> RedHat >

RHEL6.4下Samba服务器搭建

实验需求:

RHEL6.4下搭建samba服务器

将目录/data共享,共享名设置为software

拒绝匿名用户访问,只允许manager组成员访问


1.服务器(192.168.100.1)安装软件包

[root@samba-server Desktop]# yum -y install samba samba-common samba-client

 


2.编辑主配置文件

[root@samba-server Desktop]# vim /etc/samba/smb.conf

……

 74        workgroup = jin

 75        server string = my fist file server

……

 89        log file = /var/log/samba/%m.log    //日志文件

...

 91        max log size = 50

...

101        security = user

102        passdb backend = tdbsam

……

255 [software]

256        comment = software

257        path = /data

258        browseable = yes

259        public = no

260        writable = yes            //可写

261        valid users = @manager 

262        write list = @manager

 


[root@samba-server Desktop]# testparm  //此命令测试主配置文件语法

 


3.创建测试用户与组,共享目录

[root@samba-server Desktop]# groupadd manager

[root@samba-server Desktop]# useradd -G manager obama

[root@samba-server Desktop]# useradd -G manager bush

[root@samba-server Desktop]# useradd sanmao          //非manager组成员账号

[root@samba-server Desktop]# echo 123456 | passwd --stdin obama

[root@samba-server Desktop]# echo 123456 | passwd --stdin bush

[root@samba-server Desktop]# echo 123456 | passwd --stdin sanmao

[root@samba-server Desktop]# pdbedit -a -u obama      //添加共享账号

[root@samba-server Desktop]# pdbedit -a -u bush

[root@samba-server Desktop]# pdbedit -a -u sanmao

[root@samba-server Desktop]# pdbedit -L              //查看samba库中共享用户

obama:503:

bush:504:

sanmao:505:

 


[root@samba-server Desktop]# mkdir /data   

[root@samba-server Desktop]# touch /data/test.txt     

[root@samba-server Desktop]# setfacl -m g:manager:rwx /data 

[root@samba-server Desktop]# getfacl /data

getfacl: Removing leading '/' from absolute path names

# file: data

# owner: root

# group: root

user::rwx

group::r-x

group:manager:rwx                  //确认manager组权限

mask::rwx

other::r-x

 

 

 

4.启动服务

[root@samba-server Desktop]# service smb start

[root@samba-server Desktop]# service nmb start

[root@samba-server Desktop]# chkconfig smb on

[root@samba-server Desktop]# chkconfig nmb on

 


5.linux客户端测试

[root@client ~]# smbclient -U obama //192.168.100.1/software

Enter bush's password:

Domain=[JIN] OS=[Unix] Server=[Samba 3.6.9-151.el6]

smb: \> ls

  .                                  D        0  Wed Apr 16 08:50:29 2014

  ..                                DR        0  Wed Apr 16 08:28:12 2014

  test.txt                                    0  Wed Apr 16 08:28:40 2014

 


63699 blocks of size 262144. 49537 blocks available              //成功登录

 


[root@client ~]# mount -t cifs  //192.168.100.1/software /mnt -o username=obama  //将共享挂载

mount: block device //192.168.100.1/software is write-protected, mounting read-only

mount: cannot mount block device //192.168.100.1/software read-only    //此错误是由于未安装cifs-utils软件包

 


[root@client ~]#yum -y install cifs-utils

 


[root@client ~]# mount -t cifs  //192.168.100.1/software /mnt -o username=obama //再次挂载成功

Password:

[root@client ~]# ls /mnt

test.txt

 


6.linux客户端使用非manager组成员sanmao测试

[root@client ~]# smbclient -U sanmao //192.168.100.1/software

Enter sanmao's password:

Domain=[JIN] OS=[Unix] Server=[Samba 3.6.9-151.el6]

tree connect failed: NT_STATUS_ACCESS_DENIED        //登录失败

 


7.window客户端测试

 

 

 

附注:samba使用账号密码登录也可实现自动挂载,但会暴露账号密码,一般不使用

开机自动挂载

vim /etc/fstab

//192.168.100.1/software /mnt cifs defaults,username=用户名,password=密码 0 0

 


autofs触发挂载方式

vim /etc/auto.master

/mnt /etc/auto.samba

 


vim /etc/auto.samba

samba -fstype=cifs,username=用户名,password=密码 ://192.168.100.1/software

 


service autofs restart

(责任编辑:IT)