#######################
1.samba
########################################
1.1 服務的安裝和用戶的建立
1 yum install samba-client samba-common samba -y ##安裝samba服務
5 systemctl stop firewalld.service ##關閉防火牆
6 setsebool -P samba_enable_home_dirs on ##初始狀態爲不允許訪問家目錄,此步操作爲開啓
7 getsebool -a | grep samba ##查看samba的sexlinux狀態
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
8 systemctl start smb ##開啓服務
9 smbpasswd -a student ##建立用戶,此用戶必須是電腦存在的用戶(需要配置密碼,密碼可隨意填寫)
10 pdbedit -L ##查看用戶列表
pdbedit -x student ##刪除用戶student
11 smbclient -L //172.25.254.124 -U student ##連接共享服務
12 smbclient //172.25.254.124/student -U student ##進入該用戶家目錄
smbclient //172.25.254.124/student -U student
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jul 10 19:06:52 2014
.. D 0 Thu Jul 10 18:19:09 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
.bash_profile H 193 Wed Jan 29 07:45:18 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.ssh DH 0 Thu Jul 10 18:19:10 2014
.config DH 0 Thu Jul 10 19:06:53 2014
40913 blocks of size 262144. 28582 blocks available
smb: \>
##########################################
1.2 共享目錄
20 mkdir /jet ##建立測試目錄
21 mkdir /ypa
22 vim /etc/samba/smb.conf ##修改配置文件
.....
workgroup = LINUXJET
321 [jet]
322 comment = this is myself mkdir
323 path = /jet
324 [ypa]
325 comment = this is ypa
326 path = /ypa
.....
23 systemctl restart smb.service
25 semanage fcontext -a -t samba_share_t '/jet(/.*)?' ##修改安全上下文只對,該目錄有效。故保證ypa目錄也可被訪問,則需要修改selinux裏面的
26 restorecon -FvvR /jet/
29 smbclient //172.25.254.124/jet -U student
smbclient //172.25.254.124/jet -U student
Enter student's password:
Domain=[LINUXJET](此處名字修改,即爲主配置文件中22行的修改變量) OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Fri Mar 17 22:13:45 2017
.. D 0 Fri Mar 17 22:13:52 2017
40913 blocks of size 262144. 28546 blocks available
smb: \>
30 smbclient //172.25.254.124/ypa -U student
31 getsebool -a | grep samba
32 setsebool -P samba_export_all_rw on ##修改讀寫權限,包括系統目錄及自建目錄。這個開啓後就與文件的安全上下文無關
[root@samba student]# smbclient -L //172.25.254.124 -U student
Enter student's password:
Domain=[LINUXJET](此處名字修改,即爲主配置文件中22行的修改變量) OS=[Unix] Server=[Samba 4.1.1]
Sharename Type Comment
--------- ---- -------
jet Disk this is myself mkdir
ypa Disk this is ypa
IPC$ IPC IPC Service (Samba Server Version 4.1.1)
student Disk Home Directories
Domain=[LINUXJET] OS=[Unix] Server=[Samba 4.1.1]
Server Comment
--------- -------
Workgroup Master
--------- -------
#################################
1.3 samba 匿名訪問
47 vim /etc/samba/smb.conf
....
125 map to guest = bad user
321 [jet]
322 comment = this is myself mkdir
323 path = /jet
324 guest ok = yes
....
48 systemctl restart smb.service
49 smbclient //172.25.254.124/jet ##測試
smbclient //172.25.254.124/jet
Enter root's password: ##直接回車就行
Domain=[LINUXJET] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Fri Mar 17 22:13:45 2017
.. D 0 Fri Mar 17 22:13:52 2017
40913 blocks of size 262144. 28581 blocks available
smb: \>
51 mount //172.25.254.124/jet /mnt/ -o username=guest
52 df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3156972 7316928 31% /
devtmpfs 481120 0 481120 0% /dev
tmpfs 496708 140 496568 1% /dev/shm
tmpfs 496708 13036 483672 3% /run
tmpfs 496708 0 496708 0% /sys/fs/cgroup
//172.25.254.124/jet 10473900 3156972 7316928 31% /mnt
53 cd /mnt/
54 ls -a
####################################
1.4 samba 共享目錄的管理參數
84 useradd wula
85 smbpasswd -a wula
86 pdbedit -L
87 usermod -G student wula
88 id wula
89 vim /etc/samba/smb.conf
321 [jet]
322 comment = this is myself mkdir
323 path = /jet
324 guest ok = yes
325 #writable = yes ##可寫權限,對全用戶公開
326 #write list = +student ##可寫權限,只限於某用戶(直接加用戶名)或某組(+,@組名)
#valid users = student ##允許那個用戶登陸
#valid users = @student ## 允許那個用戶組內成員登陸
#browseable = no ##是否顯示分享目錄
#admin users = wula ##賦予某用戶管理員權限
#####################################
1.5 smb多用戶掛載
服務端主配置文件:
......
[jet]
comment = this is myself mkdir
path = /jet
#guest ok = yes
#writable = yes
#write list = +student
#valid users = +student
......
