linux网络服务[samba信息服务块]——————本地用户登录验证、部分用户登录samba服务器、部分用户对共享区域有可写权限、设置上传文件目录的权限

文章目录

  • 1. 本地用户登录验证
  • 2.合法用户访问共享区域
    • 2.1 部分用户登录samba服务器
    • 2.2 部分用户对共享区域有可写权限
    • 2.3 设置上传文件的权限

1. 本地用户登录验证

实验准备:

  • 在上一章的实验基础上继续实验。

1)编辑服务端配置文件(新建一个共享):

[root@smb-server ~]#  vim /etc/samba/smb.conf

[testsong] # 共享名
        comment = share directory # 描述
        path = /testsong # 共享目录
        public = yes # 游客可登录
        browseable = yes # 允许查看
        writable = yes # 可写
;       write list = +staf

2)建立共享目录,重启服务:

[root@smb-server ~]# mkdir /testsong

3)重启服务:

[root@smb-server ~]# systemctl restart smb.service 

4)客户端进行查看:

[root@client1 ~]# smbclient -U liu  -L //172.25.5.10
Enter liu s password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	testsong        Disk      share directory # 建立的共享目录成功
	IPC$            IPC       IPC Service (Samba 4.4.4)
	liu             Disk      Home Directories
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

	Server               Comment
	---------            -------

	Workgroup            Master
	---------            -------

[root@client1 ~]# smbclient -U song  -L //172.25.5.10
Enter song's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	testsong        Disk      share directory
	IPC$            IPC       IPC Service (Samba 4.4.4)
	song            Disk      Home Directories
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]

	Server               Comment
	---------            -------

	Workgroup            Master
	---------            -------

5)所有人可以写入吗:(不能,配置文件开启,但是文件系统不可以):

  • 服务端的目录:
[root@smb-server ~]# ls -ld /testsong/
drwxr-xr-x 2 root root 6 Aug 23 15:10 /testsong/

6)给予其他人可写权限:

[root@smb-server ~]# chmod o+w /testsong/
[root@smb-server ~]# ls -ld /testsong/
drwxr-xrwx 2 root root 6 Aug 23 15:10 /testsong/

7)客户端测试登录:

  • 用户liu进行上传成功:
[root@client1 ~]# smbclient -U liu  //172.25.5.10/testsong
Enter liu's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:10:01 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020

		4597760 blocks of size 1024. 1434868 blocks available
smb: \> put initial-setup-ks.cfg 
putting file initial-setup-ks.cfg as \initial-setup-ks.cfg (697.6 kb/s) (average 697.6 kb/s)
smb: \> ls
  .                                   D        0  Sun Aug 23 15:23:13 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434776 blocks available
smb: \> q
  • 用户song进行上传:
[root@client1 ~]# smbclient -U song  //172.25.5.10/testsong
Enter song's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:23:13 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434836 blocks available
smb: \> put anaconda-ks.cfg 
putting file anaconda-ks.cfg as \anaconda-ks.cfg (1000.9 kb/s) (average 1001.0 kb/s)
smb: \> ls
  .                                   D        0  Sun Aug 23 15:24:35 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020
  anaconda-ks.cfg                     A     2050  Sun Aug 23 15:24:35 2020

		4597760 blocks of size 1024. 1434812 blocks available
smb: \> q

8)服务端查看:

[root@smb-server ~]# cd /testsong/
[root@smb-server testsong]# ls
anaconda-ks.cfg  initial-setup-ks.cfg
[root@smb-server testsong]# ll
total 8
-rwxr--r-- 1 song song 2050 Aug 23 15:24 anaconda-ks.cfg # 一个属于song用户
-rwxr--r-- 1 liu  liu  2143 Aug 23 15:23 initial-setup-ks.cfg # 一个属于liu用户

9)客户端使用liu用户登录删除song用户的文件:(删除成功),两个原因(o+w;writable = yes)

[root@client1 ~]# smbclient -U liu  //172.25.5.10/testsong
Enter liu's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:24:35 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020
  anaconda-ks.cfg                     A     2050  Sun Aug 23 15:24:35 2020

		4597760 blocks of size 1024. 1434880 blocks available
smb: \> rm anaconda-ks.cfg 
smb: \> ls
  .                                   D        0  Sun Aug 23 15:27:54 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434944 blocks available

8)不是文件所有者所以不能覆盖文件:(只是目录可写,但是文件不可写,所以不能覆盖文件,覆盖就是cp 文件 目标文件,但是对目标文件没有权限,所以不能覆盖)

