关防火墙
1.samba作用
提供cifs协议实现共享文件
2.安装
yum install samba samba-common samba-client -y
systemctl start smb nmb
systemctl enable smb nmb
3.添加smb用户
smb用户必须时本地用户
smbpasswd -a student
New SMB password: #输入smb当前用户密码
Retype new SMB password: #确认密码
pdbedit -L #查看smb用户信息
pdbedit -x smb用户 #删除smb用户
setsebool -P enable_samba_home_dirs on ##在selinux中设定smb用户可以访问自己的家目录
4.共享目录的基本设定
vim /etc/samba/smb.conf
[haha] 共享名称
comment = 对共享目录的描述
path = 共享目录的绝对路径
workgroup = WESTOS
当共享目录为用户自建立目录时
semanage fcontext -a -t samba_share_t '目录名称(/.*)?'
restorecon -RvvF 目录名称
当共享目录为系统建立目录
setsebool -P samba_export_all_ro on #只读共享
setsebool -P samba_export_all_rw on #读写共享
5.samba的配置参数
#匿名用户访问
guest ok = yes
map to guest = bad user
#访问控制
hosts allow = #仅允许
hosts deny = #仅拒绝
valid users = #当前共享的有效用户
valid users = westos #当前共享的有效用户为westos
valid users = @westos #当前共享的有效用户为westos组
valid users = +westos #当前共享的有效用户为westos组
#读写控制
所有用户均可写
chmod o+w /mnt
setsebool -P samba_export_all_rw on
vim /etc/samba/smb.conf
writable = yes
设定指定用户可写
write list = student #可写用户
write list = +student #可写用户组
write list = @student
admin users = westos #共享的超级用户指定
---------------------------------------------------------------------------
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 02:34:37 2017
.. D 0 Sat Jun 3 02:27:05 2017
file1 N 0 Sat Jun 3 02:34:37 2017
file2 N 0 Sat Jun 3 02:34:37 2017
file3 N 0 Sat Jun 3 02:34:37 2017
file4 N 0 Sat Jun 3 02:34:37 2017
file5 N 0 Sat Jun 3 02:34:37 2017
40913 blocks of size 262144. 28537 blocks available
smb: \> quit
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> quit
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# id westos
id: westos: no such user
[root@server ~]# useradd westos -s /sbin/nologin
[root@server ~]# smbpasswd -a westos
New SMB password:
Retype new SMB password:
Added user westos.
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# smbclient //172.25.254.105/haha -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 02:34:37 2017
.. D 0 Sat Jun 3 02:27:05 2017
file1 N 0 Sat Jun 3 02:34:37 2017
file2 N 0 Sat Jun 3 02:34:37 2017
file3 N 0 Sat Jun 3 02:34:37 2017
file4 N 0 Sat Jun 3 02:34:37 2017
file5 N 0 Sat Jun 3 02:34:37 2017
40913 blocks of size 262144. 28537 blocks available
smb: \> quit
[root@server ~]# usermod -G westos student
[root@server ~]# id student
uid=1000(student) gid=1000(student) groups=1000(student),1001(westos)
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 02:34:37 2017
.. D 0 Sat Jun 3 02:27:05 2017
file1 N 0 Sat Jun 3 02:34:37 2017
file2 N 0 Sat Jun 3 02:34:37 2017
file3 N 0 Sat Jun 3 02:34:37 2017
file4 N 0 Sat Jun 3 02:34:37 2017
file5 N 0 Sat Jun 3 02:34:37 2017
40913 blocks of size 262144. 28537 blocks available
smb: \> quit
[root@server ~]#
---------------------------------------------------------------------------------
6.smb多用户挂载
在client上
vim /root/haha
username=student
password=lee
chmod 600 /root/haha
yum install cifs-utils -y
mount -o credentials=/root/haha,multiuser,sec=ntlmssp //172.25.254.100/haha /mnt/
#credentials=/root/haha 指定挂载时所用到的用户文件
#multiuser 支持多用户认证
#sec=ntlmssp 认证方式为标准smb认证方式
su - kiosk
ls /mnt
ls: cannot access /mnt: Permission denied #因为没有作smb的认证所以无法访问smb共享
cifscreds add -u westos 172.25.254.100
Password: ##smb用户westos的密码
ls /mnt
------------------------------------------------------------------------------
[kiosk@foundation5 Desktop]$ mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
mount: only root can use "--options" option
[kiosk@foundation5 Desktop]$ su root
Password:
[root@foundation5 Desktop]# mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 Desktop]# cd /mnt
[root@foundation5 mnt]# ls
file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch file
touch: cannot touch ‘file’: Permission denied
[root@foundation5 mnt]# cd
[root@foundation5 ~]# umount /mnt/
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> on
samba_export_all_rw --> on ##要开启 setsebool samba_export_all_rw on
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
