LAMP架构详解
1、在Centos7中搭建php-fpm工作方式的LAMP环境,实现wordpress正常访问
实验环境:
mysql服务器IP:192.168.170.8
php-fpm服务器IP:192.168.170.9
httpd服务器IP:192.168.170.10
二、搭建Lamp
1、mysql服务的搭建
[code]在mysql服务器上执行下面的命令: [root@mysql ~]# yum install -y mariadb-server 安装完成后,编辑/etc/my.cnf文件,添加常用参数: [root@mysql ~]# vi /etc/my.cnf [mysqld] innodb_file_per_table=ON skip-name-resolve=ON 保存后启动mariadb服务: [root@mysql ~]# systemctl start mariadb [root@mysql ~]# systemctl enable mariadb Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service. [root@mysql ~]# mysql_secure_installation #对mysql数据库进行安全加固 授权test账号: [root@mysql ~]# mysql -uroot -p123456 MariaDB [(none)]> GRANT ALL ON *.* TO 'test'@'192.168.%.%' IDENTIFIED BY "magedu"; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec)
2、php-fpm服务器的搭建
[code]在php服务器输入下面的命令安装php-fpm: [root@fpm ~]# yum install -y php-fpm php-mysql php-mbstring php-mcrypt 注意:如果找不到php-mcrypt包,需先安装epel-release: [root@mysql ~]# yum install epel-release 安装完成后,会生成相关的配置文件,包括: 服务配置文件:/etc/php-fpm.conf,/etc/php-fpm.d/*.conf php环境配置文件:/etc/php.ini,/etc/php.d/*.ini [root@fpm php-fpm.d]# vim /etc/php-fpm.d/www.conf listen = 192.168.170.9:9000 #修改监听的端口和IP listen.backlog = -1 #后援队列,指最大的等待队列,-1表示无限制; listen.allowed_clients = 192.168.170.10 #指定允许哪些IP能访问此服务,此处允许httpd服务器访问 user = apache #运行进程的用户 group = apache #运行进程的用户组 pm = dynamic #指定fpm的运行模式 pm.max_children = 50 pm.start_servers = 5 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 500 pm.status_path = /status ping.response = pong ping.path = /ping php_value[session.save_handler] = files php_value[session.save_path] = /var/lib/php/session #此目录不存在,需手动创建,并将属主属组指定为httpd的运行用户 随后创建指定的目录: [root@fpm php-fpm.d]# mkdir -pv /var/lib/php/session mkdir: created directory ‘/var/lib/php/session’ [root@fpm php-fpm.d]# chown apache:apache /var/lib/php/session/ 最后启动php-fpm服务: [root@fpm php-fpm.d]# systemctl start php-fpm.service [root@fpm php-fpm.d]# ss -tnl | grep 9000 LISTEN 0 128 192.168.170.9:9000 *:* [root@fpm php-fpm.d]# ps aux | grep fpm root 23953 0.4 1.0 335604 10604 ? Ss 17:18 0:00 php-fpm: master process (/etc/php-fpm.conf) apache 23955 0.0 0.4 335604 4732 ? S 17:18 0:00 php-fpm: pool www apache 23956 0.0 0.4 335604 4732 ? S 17:18 0:00 php-fpm: pool www apache 23957 0.0 0.4 335604 4736 ? S 17:18 0:00 php-fpm: pool www apache 23958 0.0 0.4 335604 4736 ? S 17:18 0:00 php-fpm: pool www apache 23959 0.0 0.4 335604 4736 ? S 17:18 0:00 php-fpm: pool www root 23968 0.0 0.0 112660 976 pts/0 R+ 17:19 0:00 grep --color=auto fpm
3、搭建httpd服务
[code]在httpd服务器上安装httpd服务: [root@httpd ~]# yum install -y httpd 安装完成后,确认是否加载了模块proxy_fcgi_module: [root@httpd ~]# httpd -M |grep fcgi proxy_fcgi_module (shared) 随后编辑创建/etc/httpd/conf.d/fcgi.conf配置文件: [root@httpd ~]# vim /etc/httpd/conf.d/fcgi.conf DirectoryIndex index.php #设置默认主页为index.php ProxyRequests off #关闭正向代理 #将以.php结尾的URL代理转发给fcgi://192.168.109:9000 ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.170.9:9000/var/www/html/$1 ProxyPassMatch ^/(ping|status)$ fcgi://192.168.170.9:9000/$1 若是配置虚拟主机的话,可参考下面的配置: Listen 8080 <VirtualHost *:8080> DirectoryIndex index.php ServerName www.a.com DocumentRoot /data/www/html ProxyRequests off ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.170.9:9000/var/www/html/$1 ProxyPassMatch ^/(ping|pmstatus)$ fcgi://192.168.170.9:9000/$1 <Directory "/data/www/html"> options none Allowoverride None Require all granted </Directory> </VirtualHost>
