1����、建立samba共享,共享目錄為/data�,要求:(描述完整的過(guò)程)
創(chuàng)新互聯(lián)建站是一家專業(yè)從事成都網(wǎng)站建設(shè)、網(wǎng)站建設(shè)的網(wǎng)絡(luò)公司�����。作為專業(yè)的建站公司,創(chuàng)新互聯(lián)建站依托的技術(shù)實(shí)力、以及多年的網(wǎng)站運(yùn)營(yíng)經(jīng)驗(yàn),為您提供專業(yè)的成都網(wǎng)站建設(shè)����、成都全網(wǎng)營(yíng)銷及網(wǎng)站設(shè)計(jì)開(kāi)發(fā)服務(wù)!
1)共享名為shared���,工作組為magedu�;
2)添加組develop��,添加用戶gentoo,centos和ubuntu�����,其中g(shù)entoo和centos以develop為附加組��,ubuntu不屬于develop組���;密碼均為用戶名��;
3)添加samba用戶gentoo,centos和ubuntu�,密碼均為“mageedu”;
4)此samba共享shared僅允許develop組具有寫(xiě)權(quán)限���,其他用戶只能以只讀方式訪問(wèn)�����;
5)此samba共享服務(wù)僅允許來(lái)自于172.16.0.0/16網(wǎng)絡(luò)的主機(jī)訪問(wèn)�;
以 centos7.2環(huán)境來(lái)搭建
[root@localhost ~]# yum -y install samba ###安裝samba服務(wù)
[root@localhost ~]# mkdir /data ###創(chuàng)建共享目錄
[root@localhost ~]# useradd gentoo ###添加用戶
[root@localhost ~]# useradd centos
[root@localhost ~]# useradd ubuntu
[root@localhost ~]# echo "gentoo"|passwd --stdin gentoo
[root@localhost ~]# echo "centos"|passwd --stdin centos
[root@localhost ~]# echo "ubuntu"|passwd --stdin ubuntu
[root@localhost ~]# groupadd develop ###添加develop組
[root@localhost ~]# usermod -aG developgentoo ###gentoo附加組為develop
[root@localhost ~]# usermod -aG developcentos ###centos附加組為develop
###添加samba用戶
[root@localhost ~]# smbpasswd -a gentoo
[root@localhost ~]# smbpasswd -a centos
[root@localhost ~]# smbpasswd -a ubuntu
[root@localhost ~]# pdbedit -L ###列出所有samba用戶
[root@localhost ~]# setfacl -mg:develop:rwx /data ###設(shè)置develop組具有寫(xiě)權(quán)限
[root@localhost ~]# vim /etc/samba/smb.conf ###編輯配置文件
[global]
workgroup = magedu ###所屬工作組
hosts allow = 192.168.0.0/16 ###僅允許192.168.0.0/16網(wǎng)絡(luò)主機(jī)訪問(wèn)
[shared] ###共享名
comment = data dir ###注釋信息
path = /data ###路徑
browseable = yes ###能夠被用戶看到
read only = yes ###只讀
write list = @develop ###擁有寫(xiě)權(quán)限的組
[root@localhost ~]# testparm ###測(cè)試
[root@localhost ~]# systemctl reloadsmb.service ###重載服務(wù)
###客戶端測(cè)試
[root@localhost ~]# smbclient//192.168.0.188/shared -U gentoo
Enter gentoo's password:
Domain=[MAGEDU] OS=[Windows 6.1]Server=[Samba 4.4.4]
smb: \> lcd /etc/
smb: \> put fstab
putting file fstab as \fstab (12.6 kb/s)(average 12.6 kb/s) ###gentoo用戶可上傳
[root@localhost ~]# smbclient//192.168.0.188/shared -U centos
Enter centos's password:
Domain=[MAGEDU] OS=[Windows 6.1]Server=[Samba 4.4.4]
smb: \> lcd /etc
smb: \> put php.ini
putting file php.ini as \php.ini (1102.8kb/s) (average 1102.8 kb/s) ###centos用戶可上傳
[root@localhost ~]# smbclient//192.168.0.188/shared -U ubuntu
Enter ubuntu's password:
Domain=[MAGEDU] OS=[Windows 6.1]Server=[Samba 4.4.4]
smb: \> lcd /etc
smb: \> put resolv.conf
NT_STATUS_ACCESS_DENIED opening remote file\resolv.conf ###ubuntu用戶無(wú)法上傳
至此結(jié)束
2��、搭建一套文件vsftp文件共享服務(wù)�,共享目錄為/ftproot,要求:(描述完整的過(guò)程)
1)基于虛擬用戶的訪問(wèn)形式;
2)匿名用戶只允許下載�,不允許上傳;
3)禁錮所有的用戶于其家目錄當(dāng)中�����;
4)限制最大并發(fā)連接數(shù)為200:���;
5)匿名用戶的最大傳輸速率512KB/s
6)虛擬用戶的賬號(hào)存儲(chǔ)在MySQL數(shù)據(jù)庫(kù)當(dāng)中。
7)數(shù)據(jù)庫(kù)通過(guò)NFS進(jìn)行共享�����。
