Samba共享及自动挂载测试
要求:
1、在server0服务器上安装配置samba,工作组为STAFF,共享目录/smb1, 共享名smb1,仅允许192.168.100.0/24网段中的主机访问。samba用户user1可以读取,密码为Ynyd1234; 并且在desktop0服务器自动挂载到/mnt/smb1目录下。
2、配置共享目录/smb2,共享名smb2,仅允许192.168.100.0/24网段中的主机访问。
仅允许用户user1读取, user2读写,密码都为Ynyd1234;客户机desktop0以multiuser方式自动挂接到/mnt/smb2
服务端server0配置192.168.100.201:
# yum install samba samba-client -y
# firewall-cmd --permanent --add-service=samba
# firewall-cmd --reload
# systemctl enable smb nmb
# systemctl restart nmb smb
# netsat -antulp | grep smb
# mkdir /smb1
# mkdir /smb2
# chmod 777 /smb1
# chmod 777 /smb2
# chcon -R -t samba_share_t /smb1
# chcon -R -t samba_share_t /smb2
# man 8 semanage-fcontext
# semanage fcontext -a -t samba_share_t "/smb1(/.*)?"
# semanage fcontext -a -t samba_share_t "/smb2(/.*)?"
# ll -dZ /smb1
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /smb1
# ll -dZ /smb2
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /smb2
# useradd user1
# useradd user2
# smbpasswd -a user1
# smbpasswd -a user2
# vi /etc/samba/smb.conf [global] workgroup = STAFF #此处修改为STAFF,并新增以下内容 [smb1] path = /smb1 #writable = yes #默认不加这句,user1及所有用户都只读,不可写。加上之后,所有用户都可写。 hosts allow = 192.168.100.0/24 [smb2] path = /smb2 hosts allow = 192.168.100.0/24 writable = no write list = user2 #user2可写,当然也可读。 read list = user1 #user1可读,不可写。
客户端desktop0配置:
#yum install -y samba-client cifs-utils
smbclient 连接测试
1、/smb1对所有用户只读。 [root@ldaptest ~]# smbclient //192.168.100.201/smb1 -U user1 Enter user1's password: Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2] smb: \> ls . D 0 Thu Dec 14 17:34:24 2017 .. DR 0 Thu Dec 14 16:50:29 2017 smb1filetest 0 Thu Dec 14 17:34:24 2017 53214 blocks of size 524288. 43678 blocks available smb: \> mkdir user1_mkdirtest NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \user1_mkdirtest smb: \> quit [root@ldaptest ~]# smbclient //192.168.100.201/smb1 -U user2 Enter user2's password: Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2] smb: \> ls . D 0 Thu Dec 14 17:34:24 2017 .. DR 0 Thu Dec 14 16:50:29 2017 smb1filetest 0 Thu Dec 14 17:34:24 2017 53214 blocks of size 524288. 43678 blocks available smb: \> mkdir user2_mkdir_test NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \user2_mkdir_test smb: \> exit 2、/smb2对user1用户只读,不可写。对user2用户可读可写。 # smbclient //192.168.100.201/smb2 -U user1 Enter user1's password: Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2] smb: \> ls . D 0 Thu Dec 14 17:34:32 2017 .. DR 0 Thu Dec 14 16:50:29 2017 smb2filetest 0 Thu Dec 14 17:34:32 2017 53214 blocks of size 524288. 43677 blocks available smb: \> mkdir user1_mkdir_test NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \user1_mkdir_test smb: \> quit # smbclient //192.168.100.201/smb2 -U user2 Enter user2's password: Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2] smb: \> ls . D 0 Thu Dec 14 17:34:32 2017 .. DR 0 Thu Dec 14 16:50:29 2017 smb2filetest 0 Thu Dec 14 17:34:32 2017 53214 blocks of size 524288. 