Samba共享及自动挂载测试

要求:

1、在server0服务器上安装配置samba,工作组为STAFF,共享目录/smb1, 共享名smb1,仅允许192.168.100.0/24网段中的主机访问。samba用户user1可以读取,密码为Ynyd1234; 并且在desktop0服务器自动挂载到/mnt/smb1目录下。

2、配置共享目录/smb2,共享名smb2,仅允许192.168.100.0/24网段中的主机访问。
仅允许用户user1读取, user2读写,密码都为Ynyd1234;客户机desktop0以multiuser方式自动挂接到/mnt/smb2

服务端server0配置192.168.100.201:
# yum install samba samba-client -y
# firewall-cmd --permanent --add-service=samba
# firewall-cmd --reload
# systemctl enable smb nmb
# systemctl restart nmb smb
# netsat -antulp | grep smb
# mkdir /smb1
# mkdir /smb2
# chmod 777 /smb1
# chmod 777 /smb2
# chcon -R -t samba_share_t /smb1
# chcon -R -t samba_share_t /smb2

# man 8 semanage-fcontext

# semanage fcontext -a -t samba_share_t "/smb1(/.*)?"
# semanage fcontext -a -t samba_share_t "/smb2(/.*)?"
# ll -dZ /smb1
   drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /smb1
# ll -dZ /smb2
   drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /smb2
# useradd user1
# useradd user2
# smbpasswd -a user1
# smbpasswd -a user2

# vi /etc/samba/smb.conf
[global]
         workgroup = STAFF   #此处修改为STAFF,并新增以下内容

[smb1]
         path = /smb1
         #writable = yes #默认不加这句,user1及所有用户都只读,不可写。加上之后,所有用户都可写。
         hosts allow = 192.168.100.0/24

[smb2]
         path = /smb2
         hosts allow = 192.168.100.0/24
         writable = no
         write list = user2   #user2可写,当然也可读。
         read list = user1    #user1可读,不可写。

 

客户端desktop0配置:
#yum install -y samba-client cifs-utils

smbclient 连接测试

1、/smb1对所有用户只读。
[root@ldaptest ~]# smbclient //192.168.100.201/smb1 -U user1
Enter user1's password: 
Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2]
smb: \> ls
   .                                   D        0  Thu Dec 14 17:34:24 2017
   ..                                 DR        0  Thu Dec 14 16:50:29 2017
   smb1filetest                                 0  Thu Dec 14 17:34:24 2017

                53214 blocks of size 524288. 43678 blocks available
smb: \> mkdir user1_mkdirtest
NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \user1_mkdirtest
smb: \> quit
[root@ldaptest ~]# smbclient //192.168.100.201/smb1 -U user2
Enter user2's password: 
Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2]
smb: \> ls
   .                                   D        0  Thu Dec 14 17:34:24 2017
   ..                                 DR        0  Thu Dec 14 16:50:29 2017
   smb1filetest                                 0  Thu Dec 14 17:34:24 2017

                53214 blocks of size 524288. 43678 blocks available
smb: \> mkdir user2_mkdir_test
NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \user2_mkdir_test
smb: \> exit

2、/smb2对user1用户只读,不可写。对user2用户可读可写。
# smbclient //192.168.100.201/smb2 -U user1
Enter user1's password: 
Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2]
smb: \> ls
   .                                   D        0  Thu Dec 14 17:34:32 2017
   ..                                 DR        0  Thu Dec 14 16:50:29 2017
   smb2filetest                                 0  Thu Dec 14 17:34:32 2017

                53214 blocks of size 524288. 43677 blocks available
smb: \> mkdir user1_mkdir_test
NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \user1_mkdir_test
smb: \> quit
# smbclient //192.168.100.201/smb2 -U user2
Enter user2's password: 
Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2]
smb: \> ls
   .                                   D        0  Thu Dec 14 17:34:32 2017
   ..                                 DR        0  Thu Dec 14 16:50:29 2017
   smb2filetest                                 0  Thu Dec 14 17:34:32 2017

                53214 blocks of size 524288. 43677 blocks available
smb: \> mkdir user1_mkdir_test
smb: \> ls
   .                                   D        0  Thu Dec 14 17:38:12 2017
   ..                                 DR        0  Thu Dec 14 16:50:29 2017
   smb2filetest                                 0  Thu Dec 14 17:34:32 2017
   user1_mkdir_test                    D        0  Thu Dec 14 17:38:12 2017

