Fi Samba4 sori RHEL 8 fun Pinpin Faili lori Windows
Samba jẹ orisun ṣiṣi, iyara, aabo, iduroṣinṣin ati ọna faili nẹtiwọọki ti a lo jakejado ti o pese pinpin faili ati awọn iṣẹ titẹ fun gbogbo awọn alabara nipa lilo ilana SMB/CIFS, bii Linux, gbogbo awọn ẹya ti DOS ati Windows, OS/2, ati ọpọlọpọ awọn ọna ṣiṣe miiran.
Ninu nkan ti tẹlẹ wa, a ti ṣalaye bawo ni a ṣe le fi Samba4 sori ẹrọ lori CentOS/RHEL 7 fun pinpin faili ipilẹ laarin awọn eto CentOS/RHEL ati awọn ẹrọ Windows. Nibiti a ti kọ bi a ṣe le tunto Samba fun ailorukọ bi daradara bi pinpin faili to ni aabo laarin awọn ero.
Ninu akọle yii, a yoo ṣe apejuwe bi o ṣe le fi sori ẹrọ ati tunto Samba4 lori RHEL 8 fun pinpin faili ipilẹ pẹlu awọn ẹrọ Windows.
Fi Samba4 sori ẹrọ ni RHEL 8
1. Lati fi Samba 4 sori ẹrọ pẹlu awọn igbẹkẹle rẹ lo oluṣakoso package DNF bi o ti han.
# dnf install samba samba-client samba-common
2. Lọgan ti fifi sori ẹrọ ba ti pari, bẹrẹ iṣẹ Sambe, jẹ ki o bẹrẹ ni idojukọ ni akoko bata eto ati ṣayẹwo iṣẹ naa nipa lilo awọn aṣẹ systemctl gẹgẹbi atẹle.
# systemctl start smb # systemctl enable smb # systemctl status smb
3. Itele, ti o ba ni tunto ogiri ina, o nilo lati ṣafikun iṣẹ Samba ninu iṣeto ogiriina lati gba aaye si awọn ilana ati awọn faili ti o pin nipasẹ eto.
$ sudo firewall-cmd --permanent --add-service=samba $ sudo firewall-cmd --reload
Ṣe atunto Samba4 lori RHEL 8
4. Lati tunto Samba fun pinpin faili, o nilo lati ṣẹda daakọ afẹyinti fun faili iṣeto samba aiyipada eyiti o wa pẹlu awọn eto iṣeto-tẹlẹ ati ọpọlọpọ awọn itọsọna iṣeto.
# cp /etc/samba/smb.conf /etc/samba/smb.conf.orig
Bayi, tẹsiwaju siwaju lati tunto samba fun awọn ailorukọ ailorukọ ati aabo awọn iṣẹ pinpin bi a ti salaye ni isalẹ.
5. Ni apakan yii, igbesẹ akọkọ ni lati ṣẹda itọsọna ti o pin eyiti yoo tọju awọn faili lori olupin naa. Lẹhinna ṣalaye awọn igbanilaaye ti o yẹ lori itọsọna bi o ti han.
# mkdir -p /srv/samba/anonymous # chmod -R 0777 /srv/samba/anonymous # chown -R nobody:nobody /srv/samba/anonymous
6. Itele, ni lilo iwulo chcon, yi ipo aabo SELinux pada fun itọsọna ti o ṣẹda samba ti a ṣẹda.
# chcon -t samba_share_t /srv/samba/anonymous
7. Bayi ṣii faili iṣeto ni lilo olootu faili ti o da lori ọrọ ayanfẹ rẹ lati tunto pinpin faili alailowaya alailorukọ ailorukọ lori itọsọna ti o pin.
# vim /etc/samba/smb.conf
Ṣe atunṣe awọn ipilẹ agbaye ti o tẹle ki o ṣafikun apakan kan fun ipin Anonymous. Akiyesi pe o le ṣeto awọn iye tirẹ nibiti o ba jẹ dandan (ka ọkunrin smb.conf fun alaye diẹ sii).
[global]
workgroup = WORKGROUP
netbios name = rhel
security = user
...
[Anonymous]
comment = Anonymous File Server Share
path = /srv/samba/anonymous
browsable =yes
writable = yes
guest ok = yes
read only = no
force user = nobody
Fipamọ awọn ayipada ninu faili ki o sunmọ.
