学习linux从实践做起。

实验环境:vmware,cenots 6,xshell

注意:使用vmware 时,网络连接设置成桥接,和宿主机位于同一个网段。

实验需求:模拟实际公司文件服务器。 新建SHARE 文件夹,权限所有人公开

新建IT 文件夹,只对IT部门员工开放

新建DE文件夹,对于DE部门员工开放

实验步骤:

1:由于selinux设置不懂,和iptables 只了解皮毛,为了不必要的麻烦:

关闭selinux :

 [root@localhost ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

关闭iptables:

 [root@localhost ~]# service iptables stop;chkconfig iptables off;chkconfig --list | grep iptables
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables :off :off :off :off :off :off :off

2:reboot,查看并且确保生效

 [root@localhost ~]# reboot
之后,继续查看
[root@localhost ~]# chkconfig --list | grep iptables
iptables :off :off :off :off :off :off :off

3:新建SHARE,IT,DE文件夹并设置权限

 [root@localhost ~]# mkdir -m  /home/SHARE /home/IT /home/DE
[root@localhost ~]# ls -l /home/
total
drwxrwx---. root root Dec : DE
drwxrwx---. root root Dec : IT
drwxrwx---. root root Dec : SHARE

4:新建用户组SHARE,IT,DE,新建IT1,IT2用户,新建DE1,DE2用户(IT1,IT2,DE1,DE2属于SHARE组,IT1,IT2属于IT组,DE1,DE2属于IT组)

 [root@localhost ~]#  groupadd SHARE;groupadd IT;groupadd DE
[root@localhost ~]# cat /etc/group
...
SHARE:x::
IT:x::
DE:x::
[root@localhost ~]# useradd IT1;usermod -s /sbin/nologin IT1 ;gpasswd -a IT1 IT; useradd IT2;usermod-s /sbin/nologin IT2 ;gpasswd -a IT2 IT; useradd DE1;usermod  -s /sbin/nologin DE1 ;gpasswd -a DE1 DE;useradd DE2 ;usermod -s /sbin/nologin DE2 ;gpasswd -a DE2 DE; gpasswd -a IT1 SHARE ;gpasswd -a IT2 SHARE;gpasswd -a DE1 SHARE; gpasswd -a DE2 SHARE

[root@localhost ~]# cat /etc/group
...
public:x::IT1,IT2,DE1,DE2
IT:x::IT1,IT2
DE:x::DE1,DE2
IT1:x::
IT2:x::
DE1:x::
DE2:x::

5:安装samba

 [root@localhost ~]# yum -y install samba samba-client samba-swat
 [root@localhost ~]# rpm -qa | grep samba
samba-winbind-clients-3.6.-.el6_7.x86_64
samba-swat-3.6.-.el6_7.x86_64
samba-client-3.6.-.el6_7.x86_64
samba-3.6.-.el6_7.x86_64
samba-winbind-3.6.-.el6_7.x86_64
samba-common-3.6.-.el6_7.x86_64

6:备份smb.conf

 [root@localhost ~]# cp  /etc/samba/smb.conf /etc/samba/smb.conf.bk

7:将用户账户添加到samba账户

 [root@localhost ~]# smbpasswd -a IT1
New SMB password:
Retype new SMB password:
Added user IT1.
[root@localhost ~]# smbpasswd -a IT2
New SMB password:
Retype new SMB password:
Added user IT2.
[root@localhost ~]# smbpasswd -a DE1
New SMB password:
Retype new SMB password:
Added user DE1.
[root@localhost ~]# smbpasswd -a DE2
New SMB password:
Retype new SMB password:
Added user DE2.

查看samba服务中,注册了哪些用户

 [root@localhost ~]# pdbedit -L
IT1::
DE1::
IT2::
DE2::

8:修改smb.conf配置文件

   [SHARE]
comment = share
path = /home/SHARE
valid users = @SHARE
read only = No
create mask =
directory mask = [IT]
comment = IT
path = /home/IT
valid users = @IT
read only = No
create mask = [DE]
comment = DE
path = /home/DE
valid users = @DE
read only = No
create mask =
directory mask =

9:重启samba服务:

 [root@supker ~]# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@supker ~]# service nmb restart
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]

《此处,请允许我感慨一声,真是日了狗了,测试半天,都是没有权限新建文件,然而reboot一下,就可以了!》

10:测试结果展示:

提示:断开共享盘连接的windows CMD命令:net use  * /del /y

Centos 6 之samba 搭建-LMLPHP

Centos 6 之samba 搭建-LMLPHP

Centos 6 之samba 搭建-LMLPHP

Centos 6 之samba 搭建-LMLPHP

05-10 22:59
查看更多