ntlmssp 认证方式为标准smb认证方式
测试:
[[email protected] ~]# su student
[[email protected] root]$ ls /mnt
ls: cannot access /mnt: Permission denied ##因为没有作smb的认证而无法访问smb共享
[[email protected] root]$ cifscreds add -u westos 172.25.254.101
Password: ##输入用户westos的sambmima
[[email protected] root]$ ls /mnt
file file10 file3 file5 file7 file9 westos
file1 file2 file4 file6 file8 lin
以上是关于samb的主要内容,如果未能解决你的问题,请参考以下文章