4、在php-fpm服务器上创建编辑index.php 和mysql.php进行测试
[code]#首先创建对应的存放目录,此处设置与httpd服务上设置的fcgi://192.168.109:9000/var/www/html/$相一致 [root@fpm ~]# mkdir -pv /var/www/html/ [root@fpm ~]# vim /var/www/html/index.php # <?php phpinfo(); ?> [root@fpm ~]# vim /var/www/html/mysql.php <?php $conn = mysql_connect('192.168.170.8','test','magedu'); if ($conn) echo "Connected to mysql."; else echo "Fail"; ?>
最后测试httpd是否能连接到php访问相应的页面:
红框中的信息说明网页是以php-fpm的方式工作的
httpd是否能连接到数据库
访问status页面
访问ping页面
至此以php-fpm工作方式运行的lamp已搭建完毕。
三、wordpress的搭建
[code]在php-fpm服务器上通过命令下载wordpress的安装包并解压复制到/var/www/html目录下: [root@fpm ~]# wget https://cn.wordpress.org/wordpress-4.9.4-zh_CN.tar.gz [root@fpm ~]# tar xf wordpress-4.9.4-zh_CN.tar.gz [root@fpm ~]# cp -a wordpress /var/www/html/ [root@fpm ~]# chown -R apache:apache /var/www/html/wordpress/ 随后在httpd服务器上创建/var/www/html/wordpress目录: #此举是为了访问URL/wordpress时能正常代理转发到php-fpm服务器上,否则会提示/wordpress不存在 [root@localhost ~]# mkdir /var/www/html/wordpress 随后访问随后访问192.168.170.10/wordpress/wp-admin/setup-config.php wordpress初始化页面
提示需要复制wp-config.smaple.php 到wp-config.pnp 并编辑内容保持和创建数据库的用户名和密码等信息一致。
此时需要为wordpress的搭建提供相应的数据库账号及建立相应的数据库:
[root@mysql ~]# mysql -uroot -p123456
MariaDB [(none)]> CREATE DATABASE wordpress;
MariaDB [(none)]> GRANT ALL ON wordpress.* TO 'wpuser'@'192.168.%.%' IDENTIFIED BY 'magedu';
MariaDB [(none)]> FLUSH PRIVILEGES;
exit
[root@mysql wordpress]# cp wp-config-sample.php wp-config.php
[root@mysql wordpress]# vi wp-config.php
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL数据库密码 */
define('DB_PASSWORD', '123456');
/** MySQL主机 */
define('DB_HOST', '192.168.170.8');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
接着继续wordpress的初始化操作:
DML:数据操纵语言,主要用管理表中的数据,实现数据的增、删、改、查(INSERT, DELETE, UPDATE, SELECT);
以示例来说明:
[code]MariaDB [(none)]> CREATE DATABASE student; Query OK, 1 row affected (0.03 se 20000 c) MariaDB [(none)]> USE student; Database changed 创建数据表books,并定义各个字段。 MariaDB [student]> CREATE TABLE books -> ( -> id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, -> name VARCHAR(40) NOT NULL, -> authors VARCHAR(200) NOT NULL, -> price INT(11) NOT NULL, -> pubdate YEAR NOT NULL, -> note VARCHAR(255) NULL, -> num INT NOT NULL DEFAULT 0 -> ); Query OK, 0 rows affected (0.42 sec) 将表8.2中的记录插入books表中,分别使用不同的方法插入记录,执行过程如下。 表创建好之后,使用SELECT语句查看表中的数据,结果如下: MariaDB [student]> SELECT * FROM books; Empty set (0.00 sec) 可以看到,当前表中为空,没有任何数据,下面向表中插入记录。 (1)指定所有字段名称插入记录,SQL语句如下。 MariaDB [student]> INSERT INTO books -> (id, name, authors, price, pubdate,note,num) -> VALUES(1, 'Tale of AAA', 'Dickes', 23, '1995', 'novel',11); Query OK, 1 row affected (0.10 sec) 语句执行成功,插入了一条记录。 (2)不指定字段名称插入记录,SQL语句如下。 