samba-阿里云开发者社区

samba

一定义

提供cifs协议，可实现linux和windows的共享

二 Samba服务的组成部分

1. 软件包:

Samba-common – Samba的支持文件

Samba-client – 客户端应用程序

Samba – 服务器应用程序

2. 服务名称:smb nmb

3. 服务端口: 通常使用TCP/445进行所有连接。还使用UDP137、UDP138和TCP/139进行向后兼容

4. 主配置文件:/etc/samba/smb.conf

5 samba开启的端口：

smb：445，139

nmb：137，138

过程如下：

[root@localhost ~]# netstat -antlupe | grep smb

tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 204147 5723/smbd

tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 204148 5723/smbd

tcp6 0 0 :::445 :::* LISTEN 0 204145 5723/smbd

tcp6 0 0 :::139 :::* LISTEN 0 204146 5723/smbd

[root@localhost ~]# netstat -antlupe | grep nmb

udp 0 0 172.25.12.255:137 0.0.0.0:* 0 204100 5722/nmbd

udp 0 0 172.25.12.10:137 0.0.0.0:* 0 204099 5722/nmbd

udp 0 0 172.25.254.255:137 0.0.0.0:* 0 204096 5722/nmbd

udp 0 0 172.25.254.112:137 0.0.0.0:* 0 204095 5722/nmbd

udp 0 0 0.0.0.0:137 0.0.0.0:* 0 204092 5722/nmbd

udp 0 0 172.25.12.255:138 0.0.0.0:* 0 204102 5722/nmbd

udp 0 0 172.25.12.10:138 0.0.0.0:* 0 204101 5722/nmbd

udp 0 0 172.25.254.255:138 0.0.0.0:* 0 204098 5722/nmbd

udp 0 0 172.25.254.112:138 0.0.0.0:* 0 204097 5722/nmbd

udp 0 0 0.0.0.0:138 0.0.0.0:* 0 204093 5722/nmbd

三 samba配置

1）

1 systemctl stop firewalld.service

2 yum install samba samba-common samba-client -y

3 systemctl start smb nmb

4 systemctl enable smb.service nmb.service

在客户端，可以用smbclient -L //172.25.254.112 查看能否访问共享目录

2）samba用户的添加，必须是本地用户###

1 smbpasswd -a student

2 pdbedit-L###查看samba用户###

3 pdbedit-xsamba用户###删除samba用户###

4 getsebool -a | grep samba###查看samba的selinux###

5 setsebool -P samba_enable_home_dirs 1###开启samba用户登入自己家目录的功能###

测试：

smbclient -L //172.25.254.112 -U student###看能否访问共享目录###

smbclient //172.25.254.112/student -U student###访问samba用户的家目录###

过程如下：

samba服务端：

[root@localhost ~]# yum install samba samba-common -y

[root@localhost ~]# systemctl start smb nmb

[root@localhost ~]# systemctl enable smb.service nmb.service

ln -s '/usr/lib/systemd/system/smb.service' '/etc/systemd/system/multi-user.target.wants/smb.service'

ln -s '/usr/lib/systemd/system/nmb.service' '/etc/systemd/system/multi-user.target.wants/nmb.service'

[root@localhost ~]# netstat -antlupe | grep smb

tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 204147 5723/smbd

tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 204148 5723/smbd

tcp6 0 0 :::445 :::* LISTEN 0 204145 5723/smbd

tcp6 0 0 :::139 :::* LISTEN 0 204146 5723/smbd

[root@localhost ~]# netstat -antlupe | grep nmb

udp 0 0 172.25.12.255:137 0.0.0.0:* 0 204100 5722/nmbd

udp 0 0 172.25.12.10:137 0.0.0.0:* 0 204099 5722/nmbd

udp 0 0 172.25.254.255:137 0.0.0.0:* 0 204096 5722/nmbd

udp 0 0 172.25.254.112:137 0.0.0.0:* 0 204095 5722/nmbd

udp 0 0 0.0.0.0:137 0.0.0.0:* 0 204092 5722/nmbd

udp 0 0 172.25.12.255:138 0.0.0.0:* 0 204102 5722/nmbd

udp 0 0 172.25.12.10:138 0.0.0.0:* 0 204101 5722/nmbd

udp 0 0 172.25.254.255:138 0.0.0.0:* 0 204098 5722/nmbd

udp 0 0 172.25.254.112:138 0.0.0.0:* 0 204097 5722/nmbd

udp 0 0 0.0.0.0:138 0.0.0.0:* 0 204093 5722/nmbd

[root@localhost ~]# smbpasswd -a student

New SMB password:###输入samba用户密码###

Retype new SMB password:###确认密码###

Added user student.

