Jinsi ya Kufunga Samba4 kwenye CentOS 7 kwa Kushiriki Faili kwenye Windows
Katika makala yetu ya mwisho, tulionyesha jinsi ya kusakinisha Samba4 kwenye Ubuntu kwa kushiriki faili za kimsingi kati ya mifumo ya Ubuntu na mashine za Windows. Ambapo tuliangalia kusanidi watu wasiojulikana (bila usalama) na vile vile kushiriki faili salama.
Hapa, tutaelezea jinsi ya kusakinisha na kusanidi Samba4 kwenye CentOS 7 (pia inafanya kazi kwenye RHEL 7) kwa kushiriki faili msingi kati ya mifumo mingine ya Linux na mashine za Windows.
Muhimu: Kuanzia toleo la 4.0, Samba inaweza kufanya kazi kama Kidhibiti cha Kikoa cha Samba4 Active Directory, ambacho kinajumuisha mada muhimu kwa Ubuntu, CentOS, na Windows.
Sakinisha Samba4 kwenye CentOS 7
1. Kwanza sakinisha Samba4 na vifurushi vinavyohitajika kutoka kwa hazina chaguomsingi za CentOS kwa kutumia zana ya kidhibiti kifurushi cha yum kama inavyoonyeshwa.
# yum install samba samba-client samba-common
2. Baada ya kufunga vifurushi vya samba, wezesha huduma za samba kuruhusiwa kupitia firewall ya mfumo na amri hizi.
# firewall-cmd --permanent --zone=public --add-service=samba # firewall-cmd --reload
Angalia Mipangilio ya Kikundi cha Kazi cha Mashine ya Windows
3. Kabla ya kuendelea kusanidi samba, hakikisha kuwa mashine ya Windows iko kwenye kikundi kazi sawa cha kusanidiwa kwenye seva ya CentOS.
Kuna njia mbili zinazowezekana za kutazama mipangilio ya kikundi cha kazi cha mashine ya Windows:
- Kubofya kulia kwenye \Kompyuta hii au \Kompyuta yangu → Sifa → Mipangilio ya kina ya mfumo → Jina la Kompyuta.
- Vinginevyo, fungua kidokezo cha cmd na utekeleze amri ifuatayo, kisha utafute \kikoa cha kituo cha kazi katika towe kama inavyoonyeshwa hapa chini.
>net config workstation
Inasanidi Samba4 kwenye CentOS 7
4. Faili kuu ya usanidi wa samba ni /etc/samba/smb.conf, faili asili huja na mipangilio ya usanidi wa awali ambayo inaelezea maagizo mbalimbali ya usanidi ili kukuongoza.
Lakini, kabla ya kusanidi samba, ninapendekeza uchukue nakala rudufu ya faili chaguo-msingi kama hii.
# cp /etc/samba/smb.conf /etc/samba/smb.conf.orig
Kisha, endelea kusanidi samba kwa huduma zisizojulikana na salama za kushiriki faili kama ilivyoelezwa hapa chini.
5. Kwanza unda saraka iliyoshirikiwa ambapo faili zitahifadhiwa kwenye seva na kuweka ruhusa zinazofaa kwenye saraka.
# mkdir -p /srv/samba/anonymous # chmod -R 0775 /srv/samba/anonymous # chown -R nobody:nobody /srv/samba/anonymous
Pia, unahitaji kubadilisha muktadha wa usalama wa SELinux kwa saraka iliyoshirikiwa ya samba kama ifuatavyo.
# chcon -t samba_share_t /srv/samba/anonymous
6. Kisha, fungua faili ya usanidi wa samba kwa uhariri, ambapo unaweza kurekebisha/kuongeza sehemu hapa chini na maagizo yanayofanana.
# vi /etc/samba/smb.conf
[global] workgroup = WORKGROUP netbios name = centos security = user [Anonymous] comment = Anonymous File Server Share path = /srv/samba/anonymous browsable =yes writable = yes guest ok = yes read only = no force user = nobody
7. Sasa thibitisha mipangilio ya sasa ya samba kwa kuendesha amri hapa chini.
# testparm
Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Processing section "[Anonymous]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] netbios name = centos printcap name = cups security = USER idmap config * : backend = tdb cups options = raw [homes] comment = Home Directories browseable = No inherit acls = Yes read only = No valid users = %S %D%w%S [printers] comment = All Printers path = /var/tmp browseable = No printable = Yes create mask = 0600 [print$] comment = Printer Drivers path = /var/lib/samba/drivers create mask = 0664 directory mask = 0775 write list = root [Anonymous] comment = Anonymous File Server Share path = /srv/samba/anonymous force user = nobody guest ok = Yes read only = No
8. Hatimaye, anza na uwashe huduma za samba kuanza kiotomatiki kwenye buti inayofuata na pia tumia mabadiliko yaliyo hapo juu ili kutekelezwa.