MariaDB [student]> INSERT INTO books -> VALUES (2,'EmmaT','Jane lura',35,'1993', 'joke',22); Query OK, 1 row affected (0.01 sec) 语句执行成功,插入了一条记录。 使用SELECT语句查看当前表中的数据: MariaDB [student]> SELECT * FROM books; +----+------------------+-----------+-------+---------+---------+-----+ | id | name | authors | price | pubdate | note | num | +----+-----------------+-----------+---------+---------+---------+-----+ | 1 | Tale of AAA | Dickes | 23 | 1995 | novel | 11 | | 2 | EmmaT | Jane lura | 35 | 1993 | joke | 22 | +----+----------------+-------------+---------+----------+-------+------+ 2 rows in set (0.00 sec) 可以看到,两条语句分别成功插入了两条记录。 (3)同时插入多条记录。 使用INSERT语句将剩下的多条记录插入表中,SQL语句如下: MariaDB [student]> INSERT INTO books -> VALUES(3, 'Story of Jane', 'Jane Tim', 40, '2001', 'novel', 0), -> (4, 'Lovey Day', 'George Byron', 20, '2005', 'novel', 30), -> (5, 'Old Land', 'Honore Blade', 30, '2010', 'law',0), -> (6,'The Battle','Upton Sara',33,'1999', 'medicine',40), -> (7,'Rose Hood','Richard Kale',28,'2008', 'cartoon',28); Query OK, 5 rows affected (0.00 sec) Records: 5 Duplicates: 0 Warnings: 0 由结果可以看到,语句执行成功,总共插入了5条记录,使用SELECT语句查看表中所有的记录: MariaDB [student]> SELECT * FROM books; +----+----------------------+--------------+---------+--------------+--------------+-----+ | id | name | authors | price | pubdate | note | num | +----+------------------------+-------------+----------+-------------+---------------+-----+ | 1 | Tale of AAA | Dickes | 23 | 1995 | novel | 11 | | 2 | EmmaT | Jane lura | 35 | 1993 | joke | 22 | | 3 | Story of Jane | Jane Tim | 40 | 2001 | novel | 0 | | 4 | Lovey Day | George Byron | 20 | 2005 | novel | 30 | | 5 | Old Land | Honore Blade | 30 | 2010 | law | 0 | | 6 | The Battle | Upton Sara | 33 | 1999 | medicine | 40 | | 7 | Rose Hood | Richard Kale | 28 | 2008 | cartoon | 28 | +----+-----------------------+-----------------+----------+--------------+-------------+-----+ 7 rows in set (0.00 sec) 由结果可以看到,所有记录成功插入表中。 将小说类型(novel)的书的价格都增加5。 执行该操作的SQL语句为: UPDATE books SET price = price + 5 WHERE note = ‘novel’; 执行前先使用SELECT语句查看当前记录: MariaDB [student]> SELECT id, name, price, note FROM books WHERE note = 'novel'; +----+----------------------+-------+-------+ | id | name | price | note | +----+----------------------+-------+-------+ | 1 | Tale of AAA | 23 | novel | | 3 | Story of Jane | 40 | novel | | 4 | Lovey Day | 20 | novel | +----+---------------+-------+-------+ 3 rows in set (0.00 sec) 使用UPDATE语句执行更新操作: MariaDB [student]> UPDATE books SET price = price + 5 WHERE note = 'novel'; Query OK, 3 rows affected (0.00 sec) Rows matched: 3 Changed: 3 Warnings: 0 由结果可以看到,该语句对3条记录进行了更新,使用SELECT语句查看更新结果: MariaDB [student]> SELECT id, name, price, note FROM books WHERE note = 'novel'; +----+-------------------+-------+-------+ | id | name | price | note | +----+------------------+----------+-------+ | 1 | Tale of AAA | 28 | novel | | 3 | Story of Jane | 45 | novel | | 4 | Lovey Day | 25 | novel | +----+-----------------+-----------+-------+ 对比可知,price的值都在原来的价格之上增加了5。 将名称为EmmaT的书的价格改为40,并将说明改为drama。 