Setup of Samba server under Linux (case simulation)

Source: Internet
Author: User

The Mock case:

ABC Company has 4 departments: Sales+design+develop+ops

Now you have to set up separate shared folders for each of the four departments and a share folder that can read and write to each other.

Considering the accidental deletion or malicious deletion of other employees with the department of the file, need to use the sticky attribute, sticky general role in the directory, once the role, then the directory files can only be deleted by the file founder or root.

Open up!

Step1 Creating a directory structure

Mkdir-p/abc/{design,sales,develop,ops,share{design,sales,develop,ops}}
/abc//abc/|-- Design|-- develop|-- ops|-- Sales '-- share |-- Design |-- Develop |-- ops '--Sales

STEP2 Add an Account

We create 2 users for each department and write a script user.sh

#/bin/Bash#depart=(Sales design develop OPS) for in ${depart[@]};  Do     groupadd $g    for in12);  Do -m-s/sbin/nologin-G ${g} ${g} $i    donedone         

STEP3 Configuration smb.conf

#======================= Global Settings =====================================[Global] Workgroup=SAMBA Serverstring=Samba Server NetBIOS name=SAMBA# ---------------------------Logging Options-----------------------------# Logs split per machine log file= /var/log/samba/log.%m # max 50KB per log file, then rotate max log size= -# -----------------------Standalone Server Options------------------------Security=User Passdb Backend=Tdbsam Load Printers=Yes cups options=raw#============================ Share Definitions ==============================;       [Homes]; Comment=Home Directory; Browseable=No; Writeable=No[sales] Comment=Sales Share Path=/abc/Sales browsable=Yes guest OK=No writable=No write list=@sales [design] Comment=Design Share Path=/abc/Design browsable=Yes guest OK=No writable=No write list=@design [Develop] comment=Develop share path=/abc/Develop browsable=Yes guest OK=No writable=No write list=@sales [ops] Comment=Ops share Path=/abc/Ops browsable=Yes guest OK=No writable=No write list=@sales [share] Comment= PublicShare Path=/abc/Share browsable=Yes guest OK=No writable= yes

Step4. Setting permissions

Chown:d Esign/abc/design

Chown:sales/abc/sales

Chown:d Evelop/abc/develop

Chown:ops/abc/ops

Chown:d Esign/abc/share/design

Chown:sales/abc/share/sales

Chown:d Evelop/abc/share/develop

Chown:ops/abc/share/ops

chmod 1770/abc/{design,sales,ops,develop}

chmod 775/abc/share

chmod 1775/abc/share/{design,sales,ops,develop}

Final stage: Test effect

Take Sales1 user as an example,

Relative root directory: Sales1 cannot enter a directory other than the sales and share folders.

Relative Sales directory: Sales1 can create new, delete your own files. However, the file created by Sales2 cannot be deleted (sticky worked)

Relative share directory: Sales1 can access all directories but only write permissions within the sales directory, and because sticky permissions are set, Sales1 cannot delete files created by Sales2.

At this point, complete

Setup of Samba server under Linux (case simulation)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.