创建了一个组:smbgrp 和用户srijan通过认证来访问Samba服务器。
groupadd smbgrp
useradd srijan -G smbgrp
smbpasswd -a srijan
[root@server1 samba]# smbpasswd -a srijan
New SMB password:<--yoursambapasswordRetype new SMB password:<--yoursambapasswordAdded user srijan.
[root@server1 samba]#
现在在Samba文件夹下创建一个文件夹:Secured ,并且给出权限:
mkdir -p /samba/secured
同样的,我们允许Selinux来监听:
cd /samba
chmod -R 0777 secured/
chcon -t samba_share_t secured/
再次编辑配置文件:
vi /etc/samba/smb.conf
[...]
[secured]
path = /samba/secured
valid users = @smbgrp
guest ok = no
writable = yes
browsable = yes
systemctl restart smb.service
systemctl restart nmb.service
像下面这样测试:
testparm
[root@server1 samba]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Anonymous]"
Processing section "[secured]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions <--ENTER[global]
netbios name = CENTOS
server string = Samba Server %v
map to guest = Bad User
dns proxy = No
idmap config * : backend = tdb
[Anonymous]
path = /samba/anonymous
read only = No
guest ok = Yes
[secured]
path = /samba/secured
valid users = @smbgrp
read only = No
[root@server1 samba]#
现在在windows机器中可以使用相应的凭证来查看文件夹。
你的用户srijan同样面对着写入权限的问题,让我们来给出权限:
cd /samba
chown -R srijan:smbgrp secured/
现在Samba用户在共享的目录中有写入的权限了,开始High吧.
注:
如果你的 chcon命令不成功,请按下面的方式尝试:
chcon -h system_u:object_r:forderA /path/to/B