Linux运维第二十二讲
来源:互联网 发布:怎样修改淘宝卖家地址 编辑:程序博客网 时间:2024/04/30 01:20
#######################
1.samba
########################################
1.1 服务的安装和用户的建立
1 yum install samba-client samba-common samba -y ##安装samba服务
5 systemctl stop firewalld.service ##关闭防火墙
6 setsebool -P samba_enable_home_dirs on ##初始状态为不允许访问家目录,此步操作为开启
7 getsebool -a | grep samba ##查看samba的sexlinux状态
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
8 systemctl start smb ##开启服务
9 smbpasswd -a student ##建立用户,此用户必须是电脑存在的用户(需要配置密码,密码可随意填写)
10 pdbedit -L ##查看用户列表
pdbedit -x student ##删除用户student
11 smbclient -L //172.25.254.124 -U student ##连接共享服务
12 smbclient //172.25.254.124/student -U student ##进入该用户家目录
smbclient //172.25.254.124/student -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jul 10 19:06:52 2014
.. D 0 Thu Jul 10 18:19:09 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
.bash_profile H 193 Wed Jan 29 07:45:18 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.ssh DH 0 Thu Jul 10 18:19:10 2014
.config DH 0 Thu Jul 10 19:06:53 2014
40913 blocks of size 262144. 28582 blocks available
smb: \>
##########################################
1.2 共享目录
20 mkdir /jet ##建立测试目录
21 mkdir /ypa
22 vim /etc/samba/smb.conf ##修改配置文件
.....
workgroup = LINUXJET
321 [jet]
322 comment = this is myself mkdir
323 path = /jet
324 [ypa]
325 comment = this is ypa
326 path = /ypa
.....
23 systemctl restart smb.service
25 semanage fcontext -a -t samba_share_t '/jet(/.*)?' ##修改安全上下文只对,该目录有效。故保证ypa目录也可被访问,则需要修改selinux里面的
26 restorecon -FvvR /jet/
29 smbclient //172.25.254.124/jet -U student
smbclient //172.25.254.124/jet -U student
Enter student's password:
Domain=[LINUXJET](此处名字修改,即为主配置文件中22行的修改变量) OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Fri Mar 17 22:13:45 2017
.. D 0 Fri Mar 17 22:13:52 2017
40913 blocks of size 262144. 28546 blocks available
smb: \>
30 smbclient //172.25.254.124/ypa -U student
31 getsebool -a | grep samba
32 setsebool -P samba_export_all_rw on ##修改读写权限,包括系统目录及自建目录。这个开启后就与文件的安全上下文无关
[root@samba student]# smbclient -L //172.25.254.124 -U student
Enter student's password:
Domain=[LINUXJET](此处名字修改,即为主配置文件中22行的修改变量) OS=[Unix] Server=[Samba 4.1.1]
Sharename Type Comment
--------- ---- -------
jet Disk this is myself mkdir
ypa Disk this is ypa
IPC$ IPC IPC Service (Samba Server Version 4.1.1)
student Disk Home Directories
Domain=[LINUXJET] OS=[Unix] Server=[Samba 4.1.1]
Server Comment
--------- -------
Workgroup Master
--------- -------
#################################
1.3 samba 匿名访问
47 vim /etc/samba/smb.conf
....
125 map to guest = bad user
321 [jet]
322 comment = this is myself mkdir
323 path = /jet
324 guest ok = yes
....