修改语句为: MariaDB [student]> UPDATE books SET price=40,note= 'drama 'WHERE name= 'EmmaT '; 执行修改前,使用SELECT语句查看当前记录: MariaDB [student]> SELECT name, price, note FROM books WHERE name='EmmaT'; +---------+-------+------+ | name | price | note | +----------+-------+------+ | EmmaT | 35 | joke | +---------+-------+------+ 1 row in set (0.00 sec) 下面执行修改操作: MariaDB [student]> UPDATE books SET price=40,note='drama' WHERE name='EmmaT'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 结果显示修改了一条记录,使用SELECT查看执行结果: MariaDB [student]> SELECT name, price, note FROM books WHERE name='EmmaT'; +---------+--------+-------+ | name | price | note | +---------+---------+-------+ | EmmaT | 40 | drama | +---------+---------+-------+ 1 row in set (0.00 sec) 可以看到,price和note字段的值已经改变,修改操作成功。 删除库存为0的记录。 删除库存为0的语句为: DELETE FROM books WHERE num=0; 删除之前使用SELECT语句查看当前记录: MariaDB [student]> SELECT * FROM books WHERE num=0; +----+----------------+----------------+---------+---------+-------+-----+ | id | name | authors | price | pubdate | note | num | +----+-----------------+---------------+----------+---------+-------+-----+ | 3 | Story of Jane | Jane Tim | 45 | 2001 | novel | 0 | | 5 | Old Land | Honore Blade | 30 | 2010 | law | 0 | +----+------------------+----------------+--------+---------+--------+-----+ 2 rows in set (0.00 sec) 可以看到,当前有两条记录的num值为0,下面使用DELETE语句删除这两条记录,SQL语句如下: MariaDB [student]> DELETE FROM books WHERE num=0; Query OK, 2 rows affected (0.00 sec) 语句执行成功,查看操作结果: MariaDB [student]> SELECT * FROM books WHERE num=0; Empty set (0.00 sec) 可以看到,查询结果为空,表中已经没有库存量为0的记录。
3、简述ftp的主动和被动模式,并实现基于pam认证的vsftpd
[code]一、安装所需要程序 1、安装mysql和pam_mysql [root@node1 ~]# yum -y install mysql-server mysql-devel pam_mysql vsftpd 注意:pam_mysql由epel源提供。 二、创建虚拟用户账号 1.准备数据库及相关表 首先请确保mysql服务已经正常启动。而后,按需要建立存储虚拟用户的数据库即可,这里将其创建为vsftpd数据库。 [root@node1 ~]# mysql -uroot -p123456 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 60 Server version: 5.5.60-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> MariaDB [(none)]> create database vsftpd; Query OK, 1 row affected (0.01 sec) MariaDB [(none)]> grant select on vsftpd.* to vsftpd@node3 identified by 'www.magedu.com'; Query OK, 1 row affected (0.01 sec) MariaDB [(none)]> grant select on vsftpd.* to vsftpd@127.0.0.1 identified by 'www.magedu.com'; Query OK, 1 row affected (0.01 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> use vsftpd; MariaDB [vsftpd]> create table users ( id int AUTO_INCREMENT NOT NULL, name char(20) binary NOT NULL, password char(48) binary NOT NULL, primary key(id) ); Query OK, 1 row affected (0.01 sec) 2、添加测试的虚拟用户 根据需要添加所需要的用户,需要说明的是,这里将其密码为了安全起见应该使用PASSWORD函数加密后存储。 MariaDB [vsftpd]> insert into users(name,password) values('magedu1',password('magedu')); Query OK, 1 row affected (0.01 sec) MariaDB [vsftpd]> insert into users(name,password) values('magedu2',password('magedu')); Query OK, 1 row affected (0.01 sec) 三、配置vsftpd 1.