兴趣爱好

CentOS 7配置samba[开机自动挂载以及多用户挂载]

分类: 兴趣爱好
1,731 人气 / 0 评论 / 2017-11-18 发布
Author:

CentOS 7配置samba[开机自动挂载以及多用户挂载]

[root@server0 ~]#yum -y install samba samba-client
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Resolving Dependencies
–> Running transaction check

……………………………….中间省略若干行……………………………….
Installed:
samba.x86_64 0:4.1.1-31.el7 samba-client.x86_64 0:4.1.1-31.el7

Dependency Installed:
cups-libs.x86_64 1:1.6.3-14.el7 libldb.x86_64 0:1.1.16-4.el7 libsmbclient.x86_64 0:4.1.1-31.el7 libtalloc.x86_64 0:2.0.8-4.el7
libtdb.x86_64 0:1.2.12-3.el7 libtevent.x86_64 0:0.9.18-6.el7 libwbclient.x86_64 0:4.1.1-31.el7 pytalloc.x86_64 0:2.0.8-4.el7
samba-common.x86_64 0:4.1.1-31.el7 samba-libs.x86_64 0:4.1.1-31.el7

Complete!

# 开机启动
[root@server0 ~]#systemctl enable smb nmb
ln -s ‘/usr/lib/systemd/system/smb.service’ ‘/etc/systemd/system/multi-user.target.wants/smb.service’
ln -s ‘/usr/lib/systemd/system/nmb.service’ ‘/etc/systemd/system/multi-user.target.wants/nmb.service’

# 启动服务
[root@server0 ~]#systemctl start smb nmb

# 查看监听端口
[root@server0 ~]#ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 50 :::445 :::*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::22 :::*

# 防火墙放行
[root@server0 ~]#firewall-cmd –permanent –add-service=samba
success
[root@server0 ~]#firewall-cmd –reload

success

[root@server0 ~]#mkdir /smb

[root@server0 ~]#vi /etc/samba/smb.conf
……………………………….中间省略若干行……………………………….
[smb]
comment = Demo
path = /smb
public = yes
writable = yes
printable = no
write list = +qiu

[root@server0 ~]#systemctl restart smb nmb

# 使用semanage工具修改安全上下文
[root@server0 ~]#yum -y install policycoreutils-python//semanage工具
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Resolving Dependencies
–> Running transaction check
—> Package policycoreutils-python.x86_64 0:2.2.5-11.el7 will be installed
–> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.2.5-11.el7.x86_64
–> Processing Dependency: libsemanage-python >= 2.1.10-1 for package: policycoreutils-python-2.2.5-11.el7.x86_64
–> Processing Dependency: checkpolicy for package: policycoreutils-python-2.2.5-11.el7.x86_64
–> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.2.5-11.el7.x86_64
–> Processing Dependency: libcgroup for package: policycoreutils-python-2.2.5-11.el7.x86_64

……………………………….中间省略若干行……………………………….

Installed:
policycoreutils-python.x86_64 0:2.2.5-11.el7

Dependency Installed:
audit-libs-python.x86_64 0:2.3.3-4.el7 checkpolicy.x86_64 0:2.1.12-6.el7 libcgroup.x86_64 0:0.41-6.el7
libsemanage-python.x86_64 0:2.1.10-16.el7 python-IPy.noarch 0:0.75-6.el7 setools-libs.x86_64 0:3.3.7-46.el7

Complete!

[root@server0 ~]#ls -dZ /smb/
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /smb/
[root@server0 ~]#semanage fcontext -a -t samba_share_t ‘/smb(/.*)?’
[root@server0 ~]#restorecon -RFvv /smb/
restorecon reset /smb context unconfined_u:object_r:default_t:s0->system_u:object_r:samba_share_t:s0
[root@server0 ~]#chmod 777 -R/smb/

# 添加账号
[root@server0 ~]#useradd qiu
[root@server0 ~]#smbpasswd -a qiu
New SMB password:
Retype new SMB password:
Added user qiu.

# 客户端测试
[root@server0 ~]#smbclient //localhost/smb -U[–user]=qiu
Enter qiu’s password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]

smb: \>ls
. D 0 Thu Mar 5 08:17:13 2015
.. D 0 Thu Mar 5 08:17:13 2015

46041 blocks of size 524288. 43379 blocks available
smb: \>mkdir test
smb: \>ls
. D 0 Thu Mar 5 08:39:25 2015
.. D 0 Thu Mar 5 08:17:13 2015
test D 0 Thu Mar 5 08:39:25 2015

46041 blocks of size 524288. 43379 blocks available

# mount 挂载,由于SAMBA属于CIFS类型,所以在挂载之前需要安装cifs包
[root@server0 ~]#yum -y install cifs-utils
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Resolving Dependencies
–> Running transaction check
—> Package cifs-utils.x86_64 0:6.2-6.el7 will be installed
–> Processing Dependency: keyutils for package: cifs-utils-6.2-6.el7.x86_64
–> Running transaction check
—> Package keyutils.x86_64 0:1.5.8-3.el7 will be installed

……………………………….中间省略若干行……………………………….
Installed:
cifs-utils.x86_64 0:6.2-6.el7

Dependency Installed:
keyutils.x86_64 0:1.5.8-3.el7

Complete!

