标签:samba
samba
一定义
提供cifs协议,可实现linux和windows的共享
二 Samba服务的组成部分
1. 软件包:
Samba-common – Samba的支持文件
Samba-client – 客户端应用程序
Samba – 服务器应用程序
2. 服务名称:smb nmb
3. 服务端口: 通常使用TCP/445进行所有连接。还使用UDP137、UDP138和TCP/139进行向后兼容
4. 主配置文件:/etc/samba/smb.conf
5 samba开启的端口:
smb:445,139
nmb:137,138
过程如下:
[root@localhost ~]# netstat -antlupe | grep smb
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 204147 5723/smbd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 204148 5723/smbd
tcp6 0 0 :::445 :::* LISTEN 0 204145 5723/smbd
tcp6 0 0 :::139 :::* LISTEN 0 204146 5723/smbd
[root@localhost ~]# netstat -antlupe | grep nmb
udp 0 0 172.25.12.255:137 0.0.0.0:* 0 204100 5722/nmbd
udp 0 0 172.25.12.10:137 0.0.0.0:* 0 204099 5722/nmbd
udp 0 0 172.25.254.255:137 0.0.0.0:* 0 204096 5722/nmbd
udp 0 0 172.25.254.112:137 0.0.0.0:* 0 204095 5722/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 0 204092 5722/nmbd
udp 0 0 172.25.12.255:138 0.0.0.0:* 0 204102 5722/nmbd
udp 0 0 172.25.12.10:138 0.0.0.0:* 0 204101 5722/nmbd
udp 0 0 172.25.254.255:138 0.0.0.0:* 0 204098 5722/nmbd
udp 0 0 172.25.254.112:138 0.0.0.0:* 0 204097 5722/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 0 204093 5722/nmbd
三 samba配置
1)
1 systemctl stop firewalld.service
2 yum install samba samba-common samba-client -y
3 systemctl start smb nmb
4 systemctl enable smb.service nmb.service
在客户端,可以用smbclient -L //172.25.254.112 查看能否访问共享目录
2)samba用户的添加,必须是本地用户###
1 smbpasswd -a student
2 pdbedit-L###查看samba用户###
3 pdbedit-xsamba用户###删除samba用户###
4 getsebool -a | grep samba###查看samba的selinux###
5 setsebool -P samba_enable_home_dirs 1###开启samba用户登入自己家目录的功能###
测试:
smbclient -L //172.25.254.112 -U student###看能否访问共享目录###
smbclient //172.25.254.112/student -U student###访问samba用户的家目录###
过程如下:
samba服务端:
[root@localhost ~]# yum install samba samba-common -y
[root@localhost ~]# systemctl start smb nmb
[root@localhost ~]# systemctl enable smb.service nmb.service
ln -s ‘/usr/lib/systemd/system/smb.service‘ ‘/etc/systemd/system/multi-user.target.wants/smb.service‘
ln -s ‘/usr/lib/systemd/system/nmb.service‘ ‘/etc/systemd/system/multi-user.target.wants/nmb.service‘
[root@localhost ~]# netstat -antlupe | grep smb
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 204147 5723/smbd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 204148 5723/smbd
tcp6 0 0 :::445 :::* LISTEN 0 204145 5723/smbd
tcp6 0 0 :::139 :::* LISTEN 0 204146 5723/smbd
[root@localhost ~]# netstat -antlupe | grep nmb
udp 0 0 172.25.12.255:137 0.0.0.0:* 0 204100 5722/nmbd
udp 0 0 172.25.12.10:137 0.0.0.0:* 0 204099 5722/nmbd
udp 0 0 172.25.254.255:137 0.0.0.0:* 0 204096 5722/nmbd
udp 0 0 172.25.254.112:137 0.0.0.0:* 0 204095 5722/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 0 204092 5722/nmbd
udp 0 0 172.25.12.255:138 0.0.0.0:* 0 204102 5722/nmbd
udp 0 0 172.25.12.10:138 0.0.0.0:* 0 204101 5722/nmbd
udp 0 0 172.25.254.255:138 0.0.0.0:* 0 204098 5722/nmbd
udp 0 0 172.25.254.112:138 0.0.0.0:* 0 204097 5722/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 0 204093 5722/nmbd
[root@localhost ~]# smbpasswd -a student
New SMB password:###输入samba用户密码###
Retype new SMB password:###确认密码###
Added user student.