[root@localhost ~]# pdbedit -L

student:1000:Student User

[root@localhost ~]# getsebool -a | grep samba

samba_create_home_dirs --> off

samba_domain_controller --> off

samba_enable_home_dirs --> off

samba_export_all_ro --> off

samba_export_all_rw --> off

samba_portmapper --> off

samba_run_unconfined --> off

samba_share_fusefs --> off

samba_share_nfs --> off

sanlock_use_samba --> off

use_samba_home_dirs --> off

virt_sandbox_use_samba --> off

virt_use_samba --> off

[root@localhost ~]# setsebool -P samba_enable_home_dirs 1###samba的配置文件里有关于samba的selinux的信息###

测试：

客户端：

[root@foundation12 Desktop]# yum install samba-client -y

[root@foundation12 Desktop]# smbclient -L //172.25.254.112 -U student

Enter student's password:

Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]

Sharename Type Comment

--------- ---- -------

IPC$ IPC IPC Service (Samba Server Version 4.2.3)

student Disk Home Directories

Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]

Server Comment

--------- -------

DESKTOP Samba Server Version 4.1.1

DESKTOP36 Samba Server Version 4.1.1

LOCALHOST Samba Server Version 4.2.3

SERVER31 Samba Server Version 4.1.1

Workgroup Master

--------- -------

MYGROUP LOCALHOST

[root@foundation12 Desktop]# smbclient //172.25.254.112/student -U student

Enter student's password:

Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

NT_STATUS_ACCESS_DENIED listing \*

smb: \> ls

. D 0 Fri Jul 11 07:06:52 2014

.. D 0 Fri Jul 11 06:19:09 2014

.bash_logout H 18 Wed Jan 29 20:45:18 2014

.bash_profile H 193 Wed Jan 29 20:45:18 2014

.bashrc H 231 Wed Jan 29 20:45:18 2014

.ssh DH 0 Fri Jul 11 06:19:10 2014

.config DH 0 Fri Jul 11 07:06:53 2014

10473900 blocks of size 1024. 7274676 blocks available

smb: \> q

三 samba共享目录

samba服务端：

1)共享自己建立的目录

1 mkdir /smbshare

2 touch /smbshare/westoslinux...

3 vim /etc/samba/smb.conf###编辑samba的配置文件###

内容：

[westos]###共享名称###

comment = local directory###共享目录的描述###

path = /smbshare###共享目录的绝对路径###

4 systemctl restart smb.service###重启samba服务###

5 semanage fcontext -a -t samba_share_t '/smbshare(/.*)?'###修改安全上下文，使得所建立的目录的安全上下文与samba一致，能够访问###

6 restorecon -RvvF /smbshare/###刷新###

测试：

samba客户端：

smbclient //172.25.254.112/westos -U student

过程如下：

samba服务端：

[root@localhost ~]# mkdir /smbshare

[root@localhost ~]# touch /smbshare/westoslinux...

[root@localhost ~]# vim /etc/samba/smb.conf

[root@localhost ~]# systemctl restart smb.service

[root@localhost ~]# vim /etc/samba/smb.conf

[root@localhost ~]# systemctl restart smb.service

[root@localhost ~]# semanage fcontext -a -t samba_share_t '/smbshare(/.*)?'