[root@localhost ~]# ll -d /mnt/
drwxr-xr-x. 2 root root 66 Jun 3 02:34 /mnt/
[root@localhost ~]# chmod o+w /mnt/
[root@localhost ~]#
[root@foundation5 ~]# mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 ~]# cd /mnt
[root@foundation5 mnt]# ls
file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch file
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]#
另一端:
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# systemctl restart smb.service
[root@foundation5 mnt]# cd
[root@foundation5 ~]# umount /mnt
[root@foundation5 ~]# mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 ~]# cd /mnt
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch yy
touch: cannot touch ‘yy’: Permission denied
[root@foundation5 mnt]# mount -o username=student,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch yy
touch: cannot touch ‘yy’: Permission denied
[root@foundation5 mnt]# cd
[root@foundation5 ~]# umount /mnt
[root@foundation5 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda3 307974224 24864764 283109460 9% /
devtmpfs 1868044 0 1868044 0% /dev
tmpfs 1881152 480 1880672 1% /dev/shm
tmpfs 1881152 8980 1872172 1% /run
tmpfs 1881152 0 1881152 0% /sys/fs/cgroup
/dev/sda1 508588 149424 359164 30% /boot
tmpfs 376232 12 376220 1% /run/user/1000
//172.25.254.105/haha 10473900 3178444 7295456 31% /mnt
[root@foundation5 ~]# umount /mnt
[root@foundation5 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda3 307974224 24864764 283109460 9% /
devtmpfs 1868044 0 1868044 0% /dev
tmpfs 1881152 480 1880672 1% /dev/shm
tmpfs 1881152 8980 1872172 1% /run
tmpfs 1881152 0 1881152 0% /sys/fs/cgroup
/dev/sda1 508588 149424 359164 30% /boot
tmpfs 376232 12 376220 1% /run/user/1000
[root@foundation5 ~]# mount -o username=student,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 ~]# cd /mnt
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch yy
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5 yy
[root@foundation5 mnt]#
---------------------------------------------------------------------------------
1.samba作用
提供cifs协议实现共享文件
2.安装
yum install samba samba-common samba-client -y
systemctl start smb nmb
systemctl enable smb nmb
3.添加smb用户
smb用户必须时本地用户
smbpasswd -a student
New SMB password: #输入smb当前用户密码
Retype new SMB password: #确认密码
pdbedit -L #查看smb用户信息
pdbedit -x smb用户 #删除smb用户
setsebool -P enable_samba_home_dirs on ##在selinux中设定smb用户可以访问自己的家目录
4.共享目录的基本设定
vim /etc/samba/smb.conf
[haha] 共享名称
comment = 对共享目录的描述
path = 共享目录的绝对路径
workgroup = WESTOS
当共享目录为用户自建立目录时
semanage fcontext -a -t samba_share_t '目录名称(/.*)?'
restorecon -RvvF 目录名称
当共享目录为系统建立目录
setsebool -P samba_export_all_ro on #只读共享
setsebool -P samba_export_all_rw on #读写共享
5.samba的配置参数
#匿名用户访问
guest ok = yes
map to guest = bad user
#访问控制
hosts allow = #仅允许
hosts deny = #仅拒绝
valid users = #当前共享的有效用户
valid users = westos #当前共享的有效用户为westos
valid users = @westos #当前共享的有效用户为westos组
valid users = +westos #当前共享的有效用户为westos组
#读写控制
所有用户均可写
chmod o+w /mnt
setsebool -P samba_export_all_rw on
vim /etc/samba/smb.conf
writable = yes
设定指定用户可写
write list = student #可写用户
write list = +student #可写用户组
write list = @student
admin users = westos #共享的超级用户指定
---------------------------------------------------------------------------
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 02:34:37 2017
.. D 0 Sat Jun 3 02:27:05 2017
file1 N 0 Sat Jun 3 02:34:37 2017
file2 N 0 Sat Jun 3 02:34:37 2017
file3 N 0 Sat Jun 3 02:34:37 2017
file4 N 0 Sat Jun 3 02:34:37 2017
file5 N 0 Sat Jun 3 02:34:37 2017
40913 blocks of size 262144. 28537 blocks available
smb: \> quit
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> quit
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha
Enter root's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# vim /etc/samba/smb.conf
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# id westos
id: westos: no such user
[root@server ~]# useradd westos -s /sbin/nologin
[root@server ~]# smbpasswd -a westos
New SMB password:
Retype new SMB password:
Added user westos.
