2. Identify shared server shared directory
Smbclient-l//172.25.254.250
Enter root ' s password: direct carriage return
Domain=[mygroup] Os=[unix] Server=[samba 4.1.1]
Sharename Type Comment
--------- ---- -------
WESTOS1 Disk Test Share
Westos2 Disk Test Share
WESTOS3 Disk Test Share
Westos4 Disk Test Share
WESTOS5 Disk Test Share
WESTOS6 Disk Test Share
Westos7 Disk Test Share
Westos8 Disk Test Share
Westos9 Disk Test Share
WESTOS10 Disk Test Share
ipc$ IPC IPC Service (Samba Server Version 4.1.1)
Domain=[mygroup] Os=[unix] Server=[samba 4.1.1]
Server Comment
--------- -------
Workgroup Master
--------- -------
3. Accessing the Share
Command access)
Smbclient//172.25.254.250/westos
Enter Root ' s password:
Mount access)
Mount//172.25.254.250/westos/mnt-o Username=guest
4. Auto mount on Boot
Method one)
Vim/etc/fstab
172.25.254.250/westos/mnt CIFS desfaults,username=guest 0 0
Method Two)
Vim/etc/rc.d/rc.local
Mount//172.25.254.250/westos/mnt-o Username=guest
NFS Network File system access
1. Install access to shared files
Yum Install Nfs-utils-y
2. Identify shares
Mount 172.25.254.250:/nfsshare/nfs1/mnt
3. Auto Mount
Method one)
Vim/etc/fstab
172.25.254.250:/nfsshare/nfs.1/mnt NFS Defaults 0 0
Method Two)
Vim/etc/rc.d/rc.local
Mount 172.254.25.250:/nfsshare/nfs1/mnt
chmod 755/etc/rc.d/rc.local
AutoFS Automatic Mount Service
1. Service function
Shared server resources are also wasted when you use mount mount sharing when not in use
AutoFS can be implemented automatically when used, automatically unload when idle
2. Installation Services
Yum Install Autofs-y
Systemctl Start AutoFS
3. Access
Cd/net/172.25.254.250/nfsshare/nfs1
4. Set Idle unload time
Vim/etc/autofs.conf
Timeout = 3 (set to 3 seconds after the system automatically uninstalls the network device; default is 300)
5. Implementing a custom shared mount point
Vim/etc/auto.master
Final custom mount point Upper directory sub-configuration file
13/mnt/etc/auto.nfs
Vim Sub-configuration file
Final mount point Network shared directory
Vim/etc/auto.nfs
Pub1 172.25.254.250:/NFSSHARE/NFS1
* 172.25.254.250:/nfsshare/& designated person to share mount point
Systemctl Restart AutoFS Restart Service
LDAP Network account
What is 1.LDSP?
LDAP Directory service authentication is similar to Windows Active Directory, which is a way to record data
Software required by 2.LDAP clients
Yum SSSD krb5-workstation-y
3. How to turn on LDAP user authentication
Authconfig-tui
Mkdir/etc/openldap/cacerts
cd/etc/openldap/cacerts/
wget HTTP://172.25.254.254/PUB/EXAMPLE-CA.CRT Obtaining a certificate
650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/8A/48/wKiom1gsTIzD3ylAAAN1sPNhrdQ221.png-wh_500x0-wm_3 -wmp_4-s_3401558981.png "style=" Float:none; "title=" screenshot from 2016-11-12 06-25-06.png "alt=" Wkiom1gstizd3ylaaan1spnhrdq221.png-wh_50 "/>
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/8A/45/wKioL1gsTI6xdshFAAQw_p7KtvA017.png-wh_500x0-wm_3 -wmp_4-s_3714637154.png "style=" Float:none; "title=" screenshot from 2016-11-12 06-25-36.png "alt=" Wkiol1gsti6xdshfaaqw_p7ktva017.png-wh_50 "/>
650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/8A/45/wKioL1gsTJHDNNHHAAXgksGTgF0629.png-wh_500x0-wm_3 -wmp_4-s_1260639689.png "style=" Float:none; "title=" screenshot from 2016-11-12 06-27-07.png "alt=" Wkiol1gstjhdnnhhaaxgksgtgf0629.png-wh_50 "/>
< testing >
Getent passwd Ldapuser1
If the display user information is displayed correctly, it proves successful
List all Users
Vim/etc/sssd/sssd.conf
Enumrate = True to list hidden users
Systemctl Restart Sssd.service
Auto-mount Home Directory
Yum Install Autofs-y
Vim/etc/auto.master
/home/guests/ect/auto.ldap
Vim/etc/auto.ldap
* 172.25.254.254:/home/guests/&
Systemctl Restart AutoFS
Systemctl Enable AutoFS
Script mode
Script content)
#!/bin/bash
echo "Install software ing ..."