[root@localhost ~]# pdbedit -L
student:1000:Student User
[root@localhost ~]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
[root@localhost ~]# setsebool -P samba_enable_home_dirs 1###samba的配置文件里有关于samba的selinux的信息###
测试:
客户端:
[root@foundation12 Desktop]# yum install samba-client -y
[root@foundation12 Desktop]# smbclient -L //172.25.254.112 -U student
Enter student‘s password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.2.3)
student Disk Home Directories
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
Server Comment
--------- -------
DESKTOP Samba Server Version 4.1.1
DESKTOP36 Samba Server Version 4.1.1
LOCALHOST Samba Server Version 4.2.3
SERVER31 Samba Server Version 4.1.1
Workgroup Master
--------- -------
MYGROUP LOCALHOST
[root@foundation12 Desktop]# smbclient //172.25.254.112/student -U student
Enter student‘s password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \*
smb: \> ls
. D 0 Fri Jul 11 07:06:52 2014
.. D 0 Fri Jul 11 06:19:09 2014
.bash_logout H 18 Wed Jan 29 20:45:18 2014
.bash_profile H 193 Wed Jan 29 20:45:18 2014
.bashrc H 231 Wed Jan 29 20:45:18 2014
.ssh DH 0 Fri Jul 11 06:19:10 2014
.config DH 0 Fri Jul 11 07:06:53 2014
10473900 blocks of size 1024. 7274676 blocks available
smb: \> q
三 samba共享目录
samba服务端:
1)共享自己建立的目录
1 mkdir /smbshare
2 touch /smbshare/westoslinux...
3 vim /etc/samba/smb.conf###编辑samba的配置文件###
内容:
[westos]###共享名称###
comment = local directory###共享目录的描述###
path = /smbshare###共享目录的绝对路径###
4 systemctl restart smb.service###重启samba服务###
5 semanage fcontext -a -t samba_share_t ‘/smbshare(/.*)?‘###修改安全上下文,使得所建立的目录的安全上下文与samba一致,能够访问###
6 restorecon -RvvF /smbshare/###刷新###
测试:
samba客户端:
smbclient //172.25.254.112/westos -U student
过程如下:
samba服务端:
[root@localhost ~]# mkdir /smbshare
[root@localhost ~]# touch /smbshare/westoslinux...
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# systemctl restart smb.service
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# systemctl restart smb.service
[root@localhost ~]# semanage fcontext -a -t samba_share_t ‘/smbshare(/.*)?‘
[root@localhost ~]# restorecon -RvvF /smbshare/
restorecon reset /smbshare context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
restorecon reset /smbshare/westoslinux... context
测试:
samba客户端:
[root@foundation12 Desktop]# smbclient //172.25.254.178/westos -U student
Enter student‘s password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Sun Jun 4 21:07:28 2017
.. D 0 Sun Jun 4 21:07:14 2017
westoslinux N 0 Sun Jun 4 21:07:28 2017
10473900 blocks of size 1024. 6642952 blocks available
smb: \>
2)共享系统目录
共享系统目录的时候不能将系统目录的安全上下文修改,不然系统目录的其他文件就看不到了,因此,要将selinux的samba只读功能开启
samba服务端:
1 touch /mnt/file{1..6}###建立共享目录下的文件###
2 vim /etc/samba/smb.conf
内容:
[westos]
comment = local directory
path = /mnt
3 systemctl restart smb.service###重启服务###
4 setsebool -P samba_export_all_ro 1###开启samba只读功能###
测试:
smbclient //172.25.254.112/westos -U student
过程如下:
[root@localhost mnt]# touch /mnt/file{1..6}
[root@localhost mnt]# ls
file1 file2 file3 file4 file5 file6
[root@localhost mnt]# vim /etc/samba/smb.conf
[root@localhost mnt]# systemctl restart smb.service
[root@localhost mnt]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
[root@localhost mnt]# setsebool -P samba_export_all_ro 1
测试:
[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student
Enter student‘s password:
Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:25:29 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024. 7274976 blocks available
smb: \>
四 匿名用户控制访问
samba服务端:
1 vim /etc/samba/smb.conf
内容:
