一、samba
1、samba安装和启用
2、创建samba服务共享目录
3、匿名用户无法访问内容,建立samba用户,samba用户访问成功
4、通过挂载方式,让用户访问
5、在客户端实现自动挂载和卸载(autofs+samba)
6、samba的访问控制及常用配置参数
7、samba的多用户挂载
二、NFS(Net File System)
1、安装
2、 nfs配置,将共享目录共享给172.25.254.50,只读
3、 nfs配置,将共享目录共享给172.25.254.50,可读写
4、自动挂载卸载nfs+autofs
5、指定用户身份
6、当挂载时使用超级用户,则沿用超级用户身份
一、samba
1、samba安装和启用
- smb = Server Message Block windows系统共享文件时用到的协议smb
- cifs = Common Internet File System Linux 系统共享文件时用到的协议cifs
- 实际上smb和cifs是一回事
100为安装samba的服务器,50为测试主机
[root@westosa100 ~]# dnf install samba samba-common samba-client -y [root@westos_student50 Desktop]# dnf install samba samba-common samba-client -y [root@westosa100 ~]# systemctl enable --now smb Created symlink /etc/systemd/system/multi-user.target.wants/smb.service → /usr/lib/systemd/system/smb.service. [root@westosa100 ~]# firewall-cmd --permanent --add-service=samba success [root@westosa100 ~]# firewall-cmd --reload success2、创建samba服务共享目录
[root@westosa100 ~]# mkdir /westosshare
[root@westosa100 ~]# touch /westosshare/westosfile{1..5}
[root@westosa100 ~]# semanage fcontext -a -t samba_share_t '/westosshare(/.*)?'
[root@westosa100 ~]# restorecon -RvvF /westosshare/
[root@westosa100 ~]# vim /etc/samba/smb.conf
[westos_smb]
comment = local westosdir
path = /westosshare
[root@westosa100 ~]# systemctl restart smb.service
[root@westos_student50 Desktop]# smbclient -L //172.25.254.100/westos_smb
Enter SAMBAroot's password:
Anonymous login successful
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
westos_smb Disk local westosdir
IPC$ IPC IPC Service (Samba 4.11.2)
SMB1 disabled -- no workgroup available
- 在50主机测试,共享成功
[root@westos_student50 Desktop]# smbclient //172.25.254.100/westos_smb Enter SAMBAroot's password: Anonymous login successful tree connect failed: NT_STATUS_ACCESS_DENIED [root@westosa100 ~]# id westos uid=1000(westos) gid=1000(westos) groups=1000(westos) [root@westosa100 ~]# smbpasswd -a westos New SMB password: Retype new SMB password: Added user westos. [root@westosa100 ~]# pdbedit -L westos:1000:westos [root@westos_student50 Desktop]# smbclient //172.25.254.100/westos_smb -U westos Enter SAMBAwestos's password: Try "help" to get a list of possible commands. smb: > ls . D 0 Sat Nov 27 14:43:31 2021 .. D 0 Sat Nov 27 14:42:50 2021 westosfile1 N 0 Sat Nov 27 14:43:31 2021 westosfile2 N 0 Sat Nov 27 14:43:31 2021 westosfile3 N 0 Sat Nov 27 14:43:31 2021 westosfile4 N 0 Sat Nov 27 14:43:31 2021 westosfile5 N 0 Sat Nov 27 14:43:31 2021 17814528 blocks of size 1024. 14078488 blocks available4、通过挂载方式,让用户访问
[root@westos_student50 Desktop]# mount //172.25.254.100/westos_smb /mnt/ -o username=westos,password=westos [root@westos_student50 Desktop]# df Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 1893192 0 1893192 0% /dev tmpfs 1921028 0 1921028 0% /dev/shm tmpfs 1921028 18392 1902636 1% /run tmpfs 1921028 0 1921028 0% /sys/fs/cgroup /dev/sda3 79127812 24645932 54481880 32% / /dev/sda1 518816 220672 298144 43% /boot /dev/loop0 8238560 8238560 0 100% /var/www/html/source tmpfs 384204 16 384188 1% /run/user/42 tmpfs 384204 24 384180 1% /run/user/0 //172.25.254.100/westos_smb 17814528 3736040 14078488 21% /mnt [root@westos_student50 Desktop]# ls /mnt westosfile1 westosfile2 westosfile3 westosfile4 westosfile55、在客户端实现自动挂载和卸载(autofs+samba)