建立pam认证所需文件 [root@node1 ~]#vi /etc/pam.d/vsftpd.mysql 添加如下两行 auth required /lib/security/pam_mysql.so user=vsftpd passwd=www.magedu.com host=node3 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2 account required /lib/security/pam_mysql.so user=vsftpd passwd=www.magedu.com host=node3 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2 注意:由于mysql的安装方式不同,pam_mysql.so基于unix sock连接mysql服务器时可能会出问题,此时,建议授权一个可远程连接的mysql并访问vsftpd数据库的用户。 2.修改vsftpd的配置文件,使其适应mysql认证 建立虚拟用户映射的系统用户及对应的目录 [root@node1 ~]# useradd -s /sbin/nologin -d /var/ftproot vuser [root@node1 ~]# chmod go+rx /var/ftproot 请确保/etc/vsftpd.conf中已经启用了以下选项 [root@node1 ~]# vi /etc/vsftpd/vsftpd.conf anonymous_enable=NO local_enable=YES write_enable=YES anon_upload_enable=NO anon_mkdir_write_enable=NO chroot_local_user=YES 而后添加以下选项 guest_enable=YES guest_username=vuser 并确保pam_service_name选项的值如下所示 pam_service_name=vsftpd.mysql 四、启动vsftpd服务 [root@node1 ~]# systemctl start vsftpd [root@node1 ~]# systemctl enable vsftpd Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service. [root@node1 ~]# 查看端口开启情况 [root@node1 ~]# netstat -tnlp | grep :21 tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23286/vsftpd 使用虚拟用户登录,验正配置结果,以下为本机的命令方式测试,你也可以在其它Win Box上用IE或者FTP客户端工具登录验正 # ftp node3
这是实验我之前已经测试过了,没有任何问题,
5、简述samba服务,并实现samba配置
[code]实验环境: smb 服务端192.168.170.8 smb 客户端192.168.170.9 注:确保防火墙关闭和selinux功能 yum安装smb服务器 [root@node1 samba]# yum -y install samba [root@node1 samba]# systemctl start smb.serivce yum安装smb客户端 [root@node3 ~]# yum -y install samba [root@node3 ~]# smbclient -L 192.168.170.8 Enter SAMBA\root's password: Anonymous login successful Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.7.1) Reconnecting with SMB1 for workgroup listing. Anonymous login successful Server Comment --------- ------- Workgroup Master --------- ------- 添加Samba用户和密码 [root@node1 samba]# useradd smbuser1 [root@node1 samba]# smbpasswd -a smbuser1 New SMB password: Retype new SMB password: Added user smbuser1. 通过帮助命令查看Sambapasswd相关选项使用 [root@node1 samba]# smbpasswd -h When run by root: smbpasswd [options] [username] otherwise: smbpasswd [options] options: -L local mode (must be first option) -h print this usage message -s use stdin for password prompt -c smb.conf file Use the given path to the smb.conf file -D LEVEL debug level -r MACHINE remote machine -U USER remote username (e.g. SAM/user) extra options when run by root or in local mode: -a add user -d disable user -e enable user -i interdomain trust account -m machine trust account -n set no password -W use stdin ldap admin password -w PASSWORD ldap admin password -x delete user -R ORDER name resolve order 测试node3测试Samba [root@node3 ~]# smbclient -L 192.168.170.8 -U smbuser1 Enter SAMBA\smbuser1's password: Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.7.1) smbuser1 Disk Home Directories Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- [root@node3 ~]# [root@node3 ~]# smbclient //192.168.170.8/smbuser1 -U smbuser1 Enter SAMBA\smbuser1's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Fri Nov 2 14:04:28 2018 .. D 0 Fri Nov 2 14:04:28 2018 .bash_logout H 18 Wed Apr 11 08:53:01 2018 .bash_profile H 193 Wed Apr 11 08:53:01 2018 .bashrc H 231 Wed Apr 11 08:53:01 2018 29345792 blocks of size 1024. 