# systemctl enable smb.service # systemctl enable nmb.service # systemctl start smb.service # systemctl start nmb.service
9. Sasa kwenye mashine ya Windows, fungua \Mtandao kutoka kwa dirisha la Windows Explorer, kisha ubofye kwenye seva pangishi ya CentOS, au sivyo jaribu kufikia seva kwa kutumia anwani yake ya IP (tumia ifconfig amri kupata anwani ya IP).
e.g. \2.168.43.168.
10. Kisha, fungua saraka ya Wasiojulikana na ujaribu kuongeza faili huko ili kushiriki na watumiaji wengine.
Sanidi Ushiriki Salama wa Faili ya Samba4
11. Kwanza anza kwa kuunda kikundi cha mfumo wa samba, kisha ongeza watumiaji kwenye kikundi na uweke nenosiri kwa kila mtumiaji kama hivyo.
# groupadd smbgrp # usermod tecmint -aG smbgrp # smbpasswd -a tecmint
12. Kisha unda saraka salama ambapo faili zilizoshirikiwa zitawekwa na kuweka ruhusa zinazofaa kwenye saraka na muktadha wa usalama wa SELinux kwa samba.
# mkdir -p /srv/samba/secure # chmod -R 0770 /srv/samba/secure # chown -R root:smbgrp /srv/samba/secure # chcon -t samba_share_t /srv/samba/secure
13. Kisha fungua faili ya usanidi kwa ajili ya kuhariri na kurekebisha/kuongeza sehemu iliyo hapa chini na maagizo yanayolingana.
# vi /etc/samba/smb.conf
[Secure] comment = Secure File Server Share path = /srv/samba/secure valid users = @smbgrp guest ok = no writable = yes browsable = yes
14. Tena, thibitisha mipangilio ya usanidi wa samba kwa kuendesha amri ifuatayo.
$ testparm
Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Processing section "[Anonymous]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] netbios name = centos printcap name = cups security = USER idmap config * : backend = tdb cups options = raw [homes] comment = Home Directories browseable = No inherit acls = Yes read only = No valid users = %S %D%w%S [printers] comment = All Printers path = /var/tmp browseable = No printable = Yes create mask = 0600 [print$] comment = Printer Drivers path = /var/lib/samba/drivers create mask = 0664 directory mask = 0775 write list = root [Anonymous] comment = Anonymous File Server Share path = /srv/samba/anonymous force user = nobody guest ok = Yes read only = No [Secure] comment = Secure File Server Share path = /srv/samba/secure read only = No valid users = @smbgrp
15. Anzisha upya huduma za Samba ili kutumia mabadiliko.
# systemctl restart smb.service # systemctl restart nmb.service
16. Nenda kwenye mashine ya Windows, fungua \Mtandao kutoka kwa dirisha la Windows Explorer, kisha ubofye kwenye seva pangishi ya CentOS, au sivyo jaribu kufikia seva kwa kutumia anwani yake ya IP.
e.g. \2.168.43.168.
Utaulizwa kutoa jina lako la mtumiaji na nenosiri ili kuingia kwenye seva ya CentOS. Mara baada ya kuingiza kitambulisho, bofya OK.
17. Mara tu unapoingia kwa ufanisi, utaona saraka zote za samba zilizoshirikiwa. Sasa shiriki kwa usalama baadhi ya faili na watumiaji wengine wanaoruhusiwa kwenye mtandao kwa kuzidondosha kwenye saraka salama.
Unaweza pia kuangalia nakala hizi muhimu kuhusu kushiriki faili ya Samba kwenye mtandao.
- Jinsi ya Kuweka/Kushusha Mifumo ya Faili ya Ndani na Mtandao (Samba & NFS) katika Linux
- Kutumia ACL (Orodha za Udhibiti wa Ufikiaji) na Kuweka Hisa za Samba/NFS
- Jinsi ya Kurekebisha Athari za SambaCry (CVE-2017-7494) katika Mifumo ya Linux
Katika mwongozo huu, tulikuonyesha jinsi ya kusanidi Samba4 kwa kushiriki faili bila majina na salama kati ya CentOS na mifumo mingine ya Linux pamoja na mashine za Windows. Shiriki mawazo yoyote nasi kupitia sehemu ya maoni hapa chini.