Common service Building (Nfs/ftp/samba)

One. NFS
1. Introduction to NFS
The NFS full name is the network file system
NFS allows a system to share directories and files with others on the network. By using NFS, users and programs can access files on the remote system as if they were accessing local files.
If there are three machines A, B, C, they need to access the same directory, the directory is a picture, the traditional practice is to put these pictures in a, B, C. But using NFS only needs to be placed on a, then a is shared with B and C. At the time of the visit, B and C go through the network to access the directory on a.
2. Installing and configuring NFS Services
Need to install two packages (Nfs-utils and Rpcbind)
Yum install-y Nfs-utils will be installed at the same time Rpcbind
The Vim/etc/exports//content on the Machine providing NFS services is as follows:
/HOME/192.168.137.0/24 (rw,sync,all_squash,anonuid=501,anongid=501)
is divided into three parts, the first part is the local directory to be shared, the second part is allowed to access the host (can be an IP can also be an IP segment) The third part is the parentheses inside, for some permission options. It means: The shared directory is/home, the trusted host is 192.168.137.0/24 this network segment, the permission is read and write, synchronization, limited to all users, and the qualified UID and GID are 501.
Start/etc/init.d/rpcbind start; /etc/init.d/nfs start

3. Description of some options for NFS configuration
RW: Read and write;
RO: Read only;
Sync: Synchronous mode, in-memory data is always written to disk;
Async: Out-of-sync, write in-memory data to disk on a regular basis;
No_root_squash: With this option, the root user has high control over the shared directory, as if it were a native directory operation. Unsafe, not recommended for use;
Root_squash: And the above options correspond to the root user permissions on the shared directory is not high, only the normal user's permission, that is, limit the root;
All_squash: Regardless of the user who uses NFS, his identity will be limited to a designated ordinary user identity;
Anonuid/anongid: To be used with Root_squash and All_squash to specify a user-defined UID and GID using NFS, provided the UID and GID exist in the/etc/passwd of this machine.

4. Mount NFS on the client
The client also installs the Yum install-y nfs-utils
See which directories are shared on the server side
SHOWMOUNT-E 192.168.137.10
Mount NFS on the client side of the server
Mount-t NFS 192.168.137.10:/home//mnt/
Df-h viewing the Mount situation

5. Use of the EXPORTFS command
-A: Mount or uninstall all;
-R: Re-mount;
-U: Uninstalls a directory;
-V: Show shared Directories
After changing the/etc/exports configuration file, do not restart the NFS service directly with this EXPORTFS
Exportfs-arv make effective
When using NFS, one of the most common options is-o nolock
We can also write the NFS directory you want to mount to the/etc/fstab file on the client 192.168.137.10:/tmp//test NFS nolock 0 0 then Mount-a

Two. FTP
1. What is FTP
FTP is the abbreviation for the file Transfer Protocol (document Transfer Protocol), which is known as the "Interfax protocol" for two-way transmission of control files on the Internet.
The primary role of FTP is to have users connect to a remote computer (which is running an FTP server program) to see what files are available on the remote computer, then copy the files from the remote computer to the local computer, or send the local computer's files to the remote computer.
The FTP software that comes with CentOS or Redhat Linux is called VSFTPD

2. Using PURE-FTPD to build FTP service
PURE-FTPD official website http://www.pureftpd.org/project/pure-ftpd
wget http://download.pureftpd.org/pub ... ftpd-1.0.32.tar.bz2
Tar jxf pure-ftpd-1.0.32.tar.bz2
CD pure-ftpd-1.0.32
./configure--prefix=/usr/local/pureftpd--without-inetd--with-altlog--with-puredb--with-throttling--with- Peruserlimits--with-tls
Make && make install
CD Configuration-file
Mkdir-p/usr/local/pureftpd/etc/
CP pure-ftpd.conf/usr/local/pureftpd/etc/pure-ftpd.conf
CP pure-config.pl/usr/local/pureftpd/sbin/pure-config.pl
chmod 755/usr/local/pureftpd/sbin/pure-config.pl
VIM/USR/LOCAL/PUREFTPD/ETC/PURE-FTPD.CONF//Contents are as follows:

