一:保證網絡連通性安全
[root@li ~]# ifconfig eth0服務器
eth0 Link encap:Ethernet HWaddr 00:0C:29:0C:C3:1F 網絡
inet addr:192.168.1.120 Bcast:192.168.1.255 Mask:255.255.255.0ide
inet6 addr: fe80::20c:29ff:fe0c:c31f/64 Scope:Link測試
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1url
RX packets:3313 errors:0 dropped:0 overruns:0 frame:0blog
TX packets:3002 errors:0 dropped:0 overruns:0 carrier:0ip
collisions:0 txqueuelen:1000 get
RX bytes:1886136 (1.7 MiB) TX bytes:1702104 (1.6 MiB)it
Interrupt:18 Base address:0x2000
[root@li ~]# service iptables stop //關閉防火牆
[root@li ~]# chkconfig iptables off
[root@li ~]# setenforce 0
二 安裝samba服務器軟件包組(本地YUM源方式安裝)
[root@li ~]# mkdir /ww //建立文件夾
[root@li ~]# mount /dev/cdrom /ww/ //掛載光盤
mount: block device /dev/sr0 is write-protected, mounting read-only
[root@li ~]# cd /etc/yum.repos.d/
[root@li yum.repos.d]# ls
rhel-source.repo //編輯這個配置文件
[root@li yum.repos.d]# vi rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=file:///ww/ //YUM倉庫文件的路徑
enabled=1 //啓用gpg校驗值驗證
gpgcheck=1 //將此處的0改成1,代表啓用本地YUM源安裝
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[root@li yum.repos.d]# yum -y install samba //安裝samba
三:構建可匿名訪問的共享
[root@li ~]# cd /etc/samba
[root@li samba]# ls
lmhosts smb.conf smbusers
[root@li samba]# vi smb.conf //修改主配置文件
...
101 security = share //將user改成share 啓用匿名共享
...
289 [benet]
290 comment = benetbenet
291 path = /pp/
292 public = yes
293 writable = yes
...
[root@li samba]# chmod 777 /pp/ //給共享的文件夾系統權限777
[root@li samba]# testparm //測試配置文件的正確性
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
WARNING: The security=share option is deprecated
Loaded services file OK. //出現此行代表配置文件沒有錯誤
[root@li samba]# service smb start //啓動samba服務器
啓動 SMB 服務: [肯定]
[root@li samba]# service nmb start
啓動 NMB 服務: [肯定]
測試---
四:構建需用戶驗證的共享
創建samba用戶
[root@li ~]# useradd li // 創建samba用戶
[root@li ~]# pdbedit -a -u li
new password:
retype new password:
[root@li ~]# mkdir /opt/mytools //建立本地測試目錄
[root@li ~]# chmod 777 /opt/mytools/
[root@li ~]# vi /etc/samba/smb.conf
security = user 將share改成user 表示啓用USER安全級別
在最後一行輸入
[tools]
comment = You can get software tools from here.
path = /opt/mytools
public = no
read only = yes
valid users = li
write list = hunter
測試-------------