[root@westos_student50 Desktop]# dnf install autofs-1:5.1.4-40.el8.x86_64 -y [root@westos_student50 Desktop]# umount /mnt ###将之前的挂载先卸掉 [root@westos_student50 Desktop]# df Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 1893192 0 1893192 0% /dev tmpfs 1921028 0 1921028 0% /dev/shm tmpfs 1921028 18392 1902636 1% /run tmpfs 1921028 0 1921028 0% /sys/fs/cgroup /dev/sda3 79127812 23624204 55503608 30% / /dev/sda1 518816 220672 298144 43% /boot /dev/loop0 8238560 8238560 0 100% /var/www/html/source tmpfs 384204 16 384188 1% /run/user/42 tmpfs 384204 24 384180 1% /run/user/0 [root@westos_student50 Desktop]# vim /etc/auto.master /smb /etc/auto.samba ####最终挂载点的上层目录 自动挂载子策略文件 [root@westos_student50 Desktop]# vim /etc/auto.samba westos_smb -fstype=cifs,username=westos,password=westos ://172.25.254.100/westos_smb ##最终挂载点 挂载参数 挂载资源 [root@westos_student50 Desktop]# vim /etc/autofs.conf timeout = 3 ###默认300秒,资源闲置就会卸载,这里为了试验效果改为3s [root@westos_student50 Desktop]# systemctl restart autofs [root@westos_student50 Desktop]# cd /smb/westos_smb [root@westos_student50 westos_smb]# df Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 1893192 0 1893192 0% /dev tmpfs 1921028 0 1921028 0% /dev/shm tmpfs 1921028 18400 1902628 1% /run tmpfs 1921028 0 1921028 0% /sys/fs/cgroup /dev/sda3 79127812 23622408 55505404 30% / /dev/sda1 518816 220672 298144 43% /boot /dev/loop0 8238560 8238560 0 100% /var/www/html/source tmpfs 384204 16 384188 1% /run/user/42 tmpfs 384204 24 384180 1% /run/user/0 //172.25.254.100/westos_smb 17814528 3736032 14078496 21% /smb/westos_smb [root@westos_student50 westos_smb]# cd [root@westos_student50 ~]# df Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 1893192 0 1893192 0% /dev tmpfs 1921028 0 1921028 0% /dev/shm tmpfs 1921028 18400 1902628 1% /run tmpfs 1921028 0 1921028 0% /sys/fs/cgroup /dev/sda3 79127812 23622408 55505404 30% / /dev/sda1 518816 220672 298144 43% /boot /dev/loop0 8238560 8238560 0 100% /var/www/html/source tmpfs 384204 16 384188 1% /run/user/42 tmpfs 384204 24 384180 1% /run/user/0
- 测试,进入设置的挂载点,实现了自动挂载,之后退出目录,等待三s,实现了自动卸载
######当写到单独共享时之对此共享生效,当写到【GLOBAL】时对samba整体生效,下图是写到单独的共享目录westos_smb中的########
- hosts allow 172.25.254.30 白名单
- hosts deny 172.25.254.50 黑名单
#### samba 的常用配置参数 #####
- writable = yes ##可写
- write list = westos ##指定用户可写
- write list = +westos ##指定组成员可写
- write list = @westos ##指定组成员可写
- valid users = lee ##指定访问用户,只有lee可以使用共享文件
- valid users = +lee|@lee ##指定访问组
- browseable = yes|no ##是否隐藏共享,隐藏后看不见共享文件,但可以使用
- map to guest = bad user ##写到全局设定中
- guest ok = yes ##允许匿名用户访问
- admin users = lee ##指定此共享的超级用户身份
测试就不做了,跟前面很多实验黑白名单,写权限等测试类似 ,思想是一样的
7、samba的多用户挂载在客户端如果用普通的挂载方式 没有用过用户验证的人也可以访问 samba 服务 这显然是不合理的,因此使用多用户挂载的方式
- 实验前,先把匿名访问关掉,之后重启smb服务
[root@westos_student50 Desktop]# dnf install cifs-utils -y [root@westos_student50 Desktop]# vim /root/smbpass username=westos password=westos [root@westos_student50 Desktop]# mount -o credentials=/root/smbpass,sec=ntlmssp,multiuser //172.25.254.100/westos_smb /mnt/ #credentials=/root/smbpass 指定认证文件#sec=ntlmssp 指定认证类型#multiuser 支持多用户 [root@westos_student50 Desktop]# su - westos Last login: Sun Nov 28 09:48:06 CST 2021 on pts/2 [westos@westos_student50 ~]$ cifscreds add -u westos 172.25.254.100 Password: [westos@westos_student50 ~]$ ls /mnt ls: cannot access '/mnt': Permission denied [westos@westos_student50 ~]$ cifscreds clearall [westos@westos_student50 ~]$ cifscreds add -u westos 172.25.254.100 Password: [westos@westos_student50 ~]$ ls /mnt westosfile1 westosfile2 westosfile3 westosfile4 westosfile5
注:二、NFS(Net File System)Key search failed: Key has expired ##
- [westos@test /]$ cifscreds add -u lee 172.25.254.20
- 当遇到上面的报错信息时,##执行以下两条命令解决报错
[westos@test /]$ cifscreds add -u lee -d 172.25.254.20
Password:
[westos@test ~]$ cifscreds clearall
用于 linux linux ,linux unix , unix unix 之间实现文件共享