8. Lẹhinna ṣiṣe aṣẹ atẹle lati ṣayẹwo boya iṣeto ni o tọ.
# testparm
Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Unknown parameter encountered: "netbios" Ignoring unknown parameter "netbios" Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Processing section "[Anonymous]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] printcap name = cups security = USER idmap config * : backend = tdb cups options = raw [homes] browseable = No comment = Home Directories inherit acls = Yes read only = No valid users = %S %D%w%S [printers] browseable = No comment = All Printers create mask = 0600 path = /var/tmp printable = Yes [print$] comment = Printer Drivers create mask = 0664 directory mask = 0775 force group = @printadmin path = /var/lib/samba/drivers write list = @printadmin root [Anonymous] comment = Anonymous File Server Share force user = nobody guest ok = Yes path = /srv/samba/anonymous read only = No
9. Ti iṣeto Samba ba dara, lọ siwaju ki o tun bẹrẹ iṣẹ samba fun awọn ayipada to ṣẹṣẹ lati ni ipa.
# systemctl restart smb
10. Lakotan, idanwo ti ipin Anonymous ba n ṣiṣẹ daradara, wọle sinu ẹrọ Windows rẹ, ṣii Windows Explorer, tẹ lori Nẹtiwọọki, lẹhinna tẹ lori olupin RHEL, tabi lo adiresi IP olupin lati wọle si (ṣiṣe ip fi aṣẹ kun lori olupin le ṣe iranlọwọ fun ọ lati wo adiresi IP naa).
e.g. 2.168.43.198
11. Nigbamii, ṣii itọsọna Anonymous ki o gbiyanju lati ṣafikun awọn faili ni nibẹ lati pin pẹlu awọn olumulo miiran.
12. Lati ṣẹda itọsọna pipin ni aabo, o nilo lati ṣẹda ẹgbẹ eto Samba kan. Gbogbo awọn olumulo ti ipin to ni aabo yoo ṣafikun si ẹgbẹ yii. O le lo pipaṣẹ groupadd lati ṣẹda ẹgbẹ bi atẹle.
# groupadd smbgrp
Lẹhinna lo pipaṣẹ olumulomod lati ṣafikun gbogbo awọn olumulo, fun apẹẹrẹ, tecmint si ẹgbẹ ki o ṣeto ọrọ igbaniwọle fun olumulo kọọkan bi o ti han.
# usermod tecmint -aG smbgrp # smbpasswd -a tecmint
13. Nigbamii, ṣẹda itọsọna ti o ni aabo eyiti yoo tọju awọn faili ti o pin lailewu, lẹhinna ṣeto awọn igbanilaaye ti o yẹ lori itọsọna naa. Paapaa, yi ọrọ aabo aabo SELinux fun itọsọna bi atẹle.
# mkdir -p /srv/samba/secure # chmod -R 0770 /srv/samba/secure # chown -R root:smbgrp /srv/samba/secure # chcon -t samba_share_t /srv/samba/secure
14. Nigbamii, ṣii faili iṣeto fun ṣiṣatunkọ.
# vim /etc/samba/smb.conf
Ati ṣafikun apakan atẹle ni ipari faili naa.
[Secure]
comment = Secure File Server Share
path = /srv/samba/secure
valid users = @smbgrp
guest ok = no
writable = yes
browsable = yes
Fipamọ awọn ayipada ki o pa faili naa.
15. Nigbamii, jẹrisi iṣeto samba lẹẹkansii, nipa ṣiṣe pipaṣẹ testparm.
# testparm
16. Tun awọn iṣẹ Samba bẹrẹ lati lo awọn ayipada naa.
# systemctl restart smb.service # systemctl restart nmb.service
Idanwo Idaabobo Pinpin faili Samba
17. Ni ikẹhin, ṣe idanwo ti ipin Secure n ṣiṣẹ daradara. Lati ẹrọ Windows rẹ, ṣii Windows Explorer, tẹ lori Nẹtiwọọki, lẹhinna tẹ lori ile-iṣẹ RHEL, tabi ohun miiran gbiyanju lati wọle si olupin nipa lilo adirẹsi IP rẹ bi a ti ṣalaye tẹlẹ.
e.g. 2.168.43.198
A yoo beere lọwọ rẹ lati tẹ orukọ olumulo ati ọrọ igbaniwọle rẹ sii lati buwolu wọle olupin olupin RHEL 8.
18. Ni kete ti o ba wọle, iwọ yoo gba atokọ ti gbogbo awọn ilana pinpin samba. Bayi o le ni aabo pin diẹ ninu awọn faili pẹlu awọn olumulo miiran ti a gba laaye lori nẹtiwọọki nipa fifi awọn faili kun ni itọsọna Secure.
Gbogbo ẹ niyẹn! Ninu nkan yii, a ti fihan bi a ṣe le fi sori ẹrọ ati tunto Samba 4 ni RHEL 8 fun ailorukọ ati pinpin faili to ni aabo pẹlu awọn ẹrọ Windows. Ṣe o ni awọn ibeere tabi awọn asọye nipa itọsọna yii, lo fọọmu esi ni isalẹ lati de ọdọ wa.