samba共享文件服务器
samba共享文件服务器
在/var/share目录中建立三个子目录public,training,devel。
public目录用于存放公共数据,如公司的规章制度,员工手册 training 目录用于存放公司的技术培训资料
devel 目录用于存放项目开发数据
将/var/share/public/目录共享为public,所有员工都可以访问,但只有读取权限
将/var/share/training/目录共享为peixun,允许管理员admin和技术部的所有员工读取数据,但不能写入;禁止其他人访问
将/var/share/devel/目录共享为kaifa,技术部的所有员工都可以读取该目录中的文件,但是只有管理员admin及bdqn项目组的员工又写入权限
1、 创建samba用户和组
1)创建组bdqn
[[email protected] ~]# groupadd bdqn
2) 创建用户tom加入到bdqn组
[[email protected] ~]# useradd bob
[[email protected] ~]# useradd tom
[[email protected] ~]# useradd alice
[[email protected] ~]# useradd marry
3)将tom、alice、marry加入到bdqn组
[[email protected] ~]# gpasswd -M tom,alice,marry bdqn
4)查看将用户加入到bdqn组
2、安装samba服务器
1)创建目录备份系统自带的yum源
[[email protected] ~]# mkdir -p /etc/yum.repos.d/bak
2)将系统自带的yum源备份到bak目录中
[[email protected] ~]# mv /etc/yum.repos.d/CentOS-* /etc/yum.repos.d/bak/
3)创建本地yum源
[[email protected] ~]# vim /etc/yum.repos.d/local.repo
[local]
name=centos7
baseurl=file:///mnt
enabled=1
gpgcheck=0
4)挂载系统光盘到/mnt目录中
[[email protected] ~]# mount /dev/cdrom /mnt/
5)安装samba和samba客户端
[[email protected] ~]# yum -y install samba samba-client
3、创建samba数据库
1)将root用户转换为samba用户
[[email protected] ~]# pdbedit -a -u root
2)创建的系统账户tom,alice,marry添加为samba账户
[[email protected] ~]# pdbedit -a -u tom
[[email protected] ~]# pdbedit -a -u alice
[[email protected] ~]# pdbedit -a -u marry
[[email protected] ~]# pdbedit -a -u bob
3)查看samba账户
4、创建目录/var/share/public共享当前目录,共享名字是public,允许所有账户访问
1)创建共享目录/var/share/public
[[email protected] ~]# mkdir -p /var/share/public
2)编辑samba主配置文件创建共享名字为public允许所有用户只读权限
[[email protected] ~]# vim /etc/samba/smb.conf
[global]
security = user
[public]
comment = share public
path = /var/share/public
read only = yes
guest ok = yes
3)写入测试数据
[[email protected] ~]# echo “111” > /var/share/public/1.txt
[[email protected] ~]# echo “222” > /var/share/public/2.txt
4)启动samba服务
[[email protected] ~]# systemctl start smb
[[email protected] ~]# systemctl start nmb
5)客户端测试只能读取不能写入
5、创建目录/var/share/training目录,共享名字为peixun,允许管理员admin和技术部的所有员工读取部门数据但是不能写入
1)创建共享目录/var/share/training
[[email protected] ~]# mkdir /var/share/training
2)编辑主配置文件允许admin和技术部所有员工读取部门数据不能写入
[[email protected] ~]# vim /etc/samba/smb.conf
[global]
security = user
username map = /etc/samba/sambacnmae
[peixun]
comment = share peixun
path = /var/share/training
valid users = root,@bdqn
write list = root
create mask = 0644
directory mask = 0755
3)创建别名文件
[[email protected] ~]# touch /etc/samba/sambacnmae
4)将管理员名别名设置为admin
[[email protected] ~]# vim /etc/samba/sambacnmae
root = admin
5)写入测试数据
[[email protected] ~]# echo “333” > /var/share/traning/3.txt
[[email protected] ~]# echo “444” > /var/share/traning/4.txt
6)重新启动samba服务
[[email protected] ~]# systemctl restart smb
[[email protected] ~]# systemctl restart nmb
7)测试admin用户拥有写入权限
8)普通账户拥有读取权限tom可以下载但是不可以创建文件进行写入
6、创建/var/share/devel/目录共享为kaifa,技术部的所有员工都可以读取该目录中的文件,但是只有管理员admin及bdqn项目组的员工又写入权限
1)创建共享目录
[[email protected] ~]# mkdir -p /var/share/devel
2)编辑主配置文件共享名为kaifa,技术部的所有员工都可以读取该目录中的文件,但是只有管理员admin及bdqn项目组的员工又写入权限
[[email protected] ~]# vim /etc/samba/smb.conf
[kaifa]
comment = share kaifa
path = /var/share/devel
valid users =bob,root,@bdqn
write list = root,@bdqn,bob
create mask = 0644
directory mask = 0755
3)重新启动服务
[[email protected] ~]# systemctl restart smb
[[email protected] ~]# systemctl restart nmb
4)创建测试数据
[[email protected] ~]# echo “555” > /var/share/devel/5.txt
[[email protected] ~]# echo “666” > /var/share/devel/6.txt
5)重新启动服务
[[email protected] ~]# systemctl restart smb
[[email protected] ~]# systemctl restart nmb
6)其他账户bob拥有读取权限不能下载
7)使用admin账户或者bdqn组账户测试拥有写入权限加添写入权限,bdqn组中alice用户拥有写入权限
[[email protected] ~]# chmod 77 /var/share/devel/