Samba
来源:互联网 发布:c语言指针难点应用 编辑:程序博客网 时间:2024/06/09 20:17
Samba
1. Samba基本概念
samba -> 多系统 cifs/smb
nfs linux -> windows
ftp get/put website
http b/s
c/s
net bios 用来做windows整个网段主机名与ip地址的解析
与文件共享有关
nmb -> netbios地址解析
lmhosts 专门针对samba的解析 ==/etc/hosts
协议 -> 经过的设备 -> 抓包,
2. samba的安装与配置
[root@localhost ~]# yum install samba samba-common samba-client –y ##安装相关服务
[root@localhost ~]# systemctl start smb nmb
[root@localhost ~]# systemctl enable smb.service nmb ##开启服务
3. 添加samba用户 (samba用户必须为本地用户)
[root@localhost ~]# id student ##查看用户 student 是否存在
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)
[root@localhost ~]# smbpasswd -a student ##建立samba用户
New SMB password: ##输入密码
Retype new SMB password: ##确认密码
Added user student. ##用户student建立成功
[root@localhost ~]# pdbedit -L ##查看samba用户信息
student:1000:Student User
[root@localhost ~]# pdbedit -x student ##查看samba用户 student的信息
[root@localhost ~]# setsebool -P samba_enable_home_dirs on ##在selinux中设定smb用户可以访问自己的家目录
Usage: setsebool [ -NPV ] boolean value| bool1=val1 bool2=val2...
[root@localhost ~]# pdbedit -L
student:1000:Student User
[root@localhost ~]# setsebool -P enable samba_home_dirs on
[root@localhost ~]# smbclient //172.25.254.179/student -U student
Enter student's password:
session setup failed: NT_STATUS_LOGON_FAILURE
[root@localhost ~]# setsebool -P samba_enable_home_dirs on
[root@localhost ~]# smbclient //172.25.254.179/student -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jul 10 19:06:52 2014
.. D 0 Thu Jul 10 18:19:09 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
.bash_profile H 193 Wed Jan 29 07:45:18 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.ssh DH 0 Thu Jul 10 18:19:10 2014
.config DH 0 Thu Jul 10 19:06:53 2014
40913 blocks of size 262144. 28550blocks available
smb: \>
4.文件共享
(1)用户自建立的目录共享
@@实验配置
[root@localhost ~]# vim /etc/samba/smb.conf ##编辑samba的主配置文件
workgroup = WESTOS ##工作域名为WESTOS
[PIUPIU] ##共享的名称
comment = local directory ##对共享目录的描述
path = /smbshare ##共享目录的绝对路径
[root@localhost ~]# systemctl restart smb.service ##重启samba服务
[root@localhost ~]# semanage fcontext -a -t samba_share_t'/smbshare(/.*)?' ##当目录为用户自建立目录
[root@localhost ~]# restorecon -RvvF /smbshare ##更改刷新目录/smbshare安全上下文
restorecon reset /smbshare contextunconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /smbshare/westosxxx contextunconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
@@实验测试
[kiosk@foundation3 Desktop]$ smbclient //172.25.254.179/PIUPIU -U student
Enter student's password:
Domain=[WESTOS] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 14:25:19 2017
.. D 0 Sat Jun 3 14:24:56 2017
westosxxx N 0 Sat Jun 3 14:25:19 2017
10473900 blocks of size 1024.7309124 blocks available
smb: \>
(2)系统建立的目录共享
@@实验配置
[root@localhost mnt]# setsebool -P samba_enable_home_dirs 0
[root@localhost mnt]# setsebool -P samba_export_all_ro on ##开启只读共享
[root@localhost mnt]# vim /etc/samba/smb.conf ##编辑samba主配置文件
workgroup = WESTOS ##工作域名为WESTOS
[PIUPIU] ##共享的名称
comment = local directory ##对共享目录的描述
path = /smbshare ##共享目录的绝对路径
[root@localhost mnt]# systemctl restart smb.service ##重启服务
[root@localhost mnt]# setsebool -P use_samba_home_dirs on ##在selinux中设定smb用户可以访问自己的家目录
[root@localhost mnt]# systemctl restart smb.service ##重启服务
[root@localhost mnt]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> on
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> on
virt_sandbox_use_samba --> off
virt_use_samba --> off
[root@localhost mnt]#
@@实验测试
[kiosk@foundation3 Desktop]$ smbclient //172.25.254.179/PIUPIU -U student
Enter student's password:
Domain=[WESTOS] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:24:56 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
file7 N 0 SatJun 3 14:38:50 2017
file8 N 0 Sat Jun 3 14:38:50 2017
file9 N 0 Sat Jun 3 14:38:50 2017
file10 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024.7308840 blocks available
smb: \>
5.samba的配置参数
(1)匿名用户访问
[root@localhost ~]# vim /etc/samba/smb.conf
125 map to guest = bad user ##将所有samba不能识别的用户都映射为guest用户 无需帐户和密码访问samba
321 [PIUPIU]
322 comment = localdirectory
323 path = /mnt
324 guest ok = yes ##设置guest有权限
[root@localhost ~]# systemctl restart smb.service ##重启服务
测试:
[kiosk@foundation3 Desktop]$ smbclient //172.25.254.103/PIUPIU
Enter kiosk's password:
Domain=[WESTOS] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:24:56 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
file7 N 0 Sat Jun 3 14:38:50 2017
file8 N 0 Sat Jun 3 14:38:50 2017
file9 N 0 Sat Jun 3 14:38:50 2017
file10 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024.7308640 blocks available
smb: \>
(2)访问控制
[root@localhost ~]# vim /etc/samba/smb.conf
[PIUPIU]
comment = local directory
path = /mnt
guest ok = yes
hosts deny = 172.25.254.78 ##拒绝172.25.254.78 主机访问
测试(在172.25.254.78主机上)
[kiosk@foundation78 Desktop]$ smbclient //172.25.254.179/PIUPIU -Ustudent
Enter student's password:
Domain=[WESTOS] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED
[kiosk@foundation78 Desktop]$
(3)读写控制
[root@localhost ~]# vim /etc/samba/smb.conf
[PIUPIU]
comment = local directory
path = /mnt
writable = yes
writable list = student
[root@localhost ~]# systemctl restart smb.service
测试:
[root@foundation78 mnt]# umount /mnt/
umount: /mnt/: not mounted
[root@foundation78 mnt]# mount -o username=student,password=redhat//172.25.254.179/PIUPIU /mnt/
[root@foundation78 mnt]# cd /mnt/
[root@foundation3 mnt]# ls
file1 file10 file2 file3 file4 file5 file6 file7 file8 file9
[root@foundation78 mnt]# rm -fr *
[root@foundation78 mnt]# ls
[root@foundation78 mnt]# touch file
[root@foundation78 mnt]# cd
[root@foundation78 ~]# umount /mnt/
- Samba
- Samba
- Samba
- samba
- Samba
- SAMBA
- samba
- samba
- samba
- samba
- samba
- samba
- samba
- samba
- samba
- samba
- SAMBA
- samba
- MATLAB学习笔记 函数记录(一)
- 文章解析整理:《如果你还没搞懂LSTM 网络,那本文绝对值得一看》
- iscsi
- Tornado应用笔记01-简介
- linux安装jdk
- Samba
- windows下安装rabbitmq的步骤详解
- 免费馅饼(简单动态规划)
- Js中作用域对于数组绑定事件的影响
- 【C/C++开发】STL erase()函数使用要小心
- Linux中umask的使用方法
- DES/3DES/AES 三种对称加密算法在 Java 中的实现
- Qt 自定义PushButton
- Java后端2017书单推荐