48 systemctl restart smb.service
49 smbclient //172.25.254.124/jet ##测试
smbclient //172.25.254.124/jet
Enter root's password: ##直接回车就行
Domain=[LINUXJET] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Fri Mar 17 22:13:45 2017
.. D 0 Fri Mar 17 22:13:52 2017
40913 blocks of size 262144. 28581 blocks available
smb: \>
51 mount //172.25.254.124/jet /mnt/ -o username=guest
52 df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3156972 7316928 31% /
devtmpfs 481120 0 481120 0% /dev
tmpfs 496708 140 496568 1% /dev/shm
tmpfs 496708 13036 483672 3% /run
tmpfs 496708 0 496708 0% /sys/fs/cgroup
//172.25.254.124/jet 10473900 3156972 7316928 31% /mnt
53 cd /mnt/
54 ls -a
####################################
1.4 samba 共享目录的管理参数
84 useradd wula
85 smbpasswd -a wula
86 pdbedit -L
87 usermod -G student wula
88 id wula
89 vim /etc/samba/smb.conf
321 [jet]
322 comment = this is myself mkdir
323 path = /jet
324 guest ok = yes
325 #writable = yes ##可写权限,对全用户公开
326 #write list = +student ##可写权限,只限于某用户(直接加用户名)或某组(+,@组名)
#valid users = student ##允许那个用户登陆
#valid users = @student ## 允许那个用户组内成员登陆
#browseable = no ##是否显示分享目录
#admin users = wula ##赋予某用户管理员权限
#####################################
1.5 smb多用户挂载
服务端主配置文件:
......
[jet]
comment = this is myself mkdir
path = /jet
#guest ok = yes
#writable = yes
#write list = +student
#valid users = +student
......
客户端设置:
1000 yum install cifs-utils -y
1001 vim /root/passfile
username=student ##smb用户
password=1234 ##smb用户密码
1003 mount //172.25.254.124/jet /mnt/ -o credentials=/root/passfile,multiuser,sec=ntlmssp
1004 df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda3 307974224 23330728 284643496 8% /
devtmpfs 1868076 0 1868076 0% /dev
tmpfs 1881152 492 1880660 1% /dev/shm
tmpfs 1881152 9052 1872100 1% /run
tmpfs 1881152 0 1881152 0% /sys/fs/cgroup
/dev/sda1 508588 149320 359268 30% /boot
/dev/loop0 3947824 3947824 0 100% /var/www/html/rhel7.2
tmpfs 376232 24 376208 1% /run/user/1000
//172.25.254.124/jet 10473900 3157132 7316768 31% /mnt
1005 useradd wula
1007 passwd wula
1008 su - wula
ls /mnt ##查看失败
10 cifscreds add 172.25.254.124 ##做认证,密码输入为的smb用户密码
11 cd /mnt/
12 ls ##查看成功
1017 useradd la ##该用户不是smb中的用户
1018 passwd la
1019 su - la
1 cifscreds add 172.25.254.124 ##即使完成认证
2 cd /mnt
3 ls ##查看还是失败
(多用户挂载可以使得客户端多用户,共享该目录并且防止非smb用户对分享目录的访问,之前的smb用户依旧可以使用原本账户登陆)
####################################
####################################
2.ISCSI
2.1 服务端设置
2 yum install targetcli.noarch -y ##服务端服务
3 systemctl start target ##开启服务
4 systemctl enable target ##设置开机启动
5 systemctl status firewalld.service
fdisk /dev/vdb ##创建一2G的分区
[root@samba ~]# targetcli
targetcli shell version 2.1.fb34
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ..................................................................... [...]
o- backstores .......................................................... [...]
| o- block .............................................. [Storage Objects: 0]
| o- fileio ............................................. [Storage Objects: 0]
| o- pscsi .............................................. [Storage Objects: 0]
| o- ramdisk ............................................ [Storage Objects: 0]
o- iscsi ........................................................ [Targets: 0]
o- loopback ..................................................... [Targets: 0]
/> /backstores/block create westos:storage1 /dev/vdb1 ##关联分区
Created block storage object westos:storage1 using /dev/vdb1.
/>
/> /iscsi create iqn.2017-03.com.westos:strage1
Created target iqn.2017-03.com.westos:strage1.
Created TPG 1.
/> /iscsi/iqn.2017-03.com.westos:strage1/tpg1/acls create iqn.2017-03.com.westos:key1
Created Node ACL for iqn.2017-03.com.westos:key1
/> /iscsi/iqn.2017-03.com.westos:strage1/tpg1/luns create /backstores/block/westos:storage1
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2017-03.com.westos:key1
/> /iscsi/iqn.2017-03.com.westos:strage1/tpg1/portals create 172.25.254.124
Using default IP port 3260
Created network portal 172.25.254.124:3260.
