- 论坛徽章:
- 0
|
==============================
==操作平台为RHEL4==
添加五个操作系统用户,depart1、depart2(各部门公共帐户),super1,super2,super3(三特殊用户)。
添加并注册上面五个系统用户到Samba服务成为samba用户,smbpasswd命令为Samba服务添加用户并且设置密码,新建两个部门目录/var/samba/dept1,/var/samba/dept2并且设置合适的用户权限。
指令代码如下:- useradd -s /sbin/nologin depart1
- useradd -s /sbin/nologin depart2
- useradd -s /sbin/nologin super1
- useradd -s /sbin/nologin super2
- useradd -s /sbin/nologin super3
- smbpasswd -a depart1
- smbpasswd -a depart2
- smbpasswd -a super1
- smbpasswd -a super2
- smbpasswd -a super3
- mkdir -p /var/samba/dept1
- mkdir -p /var/samba/dept2
- chown super1:super1 /var/samba/dept1
- chown super1:super1 /var/samba/dept2
复制代码 /etc/samba/smb.conf配置文件内容
[global]
workgroup = DEPT
server string = Dept Server
netbios name = deptserver
printcap name = /etc/printcap
load printers = yes
cups options = raw
log file = /var/log/samba/%m.log
max log size = 50
security = user
username map = /etc/samba/smbusers
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
[dept1]
comment = department-1's
path = /var/samba/dept1
valid users = depart1,super1,super2,super3
read list = depart1
write list = super1,super2,super3
printable = no
force user = super1
force group = super1
[dept2]
comment = department-2's
path = /var/samba/dept2
valid users = depart2,super1,super2,super3
read list = depart2
write list = super1,super2,super3
printable = no
force user = super1
force group = super1
valid users设置能访问此目录的有效用户,read list为只读用户列表,write list为可写用户列表。
force user和forcegroup确保不用用户建立的文件属主都是super1:super1,以此来保证super1,super2,super3能相互“撕咬“任何一方的文件。
最后可作一下用户映射,不作也罢,修改/etc/samba/smbusers文件
[root@testlife samba]# cat /etc/samba/smbusers
# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
depart1 = departoo
depart2 = departhh
super1 = point
super2 = liner
super3 = circle
departoo/密码 访问Samba服务相当于depart1的用户,以此类推使用point用户就相当于super1用户。 |
|