RHCE : SMB – 특정 클라이언트에 네트워크 공유 제공

RHCE 주제입니다. CertDepot 사이트를 번역 및 내용 추가하였으며, 컨텐츠 관련 모든 권리는 CertDepot에 있습니다.

설정하기

1. Samba 패키지를 설치한다.
[root@server1 ~]# yum groupinstall -y "file-server"
[root@server1 ~]# yum install -y samba-client samba-winbind
2. /etc/samba/smb.conf파일을 생성하고, 아래와 같은 줄들을 추가한다(MYGROUP이라는 워크그룹과, SERVER1 이라는 서버, 로컬 네트워크는 192.168.1.0/24와 같은 ip를 가지며, user01라는 사용자, shared라는 이름의 공유를 가정한다.)
workgroup = MYGROUP
server string = Samba Server Version %v
netbios name = SERVER1
interfaces = lo eth0 192.168.1.0/24
hosts allow = 127. 192.168.1.
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
[shared]
comment = Shared directory
browseable = yes
path = /shared
valid users = user01
writable = yes

노트: “passdb backend=tdbsam” 옵션의 경우, 비밀번호는 /var/lib/samba/private/passdb.tdb파일에 저장된다.

3. 설정 파일을 확인한다.
[root@server1 ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[shared]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
    workgroup = MYGROUP
    netbios name = SERVER1
    server string = Samba Server Version %v
    interfaces = lo, eth0, 192.168.1.0/24
    log file = /var/log/samba/log.%m
    max log size = 50
    idmap config * : backend = tdb
    hosts allow = 127., 192.168.1.

[shared]
    comment = Shared directory
    path = /shared
    valid users = user01
    read only = No
4. shared 디렉토리를 생성한다.
[root@server1 ~]# mkdir /shared
5. 생성한 디렉토리에 모든 액세스 권한을 준다.
[root@server1 ~]# chmod 777 /shared/
6. 생성한 디렉토리 안에 test라는 파일을 생성한다.
[root@server1 ~]# echo "I'm testfile. This is a test." > /shared/test
7. 올바른 SELinux 컨텍스트를 디렉토리에 정의한다.
[root@server1 ~]# yum install -y setroubleshoot-server
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: centos.mirror.cdnetworks.com
 * extras: centos.mirror.cdnetworks.com
 * updates: centos.mirror.cdnetworks.com
Resolving Dependencies
--> Running transaction check
---> Package setroubleshoot-server.x86_64 0:3.2.17-2.el7 will be updated
--> Processing Dependency: setroubleshoot-server = 3.2.17-2.el7 for package: setroubleshoot-3.2.17-2.el7.x86_64
---> Package setroubleshoot-server.x86_64 0:3.2.24-1.1.el7 will be an update
--> Running transaction check
---> Package setroubleshoot.x86_64 0:3.2.17-2.el7 will be updated
---> Package setroubleshoot.x86_64 0:3.2.24-1.1.el7 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================
 Package                      Arch          Version                  Repository   Size
=======================================================================================
Updating:
 setroubleshoot-server        x86_64        3.2.24-1.1.el7           base        345 k
Updating for dependencies:
 setroubleshoot               x86_64        3.2.24-1.1.el7           base        127 k

Transaction Summary
=======================================================================================
Upgrade  1 Package (+1 Dependent package)

Total size: 472 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : setroubleshoot-server-3.2.24-1.1.el7.x86_64                         1/4 
  Updating   : setroubleshoot-3.2.24-1.1.el7.x86_64                                2/4 
  Cleanup    : setroubleshoot-3.2.17-2.el7.x86_64                                  3/4 
  Cleanup    : setroubleshoot-server-3.2.17-2.el7.x86_64                           4/4 
  Verifying  : setroubleshoot-server-3.2.24-1.1.el7.x86_64                         1/4 
  Verifying  : setroubleshoot-3.2.24-1.1.el7.x86_64                                2/4 
  Verifying  : setroubleshoot-3.2.17-2.el7.x86_64                                  3/4 
  Verifying  : setroubleshoot-server-3.2.17-2.el7.x86_64                           4/4 

Updated:
  setroubleshoot-server.x86_64 0:3.2.24-1.1.el7                                        

Dependency Updated:
  setroubleshoot.x86_64 0:3.2.24-1.1.el7                                               

Complete!
[root@server1 ~]# 
[root@server1 ~]# semanage fcontext -a -t samba_share_t "/shared(/.*)?"
[root@server1 ~]# restorecon -R /shared
[root@server1 ~]# 
8. 새 서비스를 방화벽에 추가한다.
[root@server1 ~]# firewall-cmd --permanent --add-service=samba
success
9. 방화벽 설정을 다시 로드한다.
[root@server1 ~]# firewall-cmd --reload 
success
10. Samba 서비스를 시작시에 활성화한다.
[root@server1 ~]# systemctl enable smb
ln -s '/usr/lib/systemd/system/smb.service' '/etc/systemd/system/multi-user.target.wants/smb.service'
[root@server1 ~]# systemctl enable nmb
ln -s '/usr/lib/systemd/system/nmb.service' '/etc/systemd/system/multi-user.target.wants/nmb.service'
[root@server1 ~]# systemctl enable winbind
ln -s '/usr/lib/systemd/system/winbind.service' '/etc/systemd/system/multi-user.target.wants/winbind.service'
[root@server1 ~]# 
11. Samba 서비스를 시작한다.
[root@server1 ~]# systemctl start smb
[root@server1 ~]# systemctl start nmb
[root@server1 ~]# systemctl start winbind
[root@server1 ~]# 
12. pass 라는 비밀번호를 가진 user01 samba 사용자를 생성한다.
[root@server1 ~]# useradd -s /sbin/nologin user01
[root@server1 ~]# smbpasswd -a user01
New SMB password: pass
Retype new SMB password: pass
Added user user01.
[root@server1 ~]# 
13. 설정을 확인한다.
[root@server1 ~]# smbclient //localhost/shared -U user01%pass
Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
smb: \> ls
  .                                   D        0  Tue Apr 26 17:18:35 2016
  ..                                  D        0  Tue Apr 26 17:16:21 2016
  test                                N       30  Tue Apr 26 17:18:35 2016

		8910848 blocks of size 1024. 4432192 blocks available
smb: \> 

추가 자료

at4am의 프로필 이미지

at4am

2016년 05월 05일

글쓴이의 더 많은 글 읽어보기