                53214 blocks of size 524288. 43677 blocks available
smb: \> exit
[root@ldaptest ~]#

smbcliet常用命令测试:
?或help [command] 提供关于帮助或某个命令的帮助 
![shell command]   执行所用的SHELL命令,或让用户进入 SHELL提示符 
cd [目录]  切换到服务器端的指定目录,如未指定,则 smbclient 返回当前本地目录 
lcd [目录]  切换到客户端指定的目录; 
dir 或ls   列出当前目录下的文件; 
exit 或quit    退出smbclient 
get file1  file2 从服务器上下载file1,并以文件名file2存在本地机上;如果不想改名,可以把file2省略 
mget file1 file2 file3  filen 从服务器上下载多个文件; 
md或mkdir 目录 在服务器上创建目录 
rd或rmdir 目录 删除服务器上的目录 
put file1 [file2] 向服务器上传一个文件file1,传到服务器上改名为file2; 
mput file1 file2 filen 向服务器上传多个文件

# smbclient //192.168.100.201/smb2 -U user2
Enter user2's password: 
Interrupted by signal.
cd /boot/
# smbclient //192.168.100.201/smb2 -U user2
Enter user2's password: 
Domain=[STAFF] OS=[Windows 6.1] Server=[Samba 4.6.2]
smb: \> put 按Tab键列出/boot目录下的所有内容。
config-2.6.32-431.el6.x86_64           lost+found/
efi/                                   symvers-2.6.32-431.el6.x86_64.gz
grub/                                  System.map-2.6.32-431.el6.x86_64
initramfs-2.6.32-431.el6.x86_64.img    vmlinuz-2.6.32-431.el6.x86_64
initrd-2.6.32-431.el6.x86_64kdump.img  .vmlinuz-2.6.32-431.el6.x86_64.hmac
smb: \> lcd /tmp/    切换到客户机服务器的指定目录
smb: \> get initrd-2.6.32-431.el6.x86_64kdump.img 
getting file \initrd-2.6.32-431.el6.x86_64kdump.img of size 5089507 as initrd-2.6.32-431.el6.x86_64kdump.img (171386.4 KiloBytes/sec) (average 171387.0 KiloBytes/sec)

客户机desktop0 配置自动挂载:

# mkdir /mnt/smb1  创建挂载目录
# mkdir /mnt/smb2

挂载测试:

[root@desktop ~]# mount -t cifs -o username=user1 //192.168.100.201/smb1 /mnt/smb1
Password for user1@//192.168.100.201/smb1:  ********
[root@desktop ~]# ls /mnt/smb1/
smb1filetest
[root@desktop ~]# mount -t cifs -o username=user2 //192.168.100.201/smb2 /mnt/smb2
Password for user2@//192.168.100.201/smb2:  ********
[root@desktop ~]# ls /mnt/smb2/
initrd-2.6.32-431.el6.x86_64kdump.img  install.log  smb2filetest  user1_mkdir_test

# cat /root/smb1.passwd   手动新建这两个密码文件
username=user1
password=Ynyd1234
# cat /root/smb2.passwd
username=user2
password=Ynyd1234

# vi /etc/fstab 添加如下两行

# vi /etc/fstab 添加如下两行

//192.168.100.201/smb1 /mnt/smb1        cifs    defaults,credentials=/root/smb1.passwd 0 0
//192.168.100.201/smb2 /mnt/smb2        cifs    defaults,multiuser,credentials=/root/smb2.passwd,sec=ntlmssp 0 0

[root@desktop ~]# umount /mnt/smb1
[root@desktop ~]# umount /mnt/smb2/
[root@desktop ~]# ls /mnt/smb1/
[root@desktop ~]# ls /mnt/smb2/
[root@desktop ~]# mount –a   该命令会自动使用/etc/fstab配置文件里的内容完成挂载。
[root@desktop ~]# ls /mnt/smb1/
smb1filetest
[root@desktop ~]# ls /mnt/smb2/   
initrd-2.6.32-431.el6.x86_64kdump.img  install.log  smb2filetest  user1_mkdir_test
[root@ldesktop ~]# 自动挂载测试正常

客户端配置写的有点多,其实大部分都是测试的内容。在挂载前,我们先手动测试下看能否挂载成功,之后,再配置自动挂载。

总结起来就4点:1、安装samba-client cifs-utils 2、创建挂载目录 3、创建密码文件 4、编辑fstab配置文件。

posted on 2017-12-14 21:47  遠離塵世の方舟  阅读(4124)  评论(0编辑  收藏  举报

导航