以CentOS7.2環(huán)境來(lái)搭建
(1) 編譯安裝pam_mysql-0.7RC1.tar.gz
[root@localhost ~]# yum -y install vsftpd ###安裝vsftpd
[root@localhost dylan]# yum -y groupinstall"Development Tools" "Server Platform Development"
[root@localhost dylan]# yum -y installmariadb-server mariadb-devel openssl-devel pam-devel
[root@localhost dylan]# tar -xfpam_mysql-0.7RC1.tar.gz
[root@localhost dylan]# cdpam_mysql-0.7RC1/
[root@localhost pam_mysql-0.7RC1]#./configure --with-mysql=/usr --with-openssl=/usr --with-pam=/usr--with-pam-mods-dir=/lib64/security
[root@localhost pam_mysql-0.7RC1]# make
[root@localhost pam_mysql-0.7RC1]# makeinstall
(2) 配置并創(chuàng)建所需庫(kù)表
[root@localhost pam_mysql-0.7RC1]# mysql-uroot -pxiaozhang ###配置mysql數(shù)據(jù)庫(kù)
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 5.5.52-MariaDB MariaDBServer
Copyright (c) 2000, 2016, Oracle, MariaDBCorporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' toclear the current input statement.
MariaDB [(none)]> create databasevsftpd; ###創(chuàng)建vsftpd庫(kù)
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> use vsftpd;
Database changed
MariaDB [vsftpd]> create table users( ###創(chuàng)建表結(jié)構(gòu)
-> id int auto_increment not null primary key,
-> name char(30) not null,
-> password char(48) binary not null);
Query OK, 0 rows affected (0.02 sec)
MariaDB [vsftpd]> insert intousers(name,password) values('tom',password('xiaozhang')); ###表中插入兩條數(shù)據(jù)
Query OK, 1 row affected (0.00 sec)
MariaDB [vsftpd]> insert intousers(name,password) values('jerry',password('xiaozhang1'));
Query OK, 1 row affected (0.01 sec)
MariaDB [vsftpd]> grant select onvsftpd.* to vsftpd@localhost identified by 'xiaozhang';
###授權(quán)vsftpd用戶
Query OK, 0 rows affected (0.00 sec)
MariaDB [vsftpd]> grant select onvsftpd.* to vsftpd@'127.0.0.1' identified by 'xiaozhang'
;Query OK, 0 rows affected (0.00 sec)
MariaDB [vsftpd]> flush privileges;
Query OK, 0 rows affected (0.01 sec)
(3)創(chuàng)建pam配置文件并創(chuàng)建系統(tǒng)虛擬用戶vuser
[root@localhost dylan]# vim /etc/pam.d/vsftpd.mysql ###創(chuàng)建vsftpd.mysql作為pam認(rèn)證文件
auth required pam_mysql.so user=vsftpdpasswd=xiaozhang host=localhost db=vsftpd table=users usercolumn=namepasswdcolumn=password crypt=2
account required pam_mysql.so user=vsftpd passwd=xiaozhang host=localhostdb=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
[root@localhost dylan]# useradd -s /sbin/nologin-d /ftproot vuser ###創(chuàng)建系統(tǒng)虛擬用戶vuser
[root@localhost dylan]# chmod go+rx/ftproot/
(4)修改vsftpd配置文件
anonymous_enable=YES ###啟用虛擬用戶
local_enable=YES ###啟用本地用戶
write_enable=YES ###允許用戶有寫(xiě)權(quán)限
anon_upload_enable=NO ###匿名用戶不允許上傳
chroot_local_user=YES ###禁錮所有的用戶于其家目錄當(dāng)中
max_clients=200 ###限制最大并發(fā)連接數(shù)為200
anon_max_rate=512000 ###匿名用戶的最大傳輸速率512KB/s
guest_enable=YES ###激活虛擬用戶
guest_username=vuser ###創(chuàng)建vuser用戶作為虛擬對(duì)應(yīng)用戶
pam_service_name=vsftpd.mysql ###vsftpd.mysql作為pam認(rèn)證文件
(5)測(cè)試
[root@localhost ~]# ftp 192.168.0.104 ###ftp遠(yuǎn)程連接
Connected to 192.168.0.104 (192.168.0.104).