[root@localhost ~]# restorecon -RvvF /smbshare/

restorecon reset /smbshare context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0

restorecon reset /smbshare/westoslinux... context

测试：

samba客户端：

[root@foundation12 Desktop]# smbclient //172.25.254.178/westos -U student

Enter student's password:

Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

. D 0 Sun Jun 4 21:07:28 2017

.. D 0 Sun Jun 4 21:07:14 2017

westoslinux N 0 Sun Jun 4 21:07:28 2017

10473900 blocks of size 1024. 6642952 blocks available

smb: \>

2)共享系统目录

共享系统目录的时候不能将系统目录的安全上下文修改，不然系统目录的其他文件就看不到了，因此，要将selinux的samba只读功能开启

samba服务端：

1 touch /mnt/file{1..6}###建立共享目录下的文件###

2 vim /etc/samba/smb.conf

内容：

[westos]

comment = local directory

path = /mnt

3 systemctl restart smb.service###重启服务###

4 setsebool -P samba_export_all_ro 1###开启samba只读功能###

测试：

smbclient //172.25.254.112/westos -U student

过程如下：

[root@localhost mnt]# touch /mnt/file{1..6}

[root@localhost mnt]# ls

file1 file2 file3 file4 file5 file6

[root@localhost mnt]# vim /etc/samba/smb.conf

[root@localhost mnt]# systemctl restart smb.service

[root@localhost mnt]# getsebool -a | grep samba

samba_create_home_dirs --> off

samba_domain_controller --> off

samba_enable_home_dirs --> on

samba_export_all_ro --> off

samba_export_all_rw --> off

samba_portmapper --> off

samba_run_unconfined --> off

samba_share_fusefs --> off

samba_share_nfs --> off

sanlock_use_samba --> off

use_samba_home_dirs --> off

virt_sandbox_use_samba --> off

virt_use_samba --> off

[root@localhost mnt]# setsebool -P samba_export_all_ro 1

测试：

[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student

Enter student's password:

Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

. D 0 Sat Jun 3 14:38:50 2017

.. D 0 Sat Jun 3 14:25:29 2017

file1 N 0 Sat Jun 3 14:38:50 2017

file2 N 0 Sat Jun 3 14:38:50 2017

file3 N 0 Sat Jun 3 14:38:50 2017

file4 N 0 Sat Jun 3 14:38:50 2017

file5 N 0 Sat Jun 3 14:38:50 2017

file6 N 0 Sat Jun 3 14:38:50 2017

10473900 blocks of size 1024. 7274976 blocks available

smb: \>

四匿名用户控制访问

samba服务端：

1 vim /etc/samba/smb.conf

内容：

125 map to guest = bad user###所有匿名用户指向guest###

322 [westos]

323 comment = local directory

324 path = /mnt

325 guest ok = yes###允许匿名用户访问###

2 systemctl restart smb.service ###重启服务###

测试:

smbclient //172.25.254.112/westos

过程如下:

[root@localhost smbshare]# vim /etc/samba/smb.conf

[root@localhost smbshare]# systemctl restart smb.service ###重启服务###

测试：

[root@foundation12 Desktop]# smbclient //172.25.254.112/westos

Enter kiosk's password: ###没有密码，回车跳过###

Anonymous login successful

Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

. D 0 Sat Jun 3 14:38:50 2017

.. D 0 Sat Jun 3 14:25:29 2017

file1 N 0 Sat Jun 3 14:38:50 2017

file2 N 0 Sat Jun 3 14:38:50 2017

file3 N 0 Sat Jun 3 14:38:50 2017

file4 N 0 Sat Jun 3 14:38:50 2017

file5 N 0 Sat Jun 3 14:38:50 2017

file6 N 0 Sat Jun 3 14:38:50 2017

10473900 blocks of size 1024. 7274640 blocks available

smb: \> quit

五访问控制

1) 仅允许某个主机访问

1 vim /etc/samba/smb.conf

内容：

322 [westos]

323 comment = local directory

324 path = /mnt

325 hosts allow = 172.25.254.12 ###仅允许12主机访问###

2 systemctl restart smb.service

测试：

smbclient //172.25.254.112/westos -U westos

过程如下：

[root@localhost smbshare]# vim /etc/samba/smb.conf

[root@localhost smbshare]# systemctl restart smb.service

测试：

[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student

Enter westos's password:

Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

. D 0 Sat Jun 3 14:38:50 2017

.. D 0 Sat Jun 3 14:25:29 2017

file1 N 0 Sat Jun 3 14:38:50 2017

file2 N 0 Sat Jun 3 14:38:50 2017

file3 N 0 Sat Jun 3 14:38:50 2017

file4 N 0 Sat Jun 3 14:38:50 2017

file5 N 0 Sat Jun 3 14:38:50 2017

file6 N 0 Sat Jun 3 14:38:50 2017

10473900 blocks of size 1024. 7274576 blocks available

smb: \> quit

2）仅拒绝某个主机访问

1 vim /etc/samba/smb.conf

内容：

322 [westos]

323 comment = local directory

324 path = /mnt

325 hosts deny = 172.25.254.12 ###仅拒绝12主机访问###

2 systemctl restart smb.service

测试：

smbclient //172.25.254.112/westos

过程如下：

[root@localhost smbshare]# vim /etc/samba/smb.conf

[root@localhost smbshare]# systemctl restart smb.service

测试：

[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student

Enter kiosk's password:

Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]

tree connect failed: NT_STATUS_ACCESS_DENIED

六有效用户访问

1 useradd westos -s /sbin/nologin westos

2 smbpasswd -a westos###添加smaba用户###

3 vim /etc/samba/smb.conf

内容：

322 [westos]

323 comment = local directory

324 path = /mnt

325 valid user = westos###有效用户访问###

4 systemctl restart smb.service

测试：

smbclient //172.25.254.112/westos -U westos###可以访问###

smbclient //172.25.254.178/westos -U student###不可以访问###

过程如下：

[root@localhost smbshare]# useradd westos

[root@localhost smbshare]# smbpasswd -a westos###添加smaba用户###

New SMB password:

Retype new SMB password:

Added user westos.

[root@localhost smbshare]# vim /etc/samba/smb.conf

内容：

322 [westos]

323 comment = local directory

324 path = /mnt

325 valid users = westos###有效用户访问###

[root@localhost smbshare]# systemctl restart smb.service

测试：

[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U westos

Enter westos's password:

Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

. D 0 Sat Jun 3 14:38:50 2017

.. D 0 Sat Jun 3 14:25:29 2017

file1 N 0 Sat Jun 3 14:38:50 2017

file2 N 0 Sat Jun 3 14:38:50 2017

file3 N 0 Sat Jun 3 14:38:50 2017

file4 N 0 Sat Jun 3 14:38:50 2017

file5 N 0 Sat Jun 3 14:38:50 2017

file6 N 0 Sat Jun 3 14:38:50 2017

10473900 blocks of size 1024. 7274576 blocks available

smb: \> quit

[root@localhost ~]# smbclient //172.25.254.178/westos -U student

Enter student's password:

Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.3]

tree connect failed: NT_STATUS_ACCESS_DENIED

七有效用户组的访问

samba服务端：

1 vim /etc/samba/smb.conf

内容：

[westos]

comment = local directory

path = /mnt

valid users = @westos###有效用户组访问###

2 systemctl restart smb

测试：

1 usermod -G westos student###添加附加组westos

2 smbclient //172.25.254.112/westos -U student

过程如下：

[root@localhost smbshare]# vim /etc/samba/smb.conf

[root@localhost smbshare]# systemctl restart smb

[root@localhost smbshare]# id westos

uid=1001(westos) gid=1001(westos) groups=1001(westos)

[root@localhost smbshare]# id student

uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)

[root@localhost smbshare]# usermod -G westos student

[root@localhost smbshare]# id student

uid=1000(student) gid=1000(student) groups=1000(student),1001(westos)

[root@localhost smbshare]#

测试：

[root@foundation12 Desktop]# smbclient //172.25.254.112/westos -U student

Enter student's password:

Domain=[WESTOS] OS=[Windows 6.1] Server=[Samba 4.2.3]

smb: \> ls

. D 0 Sat Jun 3 14:38:50 2017

.. D 0 Sat Jun 3 14:25:29 2017

file1 N 0 Sat Jun 3 14:38:50 2017

file2 N 0 Sat Jun 3 14:38:50 2017

file3 N 0 Sat Jun 3 14:38:50 2017

file4 N 0 Sat Jun 3 14:38:50 2017

file5 N 0 Sat Jun 3 14:38:50 2017

file6 N 0 Sat Jun 3 14:38:50 2017

10473900 blocks of size 1024. 7274880 blocks available

smb: \>

八读写控制

一般情况下，是不允许往共享目录内进行写操作，如下：

[root@localhost ~]# mount -o username=westos,password=westos //172.25.254.112/westos /mnt/将共享目录westos以samba用户westos挂载到/mnt下###

