Assume that we have the permission to share the name path in this scenario. everyone, including guests, can access RDDOCS/smb/tech.
Suppose we have such a scenario
| Share Name |
Path |
Permission |
| SHAREDOC |
/Smb/docs |
All personnel, including guests, can access |
| RDDOCS |
/Smb/tech |
Allow read/write access only to users in a specific group |
The group name is RD. Currently, Alice, Jack, and Tom are three people.
Install SAMBA
| |
# Yum-y install samba-client samba-common // or use rpm to install # rpm-ivh samba-4.1.1-37.el7_0.src.rpm // view the installation Version # rpm-qi sambaName: sambaEpoch: 0 Version: 4.1.1Release: 37. el7_0Architecture: x86_64Install Date: Mon 11 Aug 2014 05:10:39 PM CSTGroup: System Environment/DaemonsSize: 1657523 License: GPLv3 + and LGPLv3 + Signature: RSA/SHA256, Wed 06 Aug 2014 03:59:24 am cst, key ID 24c6a8a7f4a80eb5Source RPM: samba-4.1.1-37.el7_0.src.rpmBuild Date: Wed 06 Aug 2014 03:33:22 AM CSTBuild Host: worker1.bsys. centos. orgRelocations: (not relocatable) Packager: CentOS BuildSystem Vendor: CentOSURL: http://www.samba.org/Summary: Server and Client software to interoperate with Windows machinesDescription: Samba is the standard Windows interoperabilitysuite of programs for Linux and Unix. tips: this is also a major change in SAMBA 3: security no longer supports warning: Ignoring invalid value 'share' forparameter 'security' |
|
Configure the SAMBA Server
| |
Create a shared directory (assuming files under the shared/smb directory) # mkdir-p/smb/docs # mkdir-p/smb/tech configure kernel parameters # ulimit-n 16384 # vi/etc/security/limits. conf # add the following content at the end *-nofile 16384 Tip: This mainly prevents the following warning message when starting Samba: rlimit_max: increasing rlimit_max (1024) tominimum Windows limit (16384) # cd/etc/samba // back up the original configuration file # cp smb. conf smb. conf. origin # vi/etc/samba/smb. conf deletes all original content and adds the following content: [global] workgroup = BIGCLOUD netbios name = ZZSRV2 server string = Samba Server # security = share security = user map to guest = Bad User [mongodocs] path =/smb/docs readonly = yes browseable = yes guest OK = yes [RDDOCS] path =/smb/tech/public = no writable = yes write list = @ RD validusers = @ RD |
|
Create a user and assign permissions
| |
// Create an operating system user # useraddalice # useraddjack # useradd tom # useradd RD // modify the user group # usermod-a-g rd alice # usermod-a-g rd jack # usermod -a-g rd tom # id aliceuid = 1000 (alice) gid = 1000 (alice) groups = 1000 (alice), 1003 (RD) // Create a SAMBA user # smbpasswd-a alice # smbpasswd-a jack # smbpasswd-a tom // modify directory permissions # chown RD: RD/smb/tech/# chmod 770/smb/tech // View Service Status # ll-d/smb/tech/drwxrwx --- 2 RD 4096 Aug 11/smb/tech /# systemctlrestart smb # systemctlenable smb # systemctlstatus smbsmb. service-Samba SMB Daemon Loaded: loaded (/usr/lib/systemd/system/smb. service; enabled) Active: active (running) since Tue2014-08-12 11:38:29 CST; 14 s ago Main PID: 16807 (smbd) Status: "smbd: ready to serveconnections... "CGroup:/system. slice/smb. service 16807/usr/sbin/smbd 16808/usr/sbin/smbd systemd [1]: Starting Samba SMB Daemon... smbd [16807]: [11:38:29. 255341, 0] .. /lib/util/become_daemon.c: 136 (daemon_ready) systemd [1]: Started Samba SMB Daemon. smbd [16808]: STATUS = daemon 'smbd 'finished starting up and ready to serve connectionsfailedto retrieve print... CCESSFULHint: Some lines were ellipsized, use-l to show in full. |
|
Test connectivity
| |
// Test # smbclient-L localhost-U alice % P @ ssw0rdDomain = [BIGCLOUD] OS = [Unix] Server = [Samba 4.1.1] Sharename Type Comment ------- ---- mongodocs Disk in Linux RDDOCS Disk IPC $ IPC Service (Samba Server) domain = [BIGCLOUD] OS = [Unix] Server = [Samba 4.1.1] Server Comment --------- ------- Workgroup Master --------- ------- // Test C on Windows: \> netuse */del: \ 192.168.1.18 \ d $. Do you want to continue this operation? (Y/N) [N]: The y command is successfully completed. C: \> netuse \ 192.168.188.12 P @ ssw0rd/U: alice command is successfully completed. Open resource manager for write test |
|
This article is from the "Li Hao" blog, please be sure to keep this source http://leaus.blog.51cto.com/9273485/1540729