Yum Install SSSD krb5-workstation autofs-y &>/dev/null
echo "Config LDAP auth client ing."
Authconfig \
--ENABLELDAP \
--ENABLEKRB5 \
--disableldapauth \
--ENABLELDAPTLS \
--LDAPLOADCACERT=HTTP://172.25.254.254/PUB/EXAMPLE-CA.CRT \
--ldapserver= "classroom.example.com" \
--ldapbasedn= "dc=example,dc=com" \
--krb5realm= "example.com" \
--krb5kdc= "classroom.example.com" \
--krb5adminserver= "classroom.example.com" \
--ENABLESSSD \
--enablesssdauth \
--update
echo "Config LDAP user\ ' s home directory ing:"
Echo/home/guests/etc/auto.ldap >>/etc/auto.master
echo "* 172.25.254.254:/home/guests/&" >>/etc/auto.ldap
Systemctl Restart AutoFS
Systemctl Enable AutoFS &>/dev/null
echo "All are successfully"
9.FTP Service
2. Installation
Yum Install Vsftpd-y
Systemctl Start VSFTPD
Systemctl Enable VSFTPD
Setenforce 0
Lftp IP Login
[[email protected] ~]# firewall-cmd--permanent--add-service=ftp Add ftp to the firewall, you can
Perform
Success
[Email protected] ~]# Firewall-cmd--reload
Success
[[email protected] ~]# firewall-cmd--list-all List of services available
Public (default, active)
Interfaces:eth0
Sources
services:dhcpv6-client ftp SSH
Ports
Masquerade:no
Forward-ports:
Icmp-blocks:
Rich rules:
3.VSFTPD File Information
/var/ftp Default Publishing Directory
/ETC/VSFTPD Configuration Directory
Chgrp ftp/var/ftp
chmod 775/var/ftp
Configuration parameters for 4.VSFTPD Services
1) anonymous user settings
vim/etc/vsftpd/vsftpd.conf
Anonymous_enable=yes | no Your name User login restrictions
< anonymous user upload;
vim/etc/vsftpd/vsftpd.conf
Write_enable=yes
Anon_upload_enable=yes
anon_ root=/directry Anonymous User home directory modify
anon_world_readable_only=no | yes Anonymous user download
anon_mkdir_write_enable=yes | no Anonymous user Create directory
anon_other_write_enable=yes | no Anonymous user Delete
anon_umask=xxx Anonymous user upload file default permissions modify
anon_max_rate=102400 speed limit
Max_clients=1 limited number of visitors
2. Local User settings
Local_enable=yes Open Local User Login
Write_enable=yes allow read and write
Local User Home Directory modification
Local_root=/directory
Local User upload file permissions
Local_umask=xxx
Restrict Local users ' browsing/directory
All users locked in their home directory
Chroot_local_user=yes
chmod u-w/home/* Change Permissions
User blacklist
Chroot_local_user=no
Chroot_list_enable=yes
Chroot_list_file=/etc/vsftpd/chroot_list
User Whitelist
Chroot_local_user=yes
Chroot_list_enable=yes
Chroot_list_file=/etc/vsftpd/chroot_list
< Restrict local login >
Vim/etc/vsftpd/ftpusers
Vim/etc/vsftpd/user_list
User White list settings
Userlist_deny=no
Users can log in to FTP on the/etc/vsftpd/user_list list
< virtual user creation >
Vim/etc/vsftpd/userfile creating a virtual user file
Db_load-t-T Hash-f/etc/vsftpd/userfile/etc/vsftpd/userfile.db encryption
Rm-rf/etc/vsftpd/userfile deleting the original file
VIM/ETC/PAM.D/ASD file name arbitrary
Account Required Pam_userdb.so Db=/etc/vsftpd/userfile
Auth Required pam_userdb.so Db=/etc/vsftpd/userfile
Vim/etc/vsftpd/vsftpd.conf
Pam_service_name=ckvsftpd
Guest_enable=yes
Virtual Account identity designation)
Guest_username=asd
chmod u-w/home/ftpuser
Virtual Account home directory independent settings)
Vim/etc/vsftpd/vsftpd.conf
local_root=/ftpuserhome/$USER
user_sub_tokrn= $USER
Mkdir/ftpuserhome
Chgrp Ftpuser/ftpuserhome
chmod g+s/ftpusername
Linux Learning Note 11