samb

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了samb相关的知识,希望对你有一定的参考价值。

#######################samba###################

###############################################

1.samba作用

提供cifs协议实现共享文件

2.安装

[[email protected] ~]# yum install -y samba samba-common samba-clien

[[email protected] ~]# systemctl start smb nmb

[[email protected] ~]# systemctl enable smb nmb

3.添加smb用户

smb用户必须是本地用户

smbpasswd -a student

New SMB password:               ##输入smb当前用户密码

Retype new SMB password:        ##确认密码

 

 

[[email protected] ~]# pdbedit  -L ##查看smb用户信息

student:1000:Student User

pdbedit -x smb用户              ##删除用户

 

 

[[email protected] ~]#  smbclient -L //172.25.254.101 -U student   ##在selinux中设定smb用户可以访问自己的家目录

 

 

4.共享目录的基本设定

[[email protected] ~]# mkdir /lin

[[email protected] ~]# touch /lin/linwei

[[email protected]host ~]# vim /etc/samba/smb.conf

  321         [westos]

  322         comment = local directory

  323         path = /lin

 技术分享

 

 

当共享目录为用户自己建立的目录时

[[email protected] ~]# semanage fcontext -a -t samba_share_t ‘/lin(/.*)?‘

[[email protected] ~]# restorecon -RvvF /lin

restorecon reset /lin context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0

restorecon reset /lin/linwei context unconfined_u:object_r:default_t:s0->sy

 

 

当共享目录为系统建立的目录时

[[email protected] ~]# setsebool -P samba_export_all_ro on    ##只读共享

[[email protected] ~]# setsebool -P samba_export_all_rw on    ##读写共享

 

5.samba的配置参数

#匿名用户的访问

 321         [westos]

322         comment = local directory

323         path = /lin

324         guest ok = yes

125         map to guest = bad user

 

 

#访问控制

1)hosts allow = 172.25.254.11      ##只允许,其他拒绝

  [[email protected] ~]# smbclient //172.25.254.101/westos -U student

  Enter student‘s password:

  Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]

  smb: \> ls

  .                                   D        0  Fri Jun  9 00:15:59 2017

  ..                                  D        0  Thu Jun  8 23:53:42 2017

  file1                               N        0  Fri Jun  9 00:15:59 2017

  file2                               N        0  Fri Jun  9 00:15:59 2017

2)hosts deny = 172.25.254.11      ##只拒绝

[[email protected] ~]# smbclient //172.25.254.101/westos -U student

  Enter student‘s password:

  Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]

  tree connect failed: NT_STATUS_ACCESS_DENIED

3)valid users = westos            ##当前共享的有效用户为westos

[[email protected] ~]# smbclient //172.25.254.101/westos -U westos

  Enter westos‘s password:

  Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]

  smb: \> ls

  .                                   D        0  Fri Jun  9 00:15:59 2017

  ..                                  D        0  Thu Jun  8 23:53:42 2017

  file1                               N        0  Fri Jun  9 00:15:59 2017

[[email protected] ~]# smbclient //172.25.254.101/westos -U student

  Enter student‘s password:

  Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]

  tree connect failed: NT_STATUS_ACCESS_DENIED

4)valid users = +westos|@westos    ##当前共享的有效用户为westoszu

[[email protected] ~]# usermod -G westos student

[[email protected] ~]# smbclient //172.25.254.101/westos -U student

  Enter student‘s password:

  Domain=[LINWEI] OS=[Windows 6.1] Server=[Samba 4.2.3]

  smb: \> quit

#读写控制

所有用户都可写

[[email protected] ~]# chmod o+w /mnt

[[email protected] ~]# setsebool -P samba_export_all_rw on

[[email protected] ~]# vim /etc/samba/smb.conf

  321         [westos]

  322         comment = local directory

  323         path = /lin

  324          writable = yes

 技术分享

设定指定用户可写

1)write list = student       ##可写用户

[[email protected] ~]# mount -o username=westos,password=2 //172.25.254.101/westos /mnt

[[email protected] ~]# cd /mnt

[[email protected] mnt]# touch westos

touch: cannot touch ‘file’: Permission denied

2)write list = +student|@student     ##可写的用户组

[[email protected] ~]# usermod -G student westos

[[email protected] ~]# mount -o username=westos,password=2 //172.25.254.101/westos /mnt

[[email protected]dation11 ~]# cd /mnt

[[email protected] mnt]# touch file

[[email protected] mnt]# cd ~

3)admin users = student             ##共享的超级用户指定

 

 

client上进行多用户挂载

 

 

[[email protected] ~]# vim /root/westos

[[email protected] ~]# chmod 600 /root/westos

 

[[email protected] ~]# yum install -y cifs-utils

[[email protected] ~]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.101/westos /mnt

[[email protected] ~]# df

Filesystem              1K-blocks    Used Available Use% Mounted on

/dev/vda1                10473900 3163272   7310628  31% /

devtmpfs                   927072       0    927072   0% /dev

#credentials=/root/westos  指定挂载时所用到的用户文件

#multiuser                 支持多用户认证

#sec=ntlmssp               认证方式为标准smb认证方式

 

测试:

[[email protected] ~]# su student

[[email protected] root]$ ls /mnt

ls: cannot access /mnt: Permission denied   ##因为没有作smb的认证而无法访问smb共享

[[email protected] root]$ cifscreds add -u westos 172.25.254.101

Password:                     ##输入用户westos的sambmima

[[email protected] root]$ ls /mnt

file   file10  file3  file5  file7  file9  westos

file1  file2   file4  file6  file8  lin

 技术分享

技术分享

以上是关于samb的主要内容,如果未能解决你的问题,请参考以下文章

samb服务的配置

linux命令:samb文件共享

linux命令:samb文件共享服务器配置

rsync-远程同步软件

samba

SAMBA