zoukankan      html  css  js  c++  java

  • linux NFS 实例

    为了证明是 Allentunsgroup 组起的作用而非用户

    [root@NFS_Client ~]# useradd scott1

    [root@NFS_Client ~]# passwd scott1

    Changing password for user scott1.

    New password:

    BAD PASSWORD: it is based on a dictionary word

    Retype new password:

    Sorry, passwords do not match.

    New password:

    BAD PASSWORD: it is based on a dictionary word

    BAD PASSWORD: is too simple

    Retype new password:

    passwd: all authentication tokens updated successfully.

    [root@allentuns onair]# su scott1

    [scott1@NFS_Client ~]$ id

    uid=501(scott1) gid=501(scott1) groups=501(scott1) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [scott1@NFS_Client ~]$ touch d.sh

    touch: cannot touch `d.sh': Permission denied

    [scott1@NFS_Client ~]$ id

    uid=501(scott1) gid=501(scott1) groups=501(scott1)

    context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

    [scott1@allentuns onair]$ exit

    exit

    [root@allentuns ~]# su scott1 [scott1@allentuns ~]$ touch d.sh [scott1@allentuns ~]$ ll

    total 0

    -rw-r--r--. 1 root    root            0 May  4 01:45 a.sh

    -rw-r--r--. 1 nobody Allentunsgroup 0 May  4 02:11 b.sh

    -rw-r--r--. 1 nobody Allentunsgroup 0 May  4 04:37 c.sh

    -rw-r--r--. 1 nobody Allentunsgroup 0 May  4 04:41 d.sh

    ---End2---

    实验二 主要是 setfacl 的用法

    实例三

    仅给某个单一主机使用的目录设定

    我要将一个私人的目录/homt/test 开放给 192.168.1.5 这个客户端,只有 apache 用户对此目录才

    具有完整的权限

    [ON Server]

    [root@NFS_Server ~]# mkdir /home/test

    [root@NFS_Server ~]# touch /home/test/ab.sh

    [root@NFS_Server ~]# useradd apache [root@NFS_Server ~]# passwd apache Changing password for user apache. New password:

    BAD PASSWORD: it is based on a dictionary word

    BAD PASSWORD: is too simple

    Retype new password:

    [root@NFS_Server ~]# id apache

    uid=502(apache) gid=502(apache) groups=502(apache) [root@NFS_Server ~]# setfacl -m u:apache:rwx /home/test [root@NFS_Server ~]# vim /etc/exports

    /home/test          192.168.1.5(rw)

    [root@NFS_Server ~]# exportfs -r

    [root@NFS_Server ~]# ll /home/test/

    total 0

    -rw-r--r--. 1 root root 0 May  4 05:13 ab.sh

    [ON Client]

    [root@NFS_Client ~]# mkdir /usr/local/live

    [root@NFS_Client ~]# showmount -e 192.168.1.4

    Export list for 192.168.1.4:

    /home/test 192.168.1.5

    [root@NFS_Client ~]# mount -t nfs 192.168.1.4:/home/test /usr/local/live/

    [root@NFS_Client ~]# ll

    total 24

    -rw-------. 1 root root    969 Apr 23 15:12 anaconda-ks.cfg

    -rw-r--r--. 1 root root 15989 Apr 23 15:12 install.log

    -rw-r--r--. 1 root root  3482 Apr 23 15:10 install.log.syslog

    [root@NFS_Client ~]# cd /usr/local/live/ [root@NFS_Client live]# ll

    total 0

    -rw-r--r--. 1 root root 0 May  4  2014 ab.sh 用户切换验证,起作用的是 uid 号而不是用户名称 [root@NFS_Client ~]# useradd apache

    uid=501(apache) gid=501(apache) groups=501(apache)

    [root@NFS_Client ~]# passwd apache Changing password for user apache. New password:

    BAD PASSWORD: it is based on a dictionary word

    BAD PASSWORD: is too simple

    Retype new password:

    passwd: all authentication tokens updated successfully.

    [root@NFS_Client ~]# su apache

    [apache@NFS_Client root]$ id

    uid=501(apache) gid=501(apache) groups=501(apache)

    context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

    [apache@NFS_Client root]$ whoami

    apache

    [apache@NFS_Client root]$ cd /usr/local/live/

    [apache@NFS_Client live]$ ll

    total 0

    -rw-r--r--. 1 root root 0 May  4 05:13 ab.sh

    -rw-rw-r--. 1  530  530 0 May  4 05:23 ddd.sh

    [apache@NFS_Client live]$ touch ^C

    [apache@NFS_Client live]$ ll total 0

    -rw-r--r--. 1 root root 0 May  4 05:13 ab.sh

    [apache@NFS_Client live]$ touch cd.sh

    touch: cannot touch `cd.sh': Permission denied

    [apache@NFS_Client live]$ su

    [root@NFS_Client live]# useradd -u 502 allentuns

    [root@NFS_Client live]# id allentuns

    uid=502(allentuns) gid=502(allentuns) groups=502(allentuns) [root@NFS_Client live]# passwd allentuns

    Changing password for user allentuns.

    New password:

    BAD PASSWORD: it is based on a dictionary word

    Retype new password:

    passwd: all authentication tokens updated successfully.

    [root@NFS_Client live]# su allentuns

    [allentuns@NFS_Client live]$ id

    uid=502(allentuns) gid=502(allentuns) groups=502(allentuns)

    context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

    [allentuns@NFS_Client live]$ whoami

    allentuns

    [allentuns@NFS_Client live]$ touch cd.sh

    [allentuns@NFS_Client live]$ ll

    total 0

    -rw-r--r--. 1 root root 0 May  4 05:13 ab.sh

    -rw-rw-r--. 1  530  530 0 May  4  2014 cd.sh

    [ON Server] [allentuns@NFS_Client live]$ ll total 0

    -rw-r--r--. 1 root root 0 May  4 05:13 ab.sh

    -rw-rw-r--. 1  530  530 0 May  4 05:28 cd.sh

    ---End---


    实例三其实与实例二大同小异,主要验证 uid 和 gid 对 nfs 权限的作用
  • 相关阅读:
    c# web开发
    向wp8开发进军
    练毛笔字的心得
    刚开通博客园
    DevExpress Asp.net(3) ASPxCallback组件
    DevExpress Asp.net(2) ASPxObjectContainer说明
    DevExpress Asp.net(1) ASPxButton的基本使用
    JavaMail学习笔记(四)、使用POP3协议接收并解析电子邮件(全)
    Java正则表达式(一)、抓取网页email地址实例
    JavaMail学习笔记(五)、使用IMAP协议接收并解析电子邮件
  • 原文地址:https://www.cnblogs.com/fanweisheng/p/11327658.html
Copyright © 2011-2022 走看看