1、建立samba共享,共享目录为/data,要求:(描述完整的过程)
1)共享名为shared,工作组为magedu;
2)添加组develop,添加用户gentoo,centos和ubuntu,其中gentoo和centos以develop为附加组,ubuntu不属于develop组;密码均为用户名;
3)添加samba用户gentoo,centos和ubuntu,密码均为“mageedu”;
4)此samba共享shared仅允许develop组具有写权限,其他用户只能以只读方式访问;
5)此samba共享服务仅允许来自于172.16.0.0/16网络的主机访问;
添加用户和组:
[root@localhost ~]# groupadd develop
[root@localhost ~]# useradd -G develop gentoo
[root@localhost ~]# useradd -G develop centos
[root@localhost ~]# useradd -G develop ubuntu
设置用户密码:
[root@localhost ~]# echo "gentoo" |passwd –stdin gentoo
[root@localhost ~]# echo "centos" |passwd –stdin centos
[root@localhost ~]# echo "ubuntu" |passwd –stdin ubuntu
添加samba用户:
[root@localhost samba]# smbpasswd -a gentoo
New SMB password:
Retype new SMB password:
Added user gentoo.
[root@localhost samba]# smbpasswd -a centos
New SMB password:
Retype new SMB password:
Added user centos.
[root@localhost samba]# smbpasswd -a ubuntu
New SMB password:
Retype new SMB password:
Added user ubuntu.
修改共享目录/data/的acl:
[root@localhost ~]# setfacl -m g:develop:rwx /data/
编辑samba配置文件:
[root@localhost ~]# vim /etc/samba/smb.conf
workgroup = magedu
hosts allow = 172.16.0.0/16
[shared]
comment = test
pahth = /data
browseable = yes
guest ok = yes
writable = no
write list = @develop
重新加载samba服务:
[root@localhost ~]# systemctl reload smb.service
测试centos用户:
[root@localhost ~]# smbclient //192.168.1.120/shared -U centos
Enter centos's password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
smb: \> put fstab
putting file fstab as \fstab (254.9 kb/s) (average 254.9 kb/s)
测试gentoo用户:
root@localhost ~]# smbclient //192.168.1.120/shared -U gentoo
Enter centos's password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
smb: \> put crontab
putting file crontab as \crontab (146.8 kb/s) (average 146.8 kb/s)
测试ubuntu用户:
[root@localhost ~]# smbclient //192.168.1.120/shared -U ubuntu
Enter ubuntu's password:
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
smb: \> get fstab
getting file \fstab of size 783 as fstab (191.2 KiloBytes/sec) (average 191.2 KiloBytes/sec)
smb: \> put hosts
NT_STATUS_ACCESS_DENIED opening remote file \hosts
2、搭建一套文件vsftp文件共享服务,共享目录为/ftproot,要求:(描述完整的过程)
1)基于虚拟用户的访问形式;
2)匿名用户只允许下载,不允许上传;
3)禁锢所有的用户于其家目录当中;
4)限制最大并发连接数为200:;
5)匿名用户的最大传输速率512KB/s
6)虚拟用户的账号存储在mysql数据库当中。
7)数据库通过NFS进行共享。
安装mariadb-server和vsftpd
[root@localhost ~]# yum install mariadb-server
[root@localhost ~]# yum install vsftpd
编译安装pam-mysql:
[root@localhost ~]#yum groupinstall "Development Tools" "Server Platform Development"
[root@localhost ~]#yum install pam-devel openssl-devel mariadb-devel
[root@localhost pam_mysql-0.7RC1]# ./configure –prefix=/user/local/pam-mysql –with-openssl –with-mysql=/usr –with-pam=/usr –with-pam-mods-dir=/usr/lib64/security
[root@localhost pam_mysql-0.7RC1]# make && make install
查看是否安装成功:
[root@localhost ~]# ls /lib64/security/ |grep pam_mysql
pam_mysql.la
pam_mysql.so
在mariadb数据库上创建虚拟用户:
[root@localhost pam_mysql-0.7RC1]# systemctl start mariadb.service
[root@localhost ~]# mysql
MariaDB [(none)]> create database vsftpd;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> use vsftpd
Database changed
MariaDB [vsftpd]> create table users(
-> id int auto_increment not null primary key,
-> name char(30) not null,
-> password char(48) binary not null );
Query OK, 0 rows affected (0.01 sec)
MariaDB [vsftpd]> insert into users (name,password) values ('tom',password('magedu'));
Query OK, 1 row affected (0.00 sec)
MariaDB [vsftpd]> insert into users (name,password) values ('jerry',password('magedu.com'));
Query OK, 1 row affected (0.00 sec)
MariaDB [vsftpd]> grant select on vsftpd.* to vsftpd@localhost identified by 'magedu';
Query OK, 0 rows affected (0.01 sec)
MariaDB [vsftpd]> grant select on vsftpd.* to vsftpd@'127.0.0.1' identified by 'magedu';
Query OK, 0 rows affected (0.00 sec)
MariaDB [vsftpd]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [vsftpd]> exit
Bye
创建虚拟用户的映射用户:
[root@localhost ~]# useradd -s /sbin/nologin -d /ftproot vuser
[root@localhost ~]# chmod go+rx /ftproot
[root@localhost ~]# chmod -w /ftproot
编辑vsftpd配置文件:
[root@localhost ~]# vim /etc/vsftpd//vsftpd.conf
anonymous_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=NO
chroot_local_user=YES
max_clients=200
anon_max_rate=512000
guest_enable=YES
guest_username=vuser
pam_service_name=vsftpd.mysql
启动vsftpd服务:
[root@localhost ~]# systemctl start vsftpd.service
在另一台主机上验证:
[root@localhost ~]# ftp 192.168.1.120
Connected to 192.168.1.120 (192.168.1.120).
220 (vsFTPd 3.0.2)
Name (192.168.1.120:root): tom
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
共享数据库:
[root@localhost ~]# vim /etc/exports
/mydata/data 192.168.1.0/24(rw)
[root@localhost ~]#exportfs -r
原创文章,作者:heianyangguo,如若转载,请注明出处:http://www.178linux.com/57061
评论列表(1条)
作业整体步骤完成的不错,但是缺少对原理的总结。