建立cover组、成员cover01, cover02
groupadd cover
useradd -g cover cover01
echo abc/123 | passwd --stdin cover01
useradd -g cover cover02
echo abc/123 | passwd --stdin cover02
建立team组、成员team 01, team02
groupadd team
useradd -g team team01
echo abc/123 | passwd --stdin team01
useradd -g team team02
echo abc/123 | passwd --stdin team02
建立user组、成员user01, user02
groupadd user
useradd -g user user01
echo abc/123 | passwd --stdin user01
useradd -g user user02
echo abc/123 | passwd --stdin user02
建立共享文件夹
mkdir -p /share/cover /share/public /share/team /share/user
chmod -r 777 /share
vim /etc/samba/smb.conf
[global]
workgroup = workgroup、工作组
server string = samba server version %vsamba信息
security = user验证机制
passdb backend = tdbsam##用户密码保存方式
配置共享目录cover的访问规则
[cover]
共享目录描述
comment = cover
共享目录路径
path = /share/cover
隐藏共享目录
browseable = no
不允许匿名访问
public = no
##配置允许访问共享目录的用户(组)
valid users = @cover配置可写用户(组)如果使用此配置,该组即具有访问共享目录的权限,则可以省略valid users
write list = @cover
配置共享目录team访问规则
[team]
comment = team
path = /share/team
valid users = @team @cover user01
write list = @team
配置共享目录user访问规则
[user]
comment = user
path = /share/user
read list = @user
通过write list列表配置的用户可以get共享目录的数据
只读需要使用权限配合#配置共享目录pubilc的访问规则
chown user01:user /share/user/
chmod 773 /share/user
[public]
comment = public
writable = yes
valid users = @cover @team @user
配置用户新建文件(夹)的默认权限,保证用户的文件只有自己能够读写,而其他人只具有读取的权限
creat mask=0644
directory mask=0755
#为用户配置smb密码
smbpasswd -a username
#重启smb服务
/etc/init.d/smb restart
#停用iptables
service iptables stop
#停用selinux
vim /etc/selinux/config
selinux=disabled
setenforce 0 暂时停用selinux(
试smb服务
smbclient -l 192.168.18.139 -u username
smbclient //192.168.18.139/sharedir -u username
##问题:如何使隐藏文件夹cover能够只对其他用户组隐藏,而cover组成员登录
##config file = /etc/samba/smb.conf.%u
include = /etc/samba/smb.
在全局配置中添加下列代码
##include = /etc/samba/smb.conf.%u
#配置用户的独立配置文件/etc/samba/smb.conf.gruopname(username)
vim /etc/samba/smb.conf.cover
#重启samba服务
service samba restart
#测试配置