How PAM implements Samba access control for users and hosts

Article title: PAM implements Samba access control for users and hosts. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

PAM (Pluggable Authentication Module) is a very effective tool for host and user access control. Samba3.0 has already been well integrated with PAM. With the powerful and flexible authentication mechanism of PAM, you can control access to users and hosts at the same time.

A Samba server has a shared directory/var/myAREA. you want st02 to access this shared segment on any host in the network segment 192.168.1.0/24, however, you cannot access the shared segment on any host in the network segment 192.168.1.0/24.

(1) edit the smb. conf configuration file to support PAM authentication and configure the shared segment myAREA

[Global]

......

Obey restrictions = yes

[MyAREA]

Path =/var/myAREA

(2) edit the configuration file/etc/pad. d/samba to add an access control file.

Add the following statement before the first accout command:

Account required pam_access.so accessfile =/etc/mysmblogin

(3) Create a custom Samba access control file/etc/mysmblogin

Vi/etc/mysmblogin

The content is as follows:

+: St02: 192.168.1.

-: Update: 192.168.1.

Restart the samba service and test.

The above experiment was successfully passed under RedHatAS4 and AS5, hoping to help you in your practical work.