125 map to guest = bad user###所有匿名用户指向guest###
322 [westos]
323 comment = local directory
324 path = /mnt
325 guest ok = yes###允许匿名用户访问###
2 systemctl restart smb.service ###重启服务###
测试:
smbclient //172.25.254.112/westos
过程如下:
[root@localhost smbshare]# vim /etc/samba/smb.conf
[root@localhost smbshare]# systemctl restart smb.service ###重启服务###
测试:
[root@foundation12 Desktop]# smbclient //172.25.254.112/westos
Enter kiosk‘s password: ###没有密码,回车跳过###
Anonymous login successful
Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:25:29 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024. 7274640 blocks available
smb: \> quit
五 访问控制
1) 仅允许某个主机访问
1 vim /etc/samba/smb.conf
内容:
322 [westos]
323 comment = local directory
324 path = /mnt
325 hosts allow = 172.25.254.12 ###仅允许12主机访问###
2 systemctl restart smb.service
测试:
smbclient //172.25.254.112/westos -U westos
过程如下:
[root@localhost smbshare]# vim /etc/samba/smb.conf
[root@localhost smbshare]# systemctl restart smb.service
测试:
[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student
Enter westos‘s password:
Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:25:29 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024. 7274576 blocks available
smb: \> quit
2)仅拒绝某个主机访问
1 vim /etc/samba/smb.conf
内容:
322 [westos]
323 comment = local directory
324 path = /mnt
325 hosts deny = 172.25.254.12 ###仅拒绝12主机访问###
2 systemctl restart smb.service
测试:
smbclient //172.25.254.112/westos
过程如下:
[root@localhost smbshare]# vim /etc/samba/smb.conf
[root@localhost smbshare]# systemctl restart smb.service
测试:
[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student
Enter kiosk‘s password:
Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]
tree connect failed: NT_STATUS_ACCESS_DENIED
六 有效用户访问
1 useradd westos -s /sbin/nologin westos
2 smbpasswd -a westos###添加smaba用户###
3 vim /etc/samba/smb.conf
内容:
322 [westos]
323 comment = local directory
324 path = /mnt
325 valid user = westos###有效用户访问###
4 systemctl restart smb.service
测试:
smbclient //172.25.254.112/westos -U westos###可以访问###
smbclient //172.25.254.178/westos -U student###不可以访问###
过程如下:
[root@localhost smbshare]# useradd westos
[root@localhost smbshare]# smbpasswd -a westos###添加smaba用户###
New SMB password:
Retype new SMB password:
Added user westos.
[root@localhost smbshare]# vim /etc/samba/smb.conf
内容:
322 [westos]
323 comment = local directory
324 path = /mnt
325 valid users = westos###有效用户访问###
[root@localhost smbshare]# systemctl restart smb.service
测试:
[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U westos
Enter westos‘s password:
Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:25:29 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024. 7274576 blocks available
smb: \> quit
[root@localhost ~]# smbclient //172.25.254.178/westos -U student
Enter student‘s password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]
tree connect failed: NT_STATUS_ACCESS_DENIED
七 有效用户组的访问
samba服务端:
1 vim /etc/samba/smb.conf
内容:
[westos]
comment = local directory
path = /mnt
valid users = @westos###有效用户组访问###
2 systemctl restart smb
测试:
1 usermod -G westos student###添加附加组westos
2 smbclient //172.25.254.112/westos -U student
过程如下:
[root@localhost smbshare]# vim /etc/samba/smb.conf
[root@localhost smbshare]# systemctl restart smb
[root@localhost smbshare]# id westos
uid=1001(westos) gid=1001(westos) groups=1001(westos)
[root@localhost smbshare]# id student
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)
[root@localhost smbshare]# usermod -G westos student
[root@localhost smbshare]# id student
