Linux Samba server configuration exercise

Environment

RedHat Linux 9 + vwware 8.0 + SSH 3.2.9

Task requirements

Use the samba service to complete the following tasks:

Assume that the company has three departments: finance, technology, and leadership. We have three user groups: caiwu, network, and lingdao;

There are two users in each of the three departments. The created users are caiwu01, caiwu02, network01, network02, lingdao01, and lingdao02.

1. First, the server uses user authentication. Each user can access his/her home directory, and only the user can access the home directory with full permissions, others cannot see your home directory.
2. Create a caiwu folder. If you want the Members of the caiwu group and lingdao group to see the folder, network02 can also be accessed, but only caiwu01 has the write permission.
3. Create a lindao directory. Only the leaders can access and read/write the directory, and network02 can also be accessed, but outsiders cannot see the directory.
4. Create a file exchange directory for everyone to read and write, including guest users, but everyone cannot delete others' files.
5. Create a public read-only folder named public. All users can read the contents of this folder.

Verification Method:
For example, log on to SSH as a caiwu01 user and run the following command to verify that the samba service configuration is correct.

Name of the shared file in the smbclient // linuxip/samba configuration file

For example, enter the following command in SSH: smbclient // 192.168.78.100/share

Related commands

1. create three groups: groupadd caiwu; groupadd network; groupadd lingdao; 2. add a user to the relevant group: useradd caiwu01-G caiwu; useradd caiwu02-G caiwu; useradd network01-G network; useradd network02-G network; useradd lingdao01-G lingdao; useradd lingdao02-G lingdao; 3. use smbpasswd to add the samba password smbpasswd caiwu01; smbpasswd caiwu02; smbpasswd network01; smbpasswd network02; smbpasswd lingdao01; smbpasswd lingdao02; 4. we use smbpasswd- The caiwu01 command is used to add six accounts to Samba users, smbpasswd-A caiwu01; smbpasswd-A caiwu02; smbpasswd-networka 01; smbpasswd-A network02; prepare-A lingdao01; smbpasswd-A lingdao02; 5. create the directory to be used: mkdir/home/samba; mkdir/home/samba/caiwu; mkdir/home/samba/lingdao; mkdir/home/samba/exchange; mkdir/home/samba/public; in order to avoid the trouble, you can set the permissions of all the above folders to 777 and set the above 5 requirements through flexible Samba permission management. 6. configure SMB. confsmb. conf configuration file [Global] workgroup = bmit # I Network workgroup Server String = Frank's Samba File Server # My Server Name Description SECURITY = user # Use the user authentication mechanism encrypt passwords = yessmb passwd file =/etc/samba/smbpasswd # use the encrypted password mechanism, IN Win95 and WinNT, plaintext is used. 7. the homes segment meets the 1st condition [caiwu01] Comment = tenant = yeswriteable = yespath =/home/caiwu01valid users = caiwu01 [caiwu02] Comment = tenant = yeswriteble = yespath =/home/caiwu02 [network01] Comment = network01browseable = Yeswriteable = yespath =/home/network01valid users = network01 [network02] Comment = affinity = yeswriteable = yespath =/home/network02valid users = network02 [affinity] Comment = affinity = yeswriteable = yespath = /home/lingdao01valid users = lingdao01 [lingdao02] Comment = lingdao02browseable = yeswriteable = yespath =/home/lingdao02valid users = segment meeting our 2nd requirements [C Aiwu] Comment = caiwupath =/home/samba/caiwupublic = novalid users = @ caiwu, @ lingdao, network02write list = caiwu01printable = No # The caiwu Section meets our 2nd requirements. 9. the lingdao segment can meet our 3rd requirements [lingdao] Comment = lingdaopath =/home/samba/lingdaopublic = nobrowseable = novalid users = @ lingdao, network02printable = No # The lingdao segment can meet our 3rd Requirement 10. exchage shared file configuration [exchage] Comment = exchange file directorypath =/home/samba/exchangepublic = Yeswritable = yes # The exchange segment can basically meet our 4th requirements, but it cannot meet the condition that everyone cannot delete other people's files, even if the mask is set, it is useless, in fact, this condition only requires a sticking bit in Unix. the CHMOD-r 1777/home/samba/exchange permission is 1777, and similar system directories/tmp have the same permission, this permission allows everyone to write files freely, but cannot delete others' files. 11. this public segment can meet our 5th requirements [public] Comment = read only publicpath =/home/samba/publicpublic = yesread only = yes # This public segment can meet our 5th requirements.