客戶端設置:
1000 yum install cifs-utils -y
1001 vim /root/passfile
username=student ##smb用戶
password=1234 ##smb用戶密碼
1003 mount //172.25.254.124/jet /mnt/ -o credentials=/root/passfile,multiuser,sec=ntlmssp
1004 df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda3 307974224 23330728 284643496 8% /
devtmpfs 1868076 0 1868076 0% /dev
tmpfs 1881152 492 1880660 1% /dev/shm
tmpfs 1881152 9052 1872100 1% /run
tmpfs 1881152 0 1881152 0% /sys/fs/cgroup
/dev/sda1 508588 149320 359268 30% /boot
/dev/loop0 3947824 3947824 0 100% /var/www/html/rhel7.2
tmpfs 376232 24 376208 1% /run/user/1000
//172.25.254.124/jet 10473900 3157132 7316768 31% /mnt
1005 useradd wula
1007 passwd wula
1008 su - wula
ls /mnt ##查看失敗
10 cifscreds add 172.25.254.124 ##做認證,密碼輸入爲的smb用戶密碼
11 cd /mnt/
12 ls ##查看成功
1017 useradd la ##該用戶不是smb中的用戶
1018 passwd la
1019 su - la
1 cifscreds add 172.25.254.124 ##即使完成認證
2 cd /mnt
3 ls ##查看還是失敗
(多用戶掛載可以使得客戶端多用戶,共享該目錄並且防止非smb用戶對分享目錄的訪問,之前的smb用戶依舊可以使用原本賬戶登陸)
####################################
####################################
2.ISCSI
2.1 服務端設置
2 yum install targetcli.noarch -y ##服務端服務
3 systemctl start target ##開啓服務
4 systemctl enable target ##設置開機啓動
5 systemctl status firewalld.service
fdisk /dev/vdb ##創建一2G的分區
[root@samba ~]# targetcli
targetcli shell version 2.1.fb34
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ..................................................................... [...]
o- backstores .......................................................... [...]
| o- block .............................................. [Storage Objects: 0]
| o- fileio ............................................. [Storage Objects: 0]
| o- pscsi .............................................. [Storage Objects: 0]
| o- ramdisk ............................................ [Storage Objects: 0]
o- iscsi ........................................................ [Targets: 0]
o- loopback ..................................................... [Targets: 0]
/> /backstores/block create westos:storage1 /dev/vdb1 ##關聯分區
Created block storage object westos:storage1 using /dev/vdb1.
/>
/> /iscsi create iqn.2017-03.com.westos:strage1
Created target iqn.2017-03.com.westos:strage1.
Created TPG 1.
/> /iscsi/iqn.2017-03.com.westos:strage1/tpg1/acls create iqn.2017-03.com.westos:key1
Created Node ACL for iqn.2017-03.com.westos:key1
/> /iscsi/iqn.2017-03.com.westos:strage1/tpg1/luns create /backstores/block/westos:storage1
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2017-03.com.westos:key1
/> /iscsi/iqn.2017-03.com.westos:strage1/tpg1/portals create 172.25.254.124
Using default IP port 3260
Created network portal 172.25.254.124:3260.
/> ls
o- / ..................................................................... [...]
o- backstores .......................................................... [...]
| o- block .............................................. [Storage Objects: 1]
| | o- westos:storage1 ............. [/dev/vdb1 (2.0GiB) write-thru activated]
| o- fileio ............................................. [Storage Objects: 0]
| o- pscsi .............................................. [Storage Objects: 0]
| o- ramdisk ............................................ [Storage Objects: 0]
o- iscsi ........................................................ [Targets: 1]
| o- iqn.2017-03.com.westos:strage1 ................................ [TPGs: 1]
| o- tpg1 ........................................... [no-gen-acls, no-auth]
| o- acls ...................................................... [ACLs: 1]
| | o- iqn.2017-03.com.westos:key1 ...................... [Mapped LUNs: 1]
| | o- mapped_lun0 ................... [lun0 block/westos:storage1 (rw)]
| o- luns ...................................................... [LUNs: 1]
| | o- lun0 .......................... [block/westos:storage1 (/dev/vdb1)]
| o- portals ................................................ [Portals: 0]
o- loopback ..................................................... [Targets: 0]
/>
( clearconfig confirm=true ##這個是刪除之前設置的)
2.2 客戶端配置
4 yum install iscsi-initiator-utils.x86_64 -y
5 systemctl start iscsi
6 vim /etc/iscsi/initiatorname.iscsi
7 systemctl start iscsi
8 iscsiadm -m discovery -t st -p 172.25.254.124
9 systemctl restart iscsi
10 iscsiadm -m node -T iqn.2017-03.com.westos:strage1 -p 172.25.254.124 -l ##登陸該設備
11 fdisk -l
[root@maillinux ~]# fdisk -l
Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00013f3e
Device Boot Start End Blocks Id System
/dev/vda1 * 2048 20970332 10484142+ 83 Linux
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/sda: 2147 MB, 2147483648 bytes, 4194304 sectors ##所分享出來的設備
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 4194304 bytes
mkfs.xfs /dev/sda ##格式化
mount /dev/sda /mnt ##掛載,相當於文件系統分享給客戶端
umount /mnt ##先卸載
13 iscsiadm -m node -T iqn.2017-03.com.westos:strage1 -p 172.25.254.124 -u ##退出登陸
14 iscsiadm -m node -T iqn.2017-03.com.westos:strage1 -p 172.25.254.124 -o delete ##刪除設置
vim /etc/iscsi/initiatorname.iscsi ##將該文件中的密碼字符破壞即可
15 fdisk -l
Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00013f3e
Device Boot Start End Blocks Id System
/dev/vda1 * 2048 20970332 10484142+ 83 Linux
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
( systemctl restart iscsid ##開機啓動加載的
systemctl restart iscsi ##永久性 )