27224188 blocks available smb: \> get .bashrc getting file \.bashrc of size 231 as .bashrc (3.0 KiloBytes/sec) (average 3.0 KiloBytes/sec) smb: \> put fstab fstab does not exist smb: \> ls . D 0 Fri Nov 2 14:04:28 2018 .. D 0 Fri Nov 2 14:04:28 2018 .bash_logout H 18 Wed Apr 11 08:53:01 2018 .bash_profile H 193 Wed Apr 11 08:53:01 2018 .bashrc H 231 Wed Apr 11 08:53:01 2018 29345792 blocks of size 1024. 27224228 blocks available smb: \> lcd /tmp/ smb: \> get .bashrc getting file \.bashrc of size 231 as .bashrc (75.2 KiloBytes/sec) (average 5.9 KiloBytes/sec) smb: \> lcd /etc/ smb: \> put fstab putting file fstab as \fstab (2.3 kb/s) (average 2.3 kb/s) smb: \> [root@node3 ~]# ls -a /tmp/ . .. .bashrc .font-unix .ICE-unix ks-script-ajrb3k .Test-unix .X11-unix .XIM-unix yum.log [root@node3 ~]# [root@node1 tmp]# cd [root@node1 ~]# cd /etc/ [root@node1 etc]# su - smbuser1 [smbuser1@node1 ~]$ ls fstab [smbuser1@node1 ~]$ [root@node1 ~]# mkdir /data/samba/files -pv [root@node1 samba]# vi smb.conf [myfiles] comment = A test shared dir. guest ok = Yes path = /data/samba/files read only = No [root@node1 samba]# systemctl restart smb.service [root@node3 samba]# smbclient -L 192.168.170.8 -U smbuser1 Enter SAMBA\smbuser1's password: Sharename Type Comment --------- ---- ------- myfiles Disk A test shared dir. IPC$ IPC IPC Service (Samba Server Version 4.7.1) smbuser1 Disk Home Directories Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- [root@node3 samba]# [root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser2 Enter SAMBA\smbuser2's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Fri Nov 2 14:52:55 2018 .. D 0 Fri Nov 2 14:52:55 2018 29345792 blocks of size 1024. 27223668 blocks available smb: \> smb: \> put fstab fstab does not exist smb: \> lcd /etc/ smb: \> put fstab putting file fstab as \fstab (25.8 kb/s) (average 25.8 kb/s) smb: \> exit [root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser1 Enter SAMBA\smbuser1's password: Try "help" to get a list of possible commands. smb: \> smb: \> smb: \> ls . D 0 Sat Nov 3 00:28:46 2018 .. D 0 Fri Nov 2 14:52:55 2018 fstab A 501 Sat Nov 3 00:28:46 2018 29345792 blocks of size 1024. 27223652 blocks available smb: \> smb: \> lcd /etc/ smb: \> put fstab NT_STATUS_ACCESS_DENIED opening remote file \fstab smb: \> [root@node1 samba]# useradd smbuser2 [root@node1 samba]# smbpasswd -a smbuser2 New SMB password: Retype new SMB password: Added user smbuser2. [root@node1 samba]# [root@node1 samba]# [root@node1 samba]# smbclient -L 172.16.0.68 -U smbuser2 WARNING: no network interfaces found Connection to 172.16.0.68 failed (Error NT_STATUS_IO_TIMEOUT) [root@node1 samba]# smbclient -L 192.168.170.8 -U smbuser2 WARNING: no network interfaces found Enter MYGROUP\smbuser2's password: Sharename Type Comment --------- ---- ------- myfiles Disk A test shared dir. IPC$ IPC IPC Service (Samba Server Version 4.7.1) smbuser2 Disk Home Directories Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- [root@node1 