220 (vsFTPd 3.0.2)
Name (192.168.0.104:root): tom
331 Please specify the password.
Password:
500 OOPS: vsftpd: refusing to run withwritable root inside chroot()
Login failed.
421 Service not available, remote serverhas closed connection ###連接失敗
[root@localhost ~]# chmod -w /ftproot ###去掉服務(wù)端家目錄的寫(xiě)權(quán)限
[root@localhost ~]# mkdir /ftproot/{pub,upload} ###創(chuàng)建家目錄兩個(gè)目錄
[root@localhost ~]# ftp 192.168.0.104 ###重新連接
Connected to 192.168.0.104 (192.168.0.104).
220 (vsFTPd 3.0.2)
Name (192.168.0.104:root): tom
331 Please specify the password.
Password:
230 Login successful. ###登陸成功
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ###查看目錄
227 Entering Passive Mode(192,168,0,104,150,82).
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 6 Jul 05 02:11 pub
drwxr-xr-x 2 0 0 6 Jul 05 02:11 upload
226 Directory send OK. ###測(cè)試成功
(6)另:如果想upload目錄匿名用戶可上傳文件,需:
[root@localhost ~]# chown vuser/ftproot/upload/
[root@localhost ~]# vim/etc/vsftpd/vsftpd.conf
anon_upload_enable=YES ###開(kāi)啟匿名用戶上傳即可
[root@localhost ~]# systemctl restartvsftpd.service
如果兩個(gè)虛擬用戶����,一個(gè)可上傳,一個(gè)不可上傳�����,需這樣配置:
主配置文件中支持每一個(gè)虛擬用戶可以有自己的單獨(dú)的配置文件這樣的方式解決
[root@localhost ~]# mkdir /etc/vsftpd/vuser.conf.d ###創(chuàng)建配置目錄
[root@localhost ~]# vim/etc/vsftpd/vuser.conf.d/tom ###目錄中創(chuàng)建以虛擬用戶名為文件名文件
anon_upload_enable=YES ###添加此項(xiàng)��,表示允許上傳
[root@localhost ~]# vim/etc/vsftpd/vuser.conf.d/jerry
anon_upload_enable=NO ###表示不允許上傳
[root@localhost ~]# vim /etc/vsftpd/vsftpd.conf ###編輯主配置文件
#anonymous_enable=YES ###注釋此項(xiàng)
user_config_dir=/etc/vsftpd/vuser.conf.d/ ###添加用戶目錄
[root@localhost ~]# systemctl restartvsftpd.service ###重啟服務(wù)即可實(shí)現(xiàn)
(7)數(shù)據(jù)庫(kù)通過(guò)NFS進(jìn)行共享
[root@localhost ~]# yum install nfs-utils-y ###安裝nfs-utils
[root@localhost ~]# systemctl startnfs.service
[root@localhost ~]# ss -tnl
LISTEN 0 64 :::2049 :::*
mysql數(shù)據(jù)目錄為datadir=/var/lib/mysql
[root@localhost ~]# vim/etc/exports.d/mydata.exports
/var/lib/mysql 192.168.0.0/16(rw,root_squash) ###讀寫(xiě)權(quán)限及壓縮root用戶權(quán)限
[root@localhost ~]# exportfs -r ###導(dǎo)出共享目錄
[root@localhost ~]# showmount -e192.168.0.104 ###查看共享目錄
Export list for 192.168.0.104:
/var/lib/mysql 192.168.0.0/16
[root@localhost /]# mkdir /mydata/data -p ###客戶端創(chuàng)建掛載目錄
[root@localhost /]# mount -t nfs192.168.0.104:/var/lib/mysql /mydata/data ###客戶端掛載
[root@localhost /]# mount ###查看掛載信息
192.168.0.104:/var/lib/mysql on/mydata/data type nfs4(rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.0.104,local_lock=none,addr=192.168.0.104)
至此完成
網(wǎng)頁(yè)名稱:samba服務(wù)及vsftp服務(wù)及nfs服務(wù)簡(jiǎn)單配置
文章出自:
http://weahome.cn/article/jcisdi.html
重慶分公司
重慶分公司
