1.samba
1.1 服務的安裝和用戶的建立
yum install samba-client samba-common samba -y ##安裝samba服務
systemctl stop firewalld.service ##關閉防火牆
setsebool -P samba_enable_home_dirs on ##初始狀態爲不允許訪問家目錄,此步操作爲開啓
getsebool -a | grep samba ##查看samba的sexlinux狀態
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_sandbox_use_samba --> off
virt_use_samba --> off
systemctl start smb ##開啓服務
smbpasswd -a student ##建立用戶,此用戶必須是電腦存在的用戶(需要配置密碼,密碼可隨意填寫)
pdbedit -L ##查看用戶列表
pdbedit -x student ##刪除用戶student
smbclient -L //172.25.254.124 -U student ##連接共享服務
smbclient //172.25.254.124/student -U student ##進入該用戶家目錄
Enter student's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Thu Jul 10 19:06:52 2014
.. D 0 Thu Jul 10 18:19:09 2014
.bash_logout H 18 Wed Jan 29 07:45:18 2014
.bash_profile H 193 Wed Jan 29 07:45:18 2014
.bashrc H 231 Wed Jan 29 07:45:18 2014
.ssh DH 0 Thu Jul 10 18:19:10 2014
.config DH 0 Thu Jul 10 19:06:53 2014
40913 blocks of size 262144. 28582 blocks available
smb: \>
1.2 共享目錄
mkdir /yang ##建立測試目錄
mkdir /ypa
vim /etc/samba/smb.conf ##修改配置文件
.....
workgroup = LINUXJET
321 [yang]
322 comment = this is myself mkdir
323 path = /yang
324 [ypa]
325 comment = this is ypa
326 path = /ypa
.....
systemctl restart smb.service
semanage fcontext -a -t samba_share_t '/yang(/.*)?' ##修改安全上下文只對,該目錄有效。故保證ypa目錄也可被訪問,則需要修改selinux裏面的
restorecon -FvvR //
smbclient //172.25.254.124/yang -U student
smbclient //172.25.254.124/yang -U student
Enter student's password:
Domain=[LINUXJET]('此處名字修改,即爲主配置文件中22行的修改變量') OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
. D 0 Fri Mar 17 22:13:45 2017
.. D 0 Fri Mar 17 22:13:52 2017
40913 blocks of size 262144. 28546 blocks available
smb: \>
smbclient //172.25.254.124/ypa -U student
getsebool -a | grep samba
setsebool -P samba_export_all_rw on ##修改讀寫權限,包括系統目錄及自建目錄。這個開啓後就與文件的安全上下文無關
[root@samba student]# smbclient -L //172.25.254.124 -U student
Enter student's password:
Domain=[LINUXJET] OS=[Unix] Server=[Samba 4.1.1]
Sharename Type Comment
--------- ---- -------
yang Disk this is myself mkdir
ypa Disk this is ypa
IPC$ IPC IPC Service (Samba Server Version 4.1.1)
student Disk Home Directories
Domain=[LINUXJET] OS=[Unix] Server=[Samba 4.1.1]
Server Comment
--------- -------
Workgroup Master
--------- -------
1.3 samba 匿名訪問
vim /etc/samba/smb.conf
....
125 map to guest = bad user
321 [yang]
322 comment = this is myself mkdir
323 path = /yang
324 guest ok = yes
....
systemctl restart smb.service
mount //172.25.254.124/yang /mnt/ -o username=guest
df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3156972 7316928 31% /
devtmpfs 481120 0 481120 0% /dev
tmpfs 496708 140 496568 1% /dev/shm
tmpfs 496708 13036 483672 3% /run
tmpfs 496708 0 496708 0% /sys/fs/cgroup
//172.25.254.124/yang 10473900 3156972 7316928 31% /mnt
cd /mnt/
ls -a
1.4 samba共享目錄的管理參數
vim /etc/samba/smb.conf
321 [yang]
322 comment = local directory yang
323 path = /yang
324 guest ok = yes
325 writable = yes
326
327
328
329
330
331
測試
mount //172.25.254.125/yang /mnt/ -o password=aaa,username=student
1.5 samba多用戶認證,多用戶掛載
yum install cifs-utils
vim /root/passfile
username=smb用戶
password=smb用戶密碼
mount //172.25.254.125/yang /mnt/ -o credentials=/root/passfile,multiuser,sec=ntlmssp ##多用戶掛載
su - yang ##與smb用戶同名
ls /mnt
cifscreds add 172.25.254.125
ls /mnt 查看成功
su - test
ls /mnt
cifscreds add 172.25.254.125
ls /mnt ##依然不成功
2.iSCSI遠程塊存儲
2.1 所需服務
[root@iscsi ~]# fdisk /dev/vdb ##創建共享分區
[root@iscsi ~]# yum install targetcli.noarch -y ##安裝服務
[root@iscsi ~]# systemctl start target
[root@iscsi ~]# systemctl enable target
[root@iscsi ~]# systemctl status firewalld.service
[root@iscsi ~]# targetcli ##使用
[root@iscsi ~]# targetcli
targetcli shell version 2.1.fb34
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ................................................................... [...]
o- backstores ........................................................ [...]
| o- block ............................................ [Storage Objects: 0]
| o- fileio ........................................... [Storage Objects: 0]
| o- pscsi ............................................ [Storage Objects: 0]
| o- ramdisk .......................................... [Storage Objects: 0]
o- iscsi ...................................................... [Targets: 0]
o- loopback ................................................... [Targets: 0]
/>
2.2 創建共享分區
/> /backstores/block create yang:si /dev/vdb1 ##創建塊文件與/dev/vdb1關聯
Created block storage object yang:si using /dev/vdb1.
/> /iscsi create iqn.2017-03.com.yang:si ##創建iqn
Created target iqn.2017-03.com.yang:si.
Created TPG 1.
/> /iscsi/iqn.2017-03.com.yang:si/tpg1/acls create iqn.2017-03.com.yang:key1 ##創建鑰匙文件
Created Node ACL for iqn.2017-03.com.yang:key1
/> /iscsi/iqn.2017-03.com.yang:si/tpg1/luns create /backstores/block/yang:si ##關聯iqn與塊文件
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2017-03.com.yang:key
/> /iscsi/iqn.2017-03.com.yang:si/tpg1/portals create 172.25.254.125 ##開放ip共享
Using default IP port 3260
Created network portal 172.25.254.125:3260.
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup.
Configuration saved to /etc/target/saveconfig.json
2.3 登陸,使用共享磁盤
[root@iscsi-client ~]# iscsiadm -m discovery -t st -p 172.25.254.125 ##發現設備
[root@iscsi-client ~]# iscsiadm -m node -T iqn.2017-03.com.yang:si -p 172.25.254.125 -l ##登陸
[root@iscsi-client ~]# fdisk -l ##測試
[root@iscsi-client ~]# fdisk /dev/sda ##使用磁盤並分區
[root@iscsi-client ~]# partprobe
[root@iscsi-client ~]# mkfs.xfs /dev/sda1
[root@iscsi-client ~]# mount /dev/sda1 /mnt
[root@iscsi-client ~]# df
[root@iscsi-client ~]# umount /mnt
[root@iscsi-client ~]# df
[root@iscsi-client ~]# iscsiadm -m node -T iqn.2017-03.com.yang:si -u ##退出登陸
[root@iscsi-client ~]# iscsiadm -m node -T iqn.2017-03.com.yang:si -o delete ##刪除