samba]# vi smb.conf write list= smbuser1 [root@node1 samba]# ll -d /data/samba/files/ drwxr-xr-x. 2 root root 6 Nov 2 14:52 /data/samba/files/ [root@node1 samba]# setfacl -m u:smbuser2:rwx /data/samba/files/ [root@node1 samba]# getfacl /data/samba/files/ getfacl: Removing leading '/' from absolute path names # file: data/samba/files/ # owner: root # group: root user::rwx user:smbuser2:rwx group::r-x mask::rwx other::r-x [root@node1 samba]# [root@node1 samba]# setfacl -m u:smbuser1:rwx /data/samba/files/ [root@node1 samba]# getfacl /data/samba/files/ getfacl: Removing leading '/' from absolute path names # file: data/samba/files/ # owner: root # group: root user::rwx user:smbuser1:rwx user:smbuser2:rwx group::r-x mask::rwx other::r-x [root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser1 Enter SAMBA\smbuser1's password: Try "help" to get a list of possible commands. smb: \> lcd /etc/ smb: \> put favicon.png putting file favicon.png as \favicon.png (35.1 kb/s) (average 35.1 kb/s [root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser2 Enter SAMBA\smbuser2's password: Try "help" to get a list of possible commands. smb: \> lcd /etc/ smb: \> put passwd NT_STATUS_ACCESS_DENIED opening remote file \passwd [root@node1 samba]# groupadd smbgroup [root@node1 samba]# setfacl -m g:smbgroup:rwx /data/samba/files/ [root@node1 samba]# getfacl /data/samba/files/ getfacl: Removing leading '/' from absolute path names # file: data/samba/files/ # owner: root # group: root user::rwx user:smbuser1:rwx user:smbuser2:rwx group::r-x group:smbgroup:rwx mask::rwx other::r-x [root@node1 samba]# vi smb.conf write list= +smbgroup browseable = yes "smb.conf" 320L, 11505C written [root@node1 samba]# [root@node1 samba]# [root@node1 samba]# !sys systemctl restart smb.service [root@node1 samba]# useradd -G smbgroup smbuser3 [root@node1 samba]# useradd -G smbgroup smbuser4 [root@node1 samba]# smbpasswd -a smbuser3 New SMB password: Retype new SMB password: Added user smbuser3. [root@node1 samba]# smbpasswd -a smbuser4 New SMB password: Retype new SMB password: Added user smbuser4. [root@node1 samba]# [root@node3 ~]# smbclient //192.168.170.8/myfiles -U smbuser3 Enter SAMBA\smbuser3's password: Try "help" to get a list of possible commands. smb: \> lcd /etc/ smb: \> put group putting file group as \group (113.0 kb/s) (average 113.0 kb/s) smb: \> [root@node1 samba]# ls /mnt/ [root@node1 samba]# mount -t cifs //192.168.170.8/myfiles /mnt -o username=smbuser3,password=123456 [root@node1 samba]# mount
阅读更多
- [LAMP] Linux LAMP(Server)服务器,LAMP部署、安装及LAMP架构原理详解
- LAMP架构系统服务搭建过程详解
- LAMP分布式架构,通过fcgi通信方式进行工作详解和缓存加速之压力测试。
- 基于LAMP架构的主流论坛和博客搭建过程详解
- LAMP-详解基本架构
- LAMP-详解基本架构
- LAMP-详解基本架构
- LAMP架构(nginx安装,默认虚拟主机,用户认证,域名重定向,nginx配置文件详解)
- LAMP架构原理及搭建详解 推荐
- LAMP架构搭建以及基于LAMP架构的主流论坛和博客搭建过程详解
- 详解Ansible(Roles)自动化部署配置LAMP架构
- 源码编译搭建LAMP架构
- Dubbo架构设计详解
- php开发lamp环境搭建详解
- [跟我学中小企业架构部署]之四:WEB服务器LAMP部署
- RESTful架构详解
- LAMP应用架构部署指南II--Linux安装及初始环境设置
- ubuntu_11.04_server安装详解+LAMP
- 大型网站架构系列:负载均衡详解(1)
- OpenStack的架构详解(8)