Samba service setup RHEL6

SambaThe service can not only implement linuxAnd winFile Sharing between linux instances.And linuxSharing between sambaOnly local users on the server are allowed.

The environment in this article is configured when selinux is enabled

Samba service configuration:

Preferred installation of samba software package:

Create a directory to be shared: Modify the directory permission

Create several files in the directory to show the differences:

Install the software package for modifying the Directory Security Context:

Modify the security context of a directory:

You can also useChcon-t samba_share_t/helloStability is not always effective

View the modified directory security context:

Configure the samba server:

Here is an example of parameters:

Restart the service:

Anonymous user test:(Anonymous users cannot useSambaService)

However, anonymous users can view sambaDirectory shared by the server:

Add two samba users:

Log on with a local user: (if you have added a samba user and do not write a directory, the system can log on by default)

Although the write permission is granted to the directory, it is found that the directory cannot be uploaded,Directory permissions andSambaSet the configuration file permissions to the intersection.

Test on the Win client: (as long as we log on to the samba service, we need a user name and password to prevent anonymous users from accessing the service. The linux client can still see the shared directory, win, you only need a password to log on, and you have no permission to view the password, which is stricter)

Log On with samba :(Default Configuration FileSambaThe user's home directory is opened.)

 

Try to open the westos shared directory: (no problem at all)

Let's create a file. OK? (Prompt no permission)

 

Let's see if you can use the home directory of lee users :(No. This is because of ourSelinxuThe Boolean value does not open the Home Directory, so it can only be viewed as inaccessible)

The cache of the Win system is well established. As long as we have accessed the samba service, you can access it again within a certain period of time without the user name. The password can be directly entered. Use the following method to disconnect

We re-configure the samba service: public is added, and everyone can see this directory.

Client test :(Anonymous Users can log on) The linux client can be used. windows won't work. You will be prompted to ask for the user name and password as soon as you log on.

Try again for common users:

ConfigurationSambaService:Writeable = yesAll users have write permissions, including anonymous users.

Anonymous user:

You can log in and upload files.

Test Local User: Upload is normal

Win client test:

 

 

If you have the write permission, you can delete, create a directory, and upload a file:

 

Configure the samba service:Write list =Specify that a user has the write permission, but no one else has:

Client test: redhat user

Lee User:

Not OK, no permission

Configure the samba service:@ RedhatThis group can be written, but others cannot.

Add the lee user to the redhat group:

Client test: lee user can write again

Configure the samba service: Hide the westos directory

Test: The westos directory is completely invisible.

The Windows client also tests that samba local users cannot see

Yes, right?

Configure the samba service: Valid users for this directory

Test: inaccessible

Test with win: We found that you still need the password username to enter this directory,

 

Add an administrator to the samba service:

What does the Administrator think? This is the file we uploaded, the owner, and the owner group, almost all belong to the login user identity. However, when a lee user acts as the administrator, all his actions will be changed to the root identity.

 

There are many other parameters:

Password server = # other NT servers, or samba servers, but security = The ntbios name of the server or domain

 

Hosts allow = 192.168.0. # specify which hosts can access

 

Hosta deny = 192.168.8. # specify which hosts are not accessible

 

Interfaces = 192.168.0.100/255.255.255.0 # set which network interfaces samba will provide services.

 

Log file =/var/log/samba/% m. log # log file

 

Max log size = 0 # log File size

 

Log level = 0 # log level 0 indicates no, 3 is generally reasonable

 

Syslog = 2 # syslog Log Level (0, err) (1, warning) (2, notice) (3, ifno) (4 or above, debug)

 

Syslog only = yes # only Use System logs to disable samba logs