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# systemctl restart smb.service
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[root@server ~]# smbclient //172.25.254.105/haha -U westos
Enter westos's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 02:34:37 2017
.. D 0 Sat Jun 3 02:27:05 2017
file1 N 0 Sat Jun 3 02:34:37 2017
file2 N 0 Sat Jun 3 02:34:37 2017
file3 N 0 Sat Jun 3 02:34:37 2017
file4 N 0 Sat Jun 3 02:34:37 2017
file5 N 0 Sat Jun 3 02:34:37 2017
40913 blocks of size 262144. 28537 blocks available
smb: \> quit
[root@server ~]# usermod -G westos student
[root@server ~]# id student
uid=1000(student) gid=1000(student) groups=1000(student),1001(westos)
[root@server ~]# smbclient //172.25.254.105/haha -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 02:34:37 2017
.. D 0 Sat Jun 3 02:27:05 2017
file1 N 0 Sat Jun 3 02:34:37 2017
file2 N 0 Sat Jun 3 02:34:37 2017
file3 N 0 Sat Jun 3 02:34:37 2017
file4 N 0 Sat Jun 3 02:34:37 2017
file5 N 0 Sat Jun 3 02:34:37 2017
40913 blocks of size 262144. 28537 blocks available
smb: \> quit
[root@server ~]#
---------------------------------------------------------------------------------
6.smb多用户挂载
在client上
vim /root/haha
username=student
password=lee
chmod 600 /root/haha
yum install cifs-utils -y
mount -o credentials=/root/haha,multiuser,sec=ntlmssp //172.25.254.100/haha /mnt/
#credentials=/root/haha 指定挂载时所用到的用户文件
#multiuser 支持多用户认证
#sec=ntlmssp 认证方式为标准smb认证方式
su - kiosk
ls /mnt
ls: cannot access /mnt: Permission denied #因为没有作smb的认证所以无法访问smb共享
cifscreds add -u westos 172.25.254.100
Password: ##smb用户westos的密码
ls /mnt
------------------------------------------------------------------------------
[kiosk@foundation5 Desktop]$ mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
mount: only root can use "--options" option
[kiosk@foundation5 Desktop]$ su root
Password:
[root@foundation5 Desktop]# mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 Desktop]# cd /mnt
[root@foundation5 mnt]# ls
file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch file
touch: cannot touch ‘file’: Permission denied
[root@foundation5 mnt]# cd
[root@foundation5 ~]# umount /mnt/
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> on
samba_export_all_rw --> on ##要开启 setsebool samba_export_all_rw on
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
[root@localhost ~]# ll -d /mnt/
drwxr-xr-x. 2 root root 66 Jun 3 02:34 /mnt/
[root@localhost ~]# chmod o+w /mnt/
[root@localhost ~]#
[root@foundation5 ~]# mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 ~]# cd /mnt
[root@foundation5 mnt]# ls
file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch file
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]#
另一端:
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# systemctl restart smb.service
[root@foundation5 mnt]# cd
[root@foundation5 ~]# umount /mnt
[root@foundation5 ~]# mount -o username=westos,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 ~]# cd /mnt
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch yy
touch: cannot touch ‘yy’: Permission denied
[root@foundation5 mnt]# mount -o username=student,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch yy
touch: cannot touch ‘yy’: Permission denied
[root@foundation5 mnt]# cd
[root@foundation5 ~]# umount /mnt
[root@foundation5 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda3 307974224 24864764 283109460 9% /
devtmpfs 1868044 0 1868044 0% /dev
tmpfs 1881152 480 1880672 1% /dev/shm
tmpfs 1881152 8980 1872172 1% /run
tmpfs 1881152 0 1881152 0% /sys/fs/cgroup
/dev/sda1 508588 149424 359164 30% /boot
tmpfs 376232 12 376220 1% /run/user/1000
//172.25.254.105/haha 10473900 3178444 7295456 31% /mnt
[root@foundation5 ~]# umount /mnt
[root@foundation5 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda3 307974224 24864764 283109460 9% /
devtmpfs 1868044 0 1868044 0% /dev
tmpfs 1881152 480 1880672 1% /dev/shm
tmpfs 1881152 8980 1872172 1% /run
tmpfs 1881152 0 1881152 0% /sys/fs/cgroup
/dev/sda1 508588 149424 359164 30% /boot
tmpfs 376232 12 376220 1% /run/user/1000
[root@foundation5 ~]# mount -o username=student,password=123 //172.25.254.105/haha /mnt/
[root@foundation5 ~]# cd /mnt
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5
[root@foundation5 mnt]# touch yy
[root@foundation5 mnt]# ls
file file1 file2 file3 file4 file5 yy
[root@foundation5 mnt]#
---------------------------------------------------------------------------------
扫一扫
3094
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