2. Chrooteveryone Yes
4. Brokenclientscompatibility No
6. Maxclientsnumber 50
8. Daemonize Yes
10. Maxclientsperip 8
12. Verboselog No
14. Displaydotfiles Yes
16. AnonymousOnly No
18. Noanonymous No
20. Syslogfacility FTP
22. Dontresolve Yes
24. MaxIdleTime 15
26. Puredb/usr/local/pureftpd/etc/pureftpd.pdb
28. Limitrecursion 3136 8
30. Anonymouscancreatedirs No
32. Maxload 4
34. Antiwarez Yes
36. Umask 133:022
38. Minuid 100
40. ALLOWUSERFXP No
42. ALLOWANONYMOUSFXP No
44. Prohibitdotfileswrite No
46. Prohibitdotfilesread No
48. Autorename No
50. Anonymouscantupload No
52. Pidfile/usr/local/pureftpd/var/run/pure-ftpd.pid
54. Maxdiskusage 99
56. Customerproof Yes

Copy Code

Mkdir/data/ftp #创建ftp服务的目录
Useradd www #创建以哪个账号的身份登录ftp
/USR/LOCAL/PUREFTPD/BIN/PURE-PW useradd test1-uwww-d/data/ftp #建立虚拟账号
/USR/LOCAL/PUREFTPD/BIN/PURE-PW MKDB #创建密码文件
/USR/LOCAL/PUREFTPD/BIN/PURE-PW List #列出用户
/USR/LOCAL/PUREFTPD/BIN/PURE-PW Userdel test1 #删除账号
command to start the PURE-FTPD service:/usr/local/pureftpd/sbin/pure-config.pl/usr/local/pureftpd/etc/pure-ftpd.conf
2. VSFTP Configuring the FTP service
Yum install-y vsftpd Db4-utils
Establish the system account associated with the virtual account Useradd virftp-s/sbin/nologin
Create a virtual account related documents Vim/etc/vsftpd/vsftpd_login//content as follows:
Test1
123456
Test2
ABCdef
chmod 600/etc/vsftpd/vsftpd_login
Generate the corresponding library file Db_load-t-T hash-f/etc/vsftpd/vsftpd_login/etc/vsftpd/vsftpd_login.db

Create a virtual account related directory and configuration file mkdir/etc/vsftpd/vsftpd_user_conf
CD/ETC/VSFTPD/VSFTPD_USER_CONF Create and user-corresponding profiles
Vim test1 content is as follows:
Local_root=/home/virftp/test1
Anonymous_enable=no
Write_enable=yes
local_umask=022
Anon_upload_enable=no
Anon_mkdir_write_enable=no
idle_session_timeout=600
data_connection_timeout=120
max_clients=10
Max_per_ip=5
local_max_rate=50000

Mkdir/home/virftp/test1
Modify Permissions: Chown-r virftp:virftp/home/virftp
VIM/ETC/PAM.D/VSFTPD add two lines at the beginning
Auth sufficient/lib/security/pam_userdb.so Db=/etc/vsftpd/vsftpd_login
Account Sufficient/lib/security/pam_userdb.so Db=/etc/vsftpd/vsftpd_login
Then modify/etc/vsftpd.conf vim/etc/vsftpd/vsftpd.conf
Anonymous_enable=yes Change to Anonymous_enable=no
#anon_upload_enable =yes to Anon_upload_enable=no
#anon_mkdir_write_enable =yes to Anon_mkdir_write_enable=no
Add again:

1. Chroot_local_user=yes
2. Guest_enable=yes
3. Guest_username=virftp
4. Virtual_use_local_privs=yes
5. User_config_dir=/etc/vsftpd/vsftpd_user_conf

Copy Code

Start VSFTPD service/etc/init.d/vsftpd start

Three. Samba Services
1. What is Samba
The Samba service is similar to the sharing feature on Windows, which enables you to share files on Linux, access them on Windows, and, of course, access them on Linux.
is a kind of communication protocol that share files and printers on LAN, it provides the sharing service of files and printers among different computers in LAN.