[root@localhost ~]# cd /mnt/

[root@localhost mnt]# ll

total 0

-rw-r--r--. 1 root root 0 Jun 4 21:52 file1

-rw-r--r--. 1 root root 0 Jun 4 21:52 file2

-rw-r--r--. 1 root root 0 Jun 4 21:52 file3

[root@localhost mnt]# touch file10###进行写操作###

touch: cannot touch ‘file10’: Permission denied

[root@localhost mnt]#

1)所有用户均可以写：

samba服务器：

1 vim /etc/samba/smb.conf

内容：

[westos]

comment = local directory

path = /mnt

writable = yes###允许写操作###

2 chmod o+w /mnt/###当访问共享目录的时候，用户身份发生了改变,因此要使/mnt对其他用户有权限###

3 systemctl restart smb

4 setsebool -P samba_export_all_rw on###开启读写共享功能###

测试：

客户端：

mount -o username=westos,password=westos //172.25.254.112/westos /mnt/

过程如下：

[root@localhost ~]# vim /etc/samba/smb.conf

[root@localhost ~]# ll /mnt/

total 0

-rw-r--r--. 1 root root 0 Jun 3 02:38 file1

-rw-r--r--. 1 root root 0 Jun 3 02:38 file2

-rw-r--r--. 1 root root 0 Jun 3 02:38 file3

-rw-r--r--. 1 root root 0 Jun 3 02:38 file4

-rw-r--r--. 1 root root 0 Jun 3 02:38 file5

-rw-r--r--. 1 root root 0 Jun 3 02:38 file6

[root@localhost ~]# chmod o+w /mnt/

[root@localhost ~]# setsebool -P samba_export_all_rw on

[root@localhost ~]#

测试:

[root@foundation12 ~]# mount -o username=westos,password=westos //172.25.254.112/westos /mnt/

[root@foundation12 ~]# cd /mnt/

[root@foundation12 mnt]# ls

file1 file2 file3 file4 file5 file6

[root@foundation12 mnt]# touch file7

[root@foundation12 mnt]# ls

file1 file2 file3 file4 file5 file6 file7

[root@foundation12 mnt]# ls -l file7

-rw-r--r-- 1 1001 1001 0 Jun 3 15:51 file7

[root@foundation12 mnt]# ll file7

-rw-r--r-- 1 1001 1001 0 Jun 3 15:51 file7

[root@foundation12 mnt]#

2）指定用户可以写：

samba服务端：

1 vim /etc/samba/smb.conf

内容：

[westos]

comment=local directory

path = /mnt

writable = no

write list = student###指定只有samba的student用户可以写，若是@（+）student则是指指定用户组可以写###

2 systemctl restart smb

测试:

mount -o username=westos,password=westos //172.25.254.178/westos /mnt/###查看westos用户是否可写###

mount -o username=student,password=student //172.25.254.178/westos /mnt/###查看student用户是否可写###

过程如下：

[root@desktop ~]# vim /etc/samba/smb.conf

[root@desktop ~]# systemctl restart smb

图

测试：

[root@localhost ~]# mount -o username=westos,password=westos //172.25.254.178/westos /mnt/

[root@localhost ~]# cd /mnt/

[root@localhost mnt]# ls

file1 file2 file3 file4 file5 file6 file7

[root@localhost mnt]# rm -fr *###wstos用户不可写###

rm: cannot remove ‘file1’: Read-only file system

rm: cannot remove ‘file2’: Read-only file system

rm: cannot remove ‘file3’: Read-only file system

rm: cannot remove ‘file4’: Read-only file system

rm: cannot remove ‘file5’: Read-only file system

rm: cannot remove ‘file6’: Read-only file system

rm: cannot remove ‘file7’: Read-only file system

[root@localhost mnt]# cd

[root@localhost ~]# umount /mnt/

[root@localhost ~]# mount -o username=student,password=student //172.25.254.178/westos /mnt/

