1、简介
配置samba共享服务器,只允许10.0.1.1这个ip访问samba服务器的共享功能,同时设置共享文件夹中上传的文件不能被修改和删除,需要用到linux的文件扩展属性
2、关闭防火墙
vim /etc/selinux/config
"SELINUX=disabled"或者"setenforce 0"
3、配置iptables策略
iptables -A INPUT -p tcp -s 10.0.1.1 --dport 138 -j ACCEPT
iptables -A INPUT -p tcp -s 10.0.1.1 --dport 139 -j ACCEPT
iptables -A INPUT -p tcp -s 10.0.1.1 --dport 145 -j ACCEPT
service iptables save
service iptables restart
iptables -L -n --line-number
4、安装配置samba
# yum install samba samba-client samba-common
# groupadd jiaoyi
# useradd -g jiaoyi user
# smbpasswd -a user
# mkdir /customer_file
# chmod 777 /customer_file
# chmod +t /customer_file #设置sticky bit位
# mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
# vim /etc/samba/smb.conf
[global]
netbios name = Samba
workgroup = WORKGROUP
server string = Customer File Server
log file = /var/log/samba/log.%m
max log size = 50
security = user
smb passwd file = /etc/samba/smbpasswd
display charset = UTF-8
unix charset = UTF-8
dos charset = UTF-8
deadtime = 100
max connections = 100
[customer_file]
comment = customer file folder
path = /customer_file
public = no
browseable = yes
writable =yes
create mask = 1400
directory mask = 1400
valid users = @root,@jiaoyi
# service smb start
samba共享和访问权限设置