zoukankan      html  css  js  c++  java
  • linux下samba服务器的搭建(案列模拟)

    模拟案列:

    ABC公司有4个部门:sales+design+develop+ops

    现在要分别给这四个部门设立各自独立的共享文件夹和一个都能读写的share文件夹

    考虑到误删或者恶意删除同部门其他员工的文件,需要用到sticky属性,sticky一般作用在目录上,一旦作用了,那么这么目录下的文件只能由文件创始人或者root删除。

    开干!

    Step1 创建目录结构

    mkdir -p /ABC/{design,sales,develop,ops,share{design,sales,develop,ops}}
    [root@localhost ABC]# tree
    /ABC/ /ABC/ |-- design |-- develop |-- ops |-- sales `-- share |-- design |-- develop |-- ops `-- sales

    Step2 添加账户

    我们为每个部门创建2个用户,编写脚本user.sh

    #/bin/bash
    #
    DEPART=(sales design develop ops)
    for g in ${DEPART[@]};do
        groupadd $g
        for i in $(seq 1 2);do
            useradd -M -s /sbin/nologin -g ${g} ${g}$i
        done
    done

    Step3 配置smb.conf

    #======================= Global Settings =====================================
    
    [global]
            workgroup = SAMBA
            server string = Samba Server
            netbios name = SAMBA
    # --------------------------- Logging Options -----------------------------
            # logs split per machine
            log file = /var/log/samba/log.%m
            # max 50KB per log file, then rotate
            max log size = 50
    # ----------------------- Standalone Server Options ------------------------
            security = user
            passdb backend = tdbsam
            load printers = yes
            cups options = raw
    #============================ Share Definitions ==============================
    ;[homes]
    ;       comment = Home Directory
    ;        browseable = no
    ;        writeable = no
    [sales]
            comment = sales share
            path = /ABC/sales
            browsable = yes
            guest ok = no
            writable = no
            write list = @sales
    [design]
            comment = design share
            path = /ABC/design
            browsable = yes
            guest ok = no
            writable = no
            write list = @design
    [develop]
            comment = develop share
            path = /ABC/develop
            browsable = yes
            guest ok = no
            writable = no
            write list = @sales
    [ops]
            comment = ops share
            path = /ABC/ops
            browsable = yes
            guest ok = no
            writable = no
            write list = @sales
    [share]
            comment = public share
            path = /ABC/share
            browsable = yes
            guest ok = no
            writable = yes

    Step4.设定权限

    chown :design /ABC/design

    chown :sales /ABC/sales

    chown :develop /ABC/develop

    chown :ops /ABC/ops

    chown :design /ABC/share/design

    chown :sales /ABC/share/sales

    chown :develop /ABC/share/develop

    chown :ops /ABC/share/ops

    chmod 1770 /ABC/{design,sales,ops,develop}

    chmod 775 /ABC/share

    chmod 1775 /ABC/share/{design,sales,ops,develop}

    最后阶段:测试效果

    以sales1用户为例,

    相对根目录:sales1无法进入除了sales和share文件夹以外的其他目录。

    相对sales目录:sales1可以新建,删除自己的文件。但无法删除sales2建立的文件(sticky起作用了)

    相对share目录:sales1可以访问所有目录但只在sales目录内有写权限,同样由于设置了sticky权限,sales1无法删除sales2建立的文件。

    至此,完成

  • 相关阅读:
    LeetCode——Generate Parentheses
    LeetCode——Best Time to Buy and Sell Stock IV
    LeetCode——Best Time to Buy and Sell Stock III
    LeetCode——Best Time to Buy and Sell Stock
    LeetCode——Find Minimum in Rotated Sorted Array
    Mahout实现基于用户的协同过滤算法
    使用Java对文件进行解压缩
    LeetCode——Convert Sorted Array to Binary Search Tree
    LeetCode——Missing Number
    LeetCode——Integer to Roman
  • 原文地址:https://www.cnblogs.com/nickqian/p/4040052.html
Copyright © 2011-2022 走看看