[root@localhost ~]# cd /mnt/

[root@localhost mnt]# ls

file1 file2 file3 file4 file5 file6 file7

[root@localhost mnt]# touch file8###student用户可写###

[root@localhost mnt]# ls

file1 file2 file3 file4 file5 file6 file7 file8

[root@localhost mnt]#

九共享的超级用户指定

在客户端访问共目录并且进行写操作时，用户身份发生了变化，变成了当前的登入的samba用户，当共享目录的超级用户指定时，用该samba用户进行写操作时，就变成了超级用户的操作

samba服务端：

1 vim /etc/samba/smb.conf

内容：

[westos]

comment = local directory

path = /mnt

writable = yes

admin users = westos

2 systemctl restart smb

测试：

客户端：

1 chmod o-w /mnt/###使共享目录只对超级用户有写权限###

2 mount -o username=westos,password=westos //172.25.254.112/westos /mnt/###挂载共享目录到/mnt下###

过程如下：

samba服务端：

[root@desktop ~]# vim /etc/samba/smb.conf

[root@desktop ~]# systemctl restart smb

[root@desktop ~]# chmod o-w /mnt/

测试：

[root@localhost ~]# mount -o username=westos,password=westos //172.25.254.178/westos /mnt/

[root@localhost ~]# cd /mnt/

[root@localhost mnt]# ls

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9

[root@localhost mnt]# ll

total 0

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file1

-rw-r--r--. 1 student student 0 Jun 5 15:00 file10

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file2

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file3

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file4

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file5

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file6

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file7

-rw-r--r--. 1 student student 0 Jun 5 14:41 file8

-rw-r--r--. 1 student student 0 Jun 5 14:58 file9

[root@localhost mnt]# touch file11

[root@localhost mnt]# ls

file1 file10 file11 file2 file3 file4 file5 file6 file7 file8 file9

[root@localhost mnt]# ll

total 0

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file1

-rw-r--r--. 1 student student 0 Jun 5 15:00 file10

-rw-r--r--. 1 root 1001 0 Jun 5 15:12 file11###变成了超级用户

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file2

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file3

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file4

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file5

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file6

-rw-r--r--. 1 1001 1001 0 Jun 5 14:34 file7

-rw-r--r--. 1 student student 0 Jun 5 14:41 file8

-rw-r--r--. 1 student student 0 Jun 5 14:58 file9

[root@localhost mnt]#

十多用户挂载

当把共享目录挂载到本机的目录上的时侯，普通用户也可以访文该共享目录，因此，要进行多用户挂载，只有smb认证的才能访问smb共享目录

在客户端进行操作：

1 vim /root/westos###编写用户文件，文件名任意，指定挂载时要用###

内容：

username=westos###samba用户名###

password=westos###samba用户的密码###

2 chmod 600 /root/westos###只有超级用户可以读取该文件###

3 yum install cifs-utils -y

4 mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.112/westos /mnt/

#credentials=/root/haha指定挂载时所用到的用户文件

#multiuser支持多用户认证

#sec=ntlmssp认证方式为标准smb认证方式

测试：

过程如下：

[root@foundation12 Desktop]# mount -o credentials=/root/westos,multiuser,sec=ntlmssp //172.25.254.112/westos /mnt/

[root@foundation12 Desktop]# cd /mnt/

[root@foundation12 mnt]# ls

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9

[root@foundation12 mnt]# su - kiosk

Last login: Sat Jun 3 16:38:40 CST 2017 on pts/2

[kiosk@foundation12 ~]$ cd /mnt

[kiosk@foundation12 mnt]$ ls

ls: reading directory .: Permission denied###没有smb认证无法访问共享目录###

[kiosk@foundation12 mnt]$ cifscreds add -u student 172.25.254.112###使得该普通用户kiosk能够以samba用户student的身份去访问samba共享目录###

Password:

[kiosk@foundation12 mnt]$ ls

file1 file10 file2 file3 file4 file5 file6 file7 file8 file9

[kiosk@foundation12 mnt]$

本文转自blueclo51CTO博客，原文链接： http://blog.51cto.com/12774272/1933924 ，如需转载请自行联系原作者

samba

热门文章

最新文章

相关电子书

相关实验场景