[root@server0 ~]#cat /root/cifs.mount
username=qiu
password=123456
#domain=xxxxx

[root@server0 ~]#vi /etc/fstab
……………………………….中间省略若干行……………………………….
//localhost/smb /mnt/smb cifs defaults,credentials=/root/cifs.mount 0 0#也可以将命令写全://localhost/smb /mnt/smb cifs defaults,username=qiu,password=123456,sec=ntlm 0 0

[root@server0 ~]#mount -a

[root@server0 ~]#mount
……………………………….中间省略若干行……………………………….
//localhost/smb on /mnt/smb type cifs(rw,relatime,vers=1.0,cache=strict,username=qiu,domain=SERVER0,uid=0,noforceuid,gid=0,noforcegid,addr=0000:0000:0000:0000:0000:0000:0000:0001,unix,posixpaths,serverino,acl,rsize=1048576,wsize=65536,actimeo=1)

# 多用户挂载

[root@server0 ~]#vi /etc/samba/smb.conf
……………………………….中间省略若干行……………………………….
[public]
comment = Public
path = /pulibc
public = yes
writable = yes
printable = no
valid = qiu, min, @HR

[root@server0 ~]#cat /root/cifs.mount
username=min
password=123456

[root@server0 ~]#vi /etc/fstab
……………………………….中间省略若干行……………………………….
//localhost/smb /mnt/smb cifs defaults,credentials=/root/cifs.mount,multiuser,sec=ntlmssp 0 0

[root@server0 ~]#mount
……………………………….中间省略若干行……………………………….
//localhost/public on /mnt/public type cifs(rw,relatime,vers=1.0,sec=ntlmssp,cache=strict,multiuser,domain=SERVER0,uid=0,noforceuid,gid=0,noforcegid,addr=0000:0000:0000:0000:0000:0000:0000:0001,unix,posixpaths,serverino,acl,noperm,rsize=1048576,wsize=65536,actimeo=1)

————————————————附录—————————————————–
#本例中的安全上下文是通过semanage去实现的,当然smb.conf文件也有关于SELINUX中的配置,有兴趣研究参考

# This is the main Samba configuration file. For detailed information about the
# options listed here, refer to the smb.conf(5) manual page. Samba has a huge
# number of configurable options, most of which are not shown in this example.
#
# The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
# guides for installing, configuring, and using Samba:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# The Samba-3 by Example guide has working examples for smb.conf. This guide is
# generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# In this file, lines starting with a semicolon (;) or a hash (#) are
# comments and are ignored. This file uses hashes to denote commentary and
# semicolons for parts of the file you may wish to configure.
#
# Note: Run the “testparm” command after modifying this file to check for basic
# syntax errors.
#
#—————
# Security-Enhanced Linux (SELinux) Notes:
#
# Turn the samba_domain_controller Boolean on to allow Samba to use the useradd
# and groupadd family of binaries. Run the following command as the root user to
# turn this Boolean on:
# setsebool -P samba_domain_controller on
#
# Turn the samba_enable_home_dirs Boolean on if you want to share home
# directories via Samba. Run the following command as the root user to turn this
# Boolean on:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory, such as a new top-level directory, label it
# with samba_share_t so that SELinux allows Samba to read and write to it. Do
# not label system directories, such as /etc/ and /home/, with samba_share_t, as
# such directories should already have an SELinux label.
#
# Run the “ls -ldZ /path/to/directory” command to view the current SELinux
# label for a given directory.
#
# Set SELinux labels only on files and directories you have created. Use the
# chcon command to temporarily change a label:
# chcon -t samba_share_t /path/to/directory
#
# Changes made via chcon are lost when the file system is relabeled or commands
# such as restorecon are run.
#
# Use the samba_export_all_ro or samba_export_all_rw Boolean to share system
# directories. To share such directories and only allow read-only permissions:
# setsebool -P samba_export_all_ro on
# To share such directories and allow read and write permissions:
# setsebool -P samba_export_all_rw on

Tags:
12 + 赞
相关资源:
  • 宝塔自动一键磁盘挂载
    宝塔自动一键磁盘挂载
    2019-12-250
  • 宝塔Linux面板,一个精致强大的云主机管理平台!安装方法及心得
    宝塔Linux面板,一个精致强大的云主机管理平台!安装方法及心得
    2019-7-120
  • Jack_20190627_圆梦一线大厂必备之Tomcat架构剖析
    Jack_20190627_圆梦一线大厂必备之Tomcat架构剖析
    2019-6-290
  • 奋斗者的日常,笑着笑着就哭了
    奋斗者的日常,笑着笑着就哭了
    2019-4-280
  • 宝塔Linux控制面板专业版破解步骤【亲测可用
    宝塔Linux控制面板专业版破解步骤【亲测可用
    2019-4-270
  • 宝塔Linux面板 5.9专业版破解,付费插件任意装
    宝塔Linux面板 5.9专业版破解,付费插件任意装
    2019-4-220
  • “灯塔-党建在线”VPN客户端
    “灯塔-党建在线”VPN客户端
    2019-3-140
  • 2003系统IIS安全优化指南
    2003系统IIS安全优化指南
    2019-2-190
  • 企业网站为什么要做SEO
    企业网站为什么要做SEO
    2018-10-220
  • lanmp_wdcp_v2.5快速安装RPM包发布
    lanmp_wdcp_v2.5快速安装RPM包发布
    2018-10-50

评论

昵称*

邮箱*

网址