[root@client1 ~]# smbclient -U song  //172.25.5.10/testsong
Enter song's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:27:54 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434844 blocks available
smb: \> put initial-setup-ks.cfg 
NT_STATUS_ACCESS_DENIED opening remote file \initial-setup-ks.cfg
# 不能覆盖

2.合法用户访问共享区域

vaild users仅允许部分用户访问共享区域。前提是指定用户对目录有权限。

2.1 部分用户登录samba服务器

1)修改配置文件:

[root@smb-server ~]# vim /etc/samba/smb.conf

[testsong]
        comment = share directory
        path = /testsong
        public = yes
        browseable = yes
        writable = yes
        valid users = liu # 允许liu用户访问,还可以使用@组名,设置一组
;       write list = +staff

2)重启服务:

[root@smb-server ~]# systemctl restart smb.service

3)客户端使用song用户登录:(访问被拒绝)

[root@client1 ~]# smbclient -U song  //172.25.5.10/testsong
Enter song's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
tree connect failed: NT_STATUS_ACCESS_DENIED 

4)客户端使用liu用户登录:(成功)

[root@client1 ~]# smbclient -U liu  //172.25.5.10/testsong
Enter liu's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:27:54 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1433972 blocks available
smb: \> 

2.2 部分用户对共享区域有可写权限

1)修改配置文件:

[root@smb-server ~]# vim /etc/samba/smb.conf

[testsong]
        comment = share directory
        path = /testsong
        public = yes
        browseable = yes
        writable = yes
;       valid users = liu # 关闭用户登录设置
        read only = yes # 只需读
        write list = liu # 只有liu用户可写

2)重启服务:

[root@smb-server ~]# systemctl restart smb.service

3)客户端song用户测试:可以登录但是不可写

[root@client1 ~]# smbclient -U song  //172.25.5.10/testsong
Enter song's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:27:54 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434868 blocks available
smb: \> put anaconda-ks.cfg 
NT_STATUS_ACCESS_DENIED opening remote file \anaconda-ks.cfg
smb: \> ls
  .                                   D        0  Sun Aug 23 15:27:54 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434944 blocks available

4)客户端liu用户测试:可登陆,可写入

[root@client1 ~]# smbclient -U liu  //172.25.5.10/testsong
Enter liu's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:27:54 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020

		4597760 blocks of size 1024. 1434904 blocks available
smb: \> put anaconda-ks.cfg 
putting file anaconda-ks.cfg as \anaconda-ks.cfg (1000.9 kb/s) (average 1001.0 kb/s)
smb: \> ls
  .                                   D        0  Sun Aug 23 15:49:44 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020
  initial-setup-ks.cfg                A     2143  Sun Aug 23 15:23:13 2020
  anaconda-ks.cfg                     A     2050  Sun Aug 23 15:49:44 2020

		4597760 blocks of size 1024. 1434812 blocks available

2.3 设置上传文件的权限

1)查看上传的默认权限:(744,拥有所有者执行权限,应该设为644)

[root@smb-server ~]# cd /testsong/
[root@smb-server testsong]# ll
total 8
-rwxr--r-- 1 liu liu 2050 Aug 23 15:49 anaconda-ks.cfg
-rwxr--r-- 1 liu liu 2143 Aug 23 15:23 initial-setup-ks.cfg

2)服务端修改配置文件设置文件和目录的掩码:(create mask 修改文件权限、directory mask 修改目录权限)

[root@smb-server ~]# vim /etc/samba/smb.conf

[testsong]
        comment = share directory
        path = /testsong
        public = yes
        browseable = yes
        writable = yes
;       valid users = liu
        read only = yes
        write list = liu
        create mask = 644

3)重启服务:

[root@smb-server ~]# systemctl restart smb.service

4)客户端使用liu用户进行测试:

[root@client1 ~]# smbclient -U liu  //172.25.5.10/testsong
Enter liu's password: 
Domain=[SAMBA] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
  .                                   D        0  Sun Aug 23 15:58:32 2020
  ..                                 DR        0  Sun Aug 23 15:10:01 2020

		4597760 blocks of size 1024. 1434740 blocks available
smb: \> put initial-setup-ks.cfg 
putting file initial-setup-ks.cfg as \initial-setup-ks.cfg (1046.3 kb/s) (average 1046.4 kb/s)
smb: \> q

5)服务端查看权限:新上传的文件权限变为644

[root@smb-server ~]# cd /testsong/
[root@smb-server testsong]# ll
total 4
-rw-r--r-- 1 liu liu 2143 Aug 23 15:58 initial-setup-ks.cfg

你可能感兴趣的:(网络,samba,centos,运维,linux)