uid=1000(student) gid=1000(student) groups=1000(student),1001(westos)
[root@localhost smbshare]#
测试:
[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student
Enter student‘s password:
Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]
smb: \> ls
. D 0 Sat Jun 3 14:38:50 2017
.. D 0 Sat Jun 3 14:25:29 2017
file1 N 0 Sat Jun 3 14:38:50 2017
file2 N 0 Sat Jun 3 14:38:50 2017
file3 N 0 Sat Jun 3 14:38:50 2017
file4 N 0 Sat Jun 3 14:38:50 2017
file5 N 0 Sat Jun 3 14:38:50 2017
file6 N 0 Sat Jun 3 14:38:50 2017
10473900 blocks of size 1024. 7274880 blocks available
smb: \>
八 读写控制
一般情况下,是不允许往共享目录内进行写操作,如下:
[root@localhost ~]# mount -o username=westos,password=westos //172.25.254.112/westos /mnt/将共享目录westos以samba用户westos挂载到/mnt下###
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ll
total 0
-rw-r--r--. 1 root root 0 Jun 4 21:52 file1
-rw-r--r--. 1 root root 0 Jun 4 21:52 file2
-rw-r--r--. 1 root root 0 Jun 4 21:52 file3
[root@localhost mnt]# touch file10###进行写操作###
touch: cannot touch ‘file10’: Permission denied
[root@localhost mnt]#
1)所有用户均可以写:
samba服务器:
1 vim /etc/samba/smb.conf
内容:
[westos]
comment = local directory
path = /mnt
writable = yes###允许写操作###
2 chmod o+w /mnt/###当访问共享目录的时候,用户身份发生了改变,因此要使/mnt对其他用户有权限###
3 systemctl restart smb
4 setsebool -P samba_export_all_rw on###开启读写共享功能###
测试:
客户端:
mount -o username=westos,password=westos //172.25.254.112/westos /mnt/
过程如下:
[root@localhost ~]# vim /etc/samba/smb.conf
[root@localhost ~]# ll /mnt/
total 0
-rw-r--r--. 1 root root 0 Jun 3 02:38 file1
-rw-r--r--. 1 root root 0 Jun 3 02:38 file2
-rw-r--r--. 1 root root 0 Jun 3 02:38 file3
-rw-r--r--. 1 root root 0 Jun 3 02:38 file4
-rw-r--r--. 1 root root 0 Jun 3 02:38 file5
-rw-r--r--. 1 root root 0 Jun 3 02:38 file6
[root@localhost ~]# chmod o+w /mnt/
[root@localhost ~]# setsebool -P samba_export_all_rw on
[root@localhost ~]#
测试:
[root@foundation12 ~]# mount -o username=westos,password=westos //172.25.254.112/westos /mnt/
[root@foundation12 ~]# cd /mnt/
[root@foundation12 mnt]# ls
file1 file2 file3 file4 file5 file6
[root@foundation12 mnt]# touch file7
[root@foundation12 mnt]# ls
file1 file2 file3 file4 file5 file6 file7
[root@foundation12 mnt]# ls -l file7
-rw-r--r-- 1 1001 1001 0 Jun 3 15:51 file7
[root@foundation12 mnt]# ll file7
-rw-r--r-- 1 1001 1001 0 Jun 3 15:51 file7
[root@foundation12 mnt]#
2)指定用户可以写:
samba服务端:
1 vim /etc/samba/smb.conf
内容:
[westos]
comment=local directory
path = /mnt
writable = no
write list = student###指定只有samba的student用户可以写,若是@(+)student则是指指定用户组可以写###
2 systemctl restart smb
测试:
mount -o username=westos,password=westos //172.25.254.178/westos /mnt/###查看westos用户是否可写###
mount -o username=student,password=student //172.25.254.178/westos /mnt/###查看student用户是否可写###
过程如下:
[root@desktop ~]# vim /etc/samba/smb.conf
[root@desktop ~]# systemctl restart smb
图
测试:
[root@localhost ~]# mount -o username=westos,password=westos //172.25.254.178/westos /mnt/
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
file1 file2 file3 file4 file5 file6 file7
[root@localhost mnt]# rm -fr *###wstos用户不可写###
rm: cannot remove ‘file1’: Read-only file system
rm: cannot remove ‘file2’: Read-only file system
rm: cannot remove ‘file3’: Read-only file system
rm: cannot remove ‘file4’: Read-only file system
rm: cannot remove ‘file5’: Read-only file system
rm: cannot remove ‘file6’: Read-only file system
rm: cannot remove ‘file7’: Read-only file system
[root@localhost mnt]# cd
[root@localhost ~]# umount /mnt/
[root@localhost ~]# mount -o username=student,password=student //172.25.254.178/westos /mnt/