/> ls
o- / ..................................................................... [...]
o- backstores .......................................................... [...]
| o- block .............................................. [Storage Objects: 1]
| | o- westos:storage1 ............. [/dev/vdb1 (2.0GiB) write-thru activated]
| o- fileio ............................................. [Storage Objects: 0]
| o- pscsi .............................................. [Storage Objects: 0]
| o- ramdisk ............................................ [Storage Objects: 0]
o- iscsi ........................................................ [Targets: 1]
| o- iqn.2017-03.com.westos:strage1 ................................ [TPGs: 1]
| o- tpg1 ........................................... [no-gen-acls, no-auth]
| o- acls ...................................................... [ACLs: 1]
| | o- iqn.2017-03.com.westos:key1 ...................... [Mapped LUNs: 1]
| | o- mapped_lun0 ................... [lun0 block/westos:storage1 (rw)]
| o- luns ...................................................... [LUNs: 1]
| | o- lun0 .......................... [block/westos:storage1 (/dev/vdb1)]
| o- portals ................................................ [Portals: 0]
o- loopback ..................................................... [Targets: 0]
/>
( clearconfig confirm=true ##这个是删除之前设置的)
2.2 客户端配置
4 yum install iscsi-initiator-utils.x86_64 -y
5 systemctl start iscsi
6 vim /etc/iscsi/initiatorname.iscsi
7 systemctl start iscsi
8 iscsiadm -m discovery -t st -p 172.25.254.124
9 systemctl restart iscsi
10 iscsiadm -m node -T iqn.2017-03.com.westos:strage1 -p 172.25.254.124 -l ##登陆该设备
11 fdisk -l
[root@maillinux ~]# fdisk -l
Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00013f3e
Device Boot Start End Blocks Id System
/dev/vda1 * 2048 20970332 10484142+ 83 Linux
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/sda: 2147 MB, 2147483648 bytes, 4194304 sectors ##所分享出来的设备
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 4194304 bytes
mkfs.xfs /dev/sda ##格式化
mount /dev/sda /mnt ##挂载,相当于文件系统分享给客户端
umount /mnt ##先卸载
13 iscsiadm -m node -T iqn.2017-03.com.westos:strage1 -p 172.25.254.124 -u ##退出登陆
14 iscsiadm -m node -T iqn.2017-03.com.westos:strage1 -p 172.25.254.124 -o delete ##删除设置
vim /etc/iscsi/initiatorname.iscsi ##将该文件中的密码字符破坏即可
15 fdisk -l
Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00013f3e
Device Boot Start End Blocks Id System
/dev/vda1 * 2048 20970332 10484142+ 83 Linux
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
( systemctl restart iscsid ##开机启动加载的
systemctl restart iscsi ##永久性 )
- Linux运维第二十二讲
- 第二十二讲:深入数组
- 第二十二讲:多线程编程
- 第二十二讲项目2
- 读书笔记(第二十二讲)Interface
- Linux运维第一讲
- Linux运维第二讲
- Linux运维第四讲
- Linux运维第三讲
- Linux运维第五讲
- Linux运维第六讲
- Linux运维第七讲
- Linux运维第八讲
- Linux运维第九讲
- Linux运维第十讲
- Linux运维第十一讲
- Linux运维第十二讲
- Linux运维第十四讲
- (泛型)FanXinglei
- 贝叶斯-笔记(1)
- C++ STL 一般总结
- 阿里笔试_ //如果有人n分钟内,连续发帖M次,将本人封杀掉
- Java入门教程之图书管理系统(由简入繁)(三)
- Linux运维第二十二讲
- struts2使用html的布局
- 设计一个一百亿的计算器
- Ceph源码分析之Async模块:1、异步通信核心模块EventCenter+Epoll
- 性能优化:使用SparseArray和ArrayMap代替HashMap
- K-means之C++及OpenCV实现
- UVa 12435
- C++利用vector容器实现最大最小元问题
- make your own phpstorm epa