43677 blocks available smb: \> mkdir user1_mkdir_test smb: \> ls . D 0 Thu Dec 14 17:38:12 2017 .. DR 0 Thu Dec 14 16:50:29 2017 smb2filetest 0 Thu Dec 14 17:34:32 2017 user1_mkdir_test D 0 Thu Dec 14 17:38:12 2017 53214 blocks of size 524288. 43677 blocks available smb: \> exit [root@ldaptest ~]# smbcliet常用命令测试: ?或help [command] 提供关于帮助或某个命令的帮助 ![shell command] 执行所用的SHELL命令,或让用户进入 SHELL提示符 cd [目录] 切换到服务器端的指定目录,如未指定,则 smbclient 返回当前本地目录 lcd [目录] 切换到客户端指定的目录; dir 或ls 列出当前目录下的文件; exit 或quit 退出smbclient get file1 file2 从服务器上下载file1,并以文件名file2存在本地机上;如果不想改名,可以把file2省略 mget file1 file2 file3 filen 从服务器上下载多个文件; md或mkdir 目录 在服务器上创建目录 rd或rmdir 目录 删除服务器上的目录 put file1 [file2] 向服务器上传一个文件file1,传到服务器上改名为file2; mput file1 file2 filen 向服务器上传多个文件 # smbclient //192.168.100.201/smb2 -U user2 Enter user2's password: Interrupted by signal. cd /boot/ # smbclient //192.168.100.201/smb2 -U user2 Enter user2's password: Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2] smb: \> put 按Tab键列出/boot目录下的所有内容。 config-2.6.32-431.el6.x86_64 lost+found/ efi/ symvers-2.6.32-431.el6.x86_64.gz grub/ System.map-2.6.32-431.el6.x86_64 initramfs-2.6.32-431.el6.x86_64.img vmlinuz-2.6.32-431.el6.x86_64 initrd-2.6.32-431.el6.x86_64kdump.img .vmlinuz-2.6.32-431.el6.x86_64.hmac smb: \> lcd /tmp/ 切换到客户机服务器的指定目录 smb: \> get initrd-2.6.32-431.el6.x86_64kdump.img getting file \initrd-2.6.32-431.el6.x86_64kdump.img of size 5089507 as initrd-2.6.32-431.el6.x86_64kdump.img (171386.4 KiloBytes/sec) (average 171387.0 KiloBytes/sec)
客户机desktop0 配置自动挂载:
# mkdir /mnt/smb1 创建挂载目录
# mkdir /mnt/smb2
挂载测试:
[root@desktop ~]# mount -t cifs -o username=user1 //192.168.100.201/smb1 /mnt/smb1 Password for user1@//192.168.100.201/smb1: ******** [root@desktop ~]# ls /mnt/smb1/ smb1filetest [root@desktop ~]# mount -t cifs -o username=user2 //192.168.100.201/smb2 /mnt/smb2 Password for user2@//192.168.100.201/smb2: ******** [root@desktop ~]# ls /mnt/smb2/ initrd-2.6.32-431.el6.x86_64kdump.img install.log smb2filetest user1_mkdir_test
# cat /root/smb1.passwd 手动新建这两个密码文件
username=user1
password=Ynyd1234
# cat /root/smb2.passwd
username=user2
password=Ynyd1234
# vi /etc/fstab 添加如下两行
# vi /etc/fstab 添加如下两行
//192.168.100.201/smb1 /mnt/smb1 cifs defaults,credentials=/root/smb1.passwd 0 0 //192.168.100.201/smb2 /mnt/smb2 cifs defaults,multiuser,credentials=/root/smb2.passwd,sec=ntlmssp 0 0
[root@desktop ~]# umount /mnt/smb1
[root@desktop ~]# umount /mnt/smb2/
[root@desktop ~]# ls /mnt/smb1/
[root@desktop ~]# ls /mnt/smb2/
[root@desktop ~]# mount –a 该命令会自动使用/etc/fstab配置文件里的内容完成挂载。
[root@desktop ~]# ls /mnt/smb1/
smb1filetest
[root@desktop ~]# ls /mnt/smb2/
initrd-2.6.32-431.el6.x86_64kdump.img install.log smb2filetest user1_mkdir_test
[root@ldesktop ~]# 自动挂载测试正常
客户端配置写的有点多,其实大部分都是测试的内容。在挂载前,我们先手动测试下看能否挂载成功,之后,再配置自动挂载。
总结起来就4点:1、安装samba-client cifs-utils 2、创建挂载目录 3、创建密码文件 4、编辑fstab配置文件。