2. Install the configuration Samba
Yum Install-y Samba Samba-client
Configuration file Explanation:
[Global] Defines the global configuration, workgroup is used to define the workgroup, and I believe that if you install a Windows system, you will be familiar with this workgroup. In general, we need to change the mygroup here to Workgroup (the Windows default workgroup name).
Security = User #这里指定samba的安全等级. There are four types of safety levels:
Share: Users do not need an account and password to log in to the Samba server
User: The Samba server providing the service checks the account and password (default)
Server: Checking account and password work is done by another Windows or Samba server
Domain: Specifies the Windows domain control server to verify the user's account and password.
Passdb backend = Tdbsam # Passdb backend (user backend), Samba has three user backgrounds: smbpasswd, Tdbsam, and Ldapsam.

3. Samba configuration file
SMBPASSWD: This method uses the SMB tool SMBPASSWD to set up a samba password for the system user (real or virtual), which the client uses to access the Samba resources. SMBPASSWD in/etc/samba, it is sometimes necessary to create the file manually.
Tdbsam: Create a user database with a database file. The database file is called Passdb.tdb, in/etc/samba. The PASSDB.TDB user database can use Smbpasswd-a to create Samba users, and Samba users to create must first be system users. You can also use Pdbedit to create a samba account. Pdbedit a number of parameters, listed several main:
PDBEDIT-A Username: Create a new samba account.
Pdbedit-x Username: Delete Samba account.
Pdbedit-l: Lists the list of Samba users and reads the PASSDB.TDB database file.
PDBEDIT-LV: Lists the Samba user list details.
Pdbedit-c "[D]"-u username: Pauses the Samba user account.
Pdbedit-c "[]"-u username: Restores the samba user account.
Ldapsam: Authenticates the user based on the LDAP account management method. First to establish the LDAP Service, set "Passdb backend = Ldapsam:ldap://ldap Server"
The Load printers and cups options two parameters are used to set up printer-related.
In addition to these parameters, there are several parameters you need to know:
NetBIOS name = MYSERVER # Sets the host name that appears in My Network Places
The hosts allow = 127. 192.168.12.192.168.13. The 172.16.# is used to set the allowed hosts, and if preceded by ";" means all hosts are allowed
Log file =/var/log/samba/%m.log #定义samba的日志, where the%m is the NetBIOS name above
Max log size = 50 # Specifies the maximum capacity of the log, in K
[Homes] This part of the content share the user's own home directory, that is, when the user logged on to the samba server is actually entered into the user's home directory, after the user login, the share name is not homes but the user's own identifier, for a simple file-sharing environment, this part can be looked out.
[Printers] This part of the content set up printer sharing.

4. Samba Practices A
Requires a directory to be shared, accessible by anyone, without entering a password, requiring read-only
[Global] section MyGroup change to Workgroup
Security = user changed to Security = Share
Add at the end:

1. [Share]
2. Comment = Share all
3. Path =/tmp/samba
4. browseable = yes
5. Public = yes
6. writable = no

Copy Code

Mkdir/tmp/samba
chmod 777/tmp/samba
Touch/tmp/samba/sharefiles
echo "111111" >/tmp/samba/sharefiles
Start:/ETC/INIT.D/SMB start
Check that the configured smb.conf are correct testparm
Test: Win Machine Browser input File://192.168.0.22/share
or run column input: \\192.168.0.22

5. Samba Practices Two
Share a directory, log in with a user name and password to access, ask to read and write
The [Global] section reads as follows:

1. [Global]
2. Workgroup = Workgroup
3. Server string = Samba Server Version%v
4. Security = User
5. Passdb backend = Tdbsam
6. Load printers = yes
7. Cups options = raw

Copy Code

Also need to add:

1. [MyShare]
2. Comment = Share for users
3. Path =/samba
4. browseable = yes
5. writable = yes
6. public = No

Copy Code

Create directory: Mkdir/samba
Modify Permissions: chmod 777/samba

To create a system account:
Useradd user1
Useradd User2
Add User1/user2 as a Samba account:
Pdbedit-a user1
Pdbedit-a User2
List all Samba accounts: pdbedit–l
Restart Service Services SMB restart
Test: Browser Input File://192.168.0.22/myshare

6. Linux access to Samba shared files
Installing the client software Yum install-y samba-client
Command format: smbclient//ip/share name-u user name
such as: Smbclient//127.0.0.1/share If it is anonymous access can omit-u
Mount Mount Samba directory: mount-t cifs//192.168.0.22/myshare/mnt-o username=user1,password=123456

Common service Building (Nfs/ftp/samba)