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
file1 file2 file3 file4 file5 file6 file7
[root@localhost mnt]# touch file8###student用户可写###
[root@localhost mnt]# ls
file1 file2 file3 file4 file5 file6 file7 file8
[root@localhost mnt]#
九 共享的超级用户指定
在客户端访问共目录并且进行写操作时,用户身份发生了变化,变成了当前的登入的samba用户,当共享目录的超级用户指定时,用该samba用户进行写操作时,就变成了超级用户的操作
samba服务端:
1 vim /etc/samba/smb.conf
内容:
[westos]
comment = local directory
path = /mnt
writable = yes
admin users = westos
2 systemctl restart smb
测试:
客户端:
1 chmod o-w /mnt/###使共享目录只对超级用户有写权限###
2 mount -o username=westos,password=westos //172.25.254.112/westos /mnt/###挂载共享目录到/mnt下###
过程如下:
samba服务端:
[root@desktop ~]# vim /etc/samba/smb.conf
[root@desktop ~]# systemctl restart smb
[root@desktop ~]# chmod o-w /mnt/
测试:
[root@localhost ~]# mount -o username=westos,password=westos //172.25.254.178/westos /mnt/
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
file1 file10 file2 file3 file4 file5 file6 file7 file8 file9
[root@localhost mnt]# ll
total 0
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file1
-rw-r--r--. 1 student student 0 Jun 5 15:00 file10
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file2
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file3
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file4
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file5
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file6
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file7
-rw-r--r--. 1 student student 0 Jun 5 14:41 file8
-rw-r--r--. 1 student student 0 Jun 5 14:58 file9
[root@localhost mnt]# touch file11
[root@localhost mnt]# ls
file1 file10 file11 file2 file3 file4 file5 file6 file7 file8 file9
[root@localhost mnt]# ll
total 0
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file1
-rw-r--r--. 1 student student 0 Jun 5 15:00 file10
-rw-r--r--. 1 root 1001 0 Jun 5 15:12 file11###变成了超级用户
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file2
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file3
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file4
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file5
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file6
-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file7
-rw-r--r--. 1 student student 0 Jun 5 14:41 file8
-rw-r--r--. 1 student student 0 Jun 5 14:58 file9
[root@localhost mnt]#
十 多用户挂载
当把共享目录挂载到本机的目录上的时侯,普通用户也可以访文该共享目录,因此,要进行多用户挂载,只有smb认证的才能访问smb共享目录
在客户端进行操作:
1 vim /root/westos###编写用户文件,文件名任意,指定挂载时要用###
内容:
username=westos###samba用户名###
password=westos###samba用户的密码###
2 chmod 600 /root/westos###只有超级用户可以读取该文件###
3 yum install cifs-utils -y
4 mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.112/westos /mnt/
#credentials=/root/haha指定挂载时所用到的用户文件
#multiuser支持多用户认证
#sec=ntlmssp认证方式为标准smb认证方式
测试:
过程如下:
[root@foundation12 Desktop]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.112/westos /mnt/
[root@foundation12 Desktop]# cd /mnt/
[root@foundation12 mnt]# ls
file1 file10 file2 file3 file4 file5 file6 file7 file8 file9
[root@foundation12 mnt]# su - kiosk
Last login: Sat Jun 3 16:38:40 CST 2017 on pts/2
[kiosk@foundation12 ~]$ cd /mnt
[kiosk@foundation12 mnt]$ ls
ls: reading directory .: Permission denied###没有smb认证无法访问共享目录###
[kiosk@foundation12 mnt]$ cifscreds add -u student 172.25.254.112###使得该普通用户kiosk能够以samba用户student的身份去访问samba共享目录###
Password:
[kiosk@foundation12 mnt]$ ls
file1 file10 file2 file3 file4 file5 file6 file7 file8 file9
[kiosk@foundation12 mnt]$
标签:samba
原文地址:http://12774272.blog.51cto.com/12764272/1933924