[root@westosa100 ~]# dnf install nfs-utils [root@westosa100 ~]# systemctl enable --now nfs-server Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service. [root@westosa100 ~]# firewall-cmd --permanent --add-service=rpc-bind success [root@westosa100 ~]# firewall-cmd --permanent --add-service=mountd success [root@westosa100 ~]# firewall-cmd --permanent --add-service=nfs success [root@westosa100 ~]# firewall-cmd --reload success [root@westosa100 ~]# showmount -e 172.25.254.100 Export list for 172.25.254.100: [root@westos_student50 ~]# showmount -e 172.25.254.100 Export list for 172.25.254.100:1、安装
- 在50测试主机测试,共享成功
[root@westosa100 ~]# vim /etc/exports ####共享配置文件,此目录更改后,exportfs -rv生效 /mnt 172.25.254.50(ro) [root@westosa100 ~]# exportfs -rv exporting 172.25.254.50:/mnt [root@westosa100 ~]# chmod 777 /mnt/ #####更改权限,使共享目录可写 [root@westos_student50 ~]# mount 172.25.254.100:/mnt /mnt/ [root@westos_student50 ~]# ls /mnt/ 8-abstract-dark.xml circles-dark.xml desktop-backgrounds-default.xml westos.sql 8-abstract-light.xml circles-light.xml hello-world-dark.xml [root@westos_student50 ~]# cd /mnt/ [root@westos_student50 mnt]# touch nfstest touch: cannot touch 'nfstest': Read-only file system
- 只可以读,不可以写
[root@westosa100 ~]# vim /etc/exports /mnt 172.25.254.50(rw) ###改为可写 [root@westosa100 ~]# exportfs -rv exporting 172.25.254.50:/mnt [root@westos_student50 mnt]# cd [root@westos_student50 ~]# umount /mnt/ [root@westos_student50 ~]# mount 172.25.254.100:/mnt /mnt/ [root@westos_student50 ~]# cd /mnt/ [root@westos_student50 mnt]# touch nfstest [root@westos_student50 mnt]# ls 8-abstract-dark.xml circles-dark.xml desktop-backgrounds-default.xml nfstest 8-abstract-light.xml circles-light.xml hello-world-dark.xml westos.sql
- 卸载后重新挂载,可写可读
同7中samba+autofs
5、指定用户身份[root@westosa100 ~]# vim /etc/exports /mnt 172.25.254.50(rw,anonuid=1000,anongid=1000) ###制定用户身份所有人所有组为westos,1000为westos的id [root@westosa100 ~]# exportfs -rv exporting 172.25.254.50:/mnt [root@westos_student50 mnt]# cd [root@westos_student50 ~]# umount /mnt/ [root@westos_student50 ~]# id westos uid=1000(westos) gid=1000(westos) groups=1000(westos) [root@westos_student50 ~]# mount 172.25.254.100:/mnt /mnt/ [root@westos_student50 ~]# cd /mnt/ [root@westos_student50 mnt]# touch test2 [root@westos_student50 mnt]# ll total 28 -rw-r--r-- 1 root root 823 Aug 13 2019 8-abstract-dark.xml -rw-r--r-- 1 root root 829 Aug 16 2019 8-abstract-light.xml -rw-r--r-- 1 root root 805 Aug 13 2019 circles-dark.xml -rw-r--r-- 1 root root 811 Aug 13 2019 circles-light.xml -rw-r--r-- 2 root root 1606 Feb 19 2019 desktop-backgrounds-default.xml -rw-r--r-- 1 root root 829 Aug 13 2019 hello-world-dark.xml -rw-r--r-- 1 nobody nobody 0 Nov 28 10:43 nfstest -rw-r--r-- 1 westos westos 0 Nov 28 11:01 test2 -rw-r--r-- 1 root root 1931 Nov 21 09:37 westos.sql
- 查看westos的id
- 测试
[root@westosa100 ~]# vim /etc/exports [root@westosa100 ~]# cat /etc/exports /mnt 172.25.254.50(rw,no_root_squash) [root@westosa100 ~]# exportfs -rv exporting 172.25.254.50:/mnt [root@westos_student50 mnt]# cd [root@westos_student50 ~]# umount /mnt/ [root@westos_student50 ~]# mount 172.25.254.100:/mnt /mnt/ [root@westos_student50 ~]# cd /mnt/ [root@westos_student50 mnt]# touch test3 [root@westos_student50 mnt]# ll total 28 -rw-r--r-- 1 root root 823 Aug 13 2019 8-abstract-dark.xml -rw-r--r-- 1 root root 829 Aug 16 2019 8-abstract-light.xml -rw-r--r-- 1 root root 805 Aug 13 2019 circles-dark.xml -rw-r--r-- 1 root root 811 Aug 13 2019 circles-light.xml -rw-r--r-- 2 root root 1606 Feb 19 2019 desktop-backgrounds-default.xml -rw-r--r-- 1 root root 829 Aug 13 2019 hello-world-dark.xml -rw-r--r-- 1 nobody nobody 0 Nov 28 10:43 nfstest -rw-r--r-- 1 westos westos 0 Nov 28 11:01 test2 -rw-r--r-- 1 root root 0 Nov 28 11:05 test3 -rw-r--r-- 1 root root 1931 Nov 21 09:37 westos.sql
- 测试
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)