1、安装samba
[root@localhost ~]# yum install -y samba
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.lzu.edu.cn
* extras: mirror.lzu.edu.cn
* updates: mirror.lzu.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:4.10.16-13.el7_9 will be installed
--> Processing Dependency: samba-libs = 4.10.16-13.el7_9 for package: samba-4.10.16-13.el7_9.x86_64
--> Processing Dependency: samba-common-tools = 4.10.16-13.el7_9 for package: samba-4.10.16-13.el7_9.x86_64
--> Processing Dependency: samba-common-libs = 4.10.16-13.el7_9 for package: samba-4.10.16-13.el7_9.x86_64
...
...
...
Verifying : pytalloc-2.1.16-1.el7.x86_64 13/19
Verifying : libtalloc-2.1.16-1.el7.x86_64 14/19
Verifying : nettle-2.7.1-8.el7.x86_64 15/19
Verifying : samba-common-libs-4.10.16-13.el7_9.x86_64 16/19
Verifying : avahi-libs-0.6.31-20.el7.x86_64 17/19
Verifying : gnutls-3.3.29-9.el7_6.x86_64 18/19
Verifying : libtdb-1.3.18-1.el7.x86_64 19/19
Installed:
samba.x86_64 0:4.10.16-13.el7_9
Dependency Installed:
avahi-libs.x86_64 0:0.6.31-20.el7 cups-libs.x86_64 1:1.6.3-51.el7 gnutls.x86_64 0:3.3.29-9.el7_6
libldb.x86_64 0:1.5.4-1.el7 libtalloc.x86_64 0:2.1.16-1.el7 libtdb.x86_64 0:1.3.18-1.el7
libtevent.x86_64 0:0.9.39-1.el7 libwbclient.x86_64 0:4.10.16-13.el7_9 nettle.x86_64 0:2.7.1-8.el7
pyldb.x86_64 0:1.5.4-1.el7 pytalloc.x86_64 0:2.1.16-1.el7 python-tdb.x86_64 0:1.3.18-1.el7
samba-client-libs.x86_64 0:4.10.16-13.el7_9 samba-common.noarch 0:4.10.16-13.el7_9 samba-common-libs.x86_64 0:4.10.16-13.el7_9
samba-common-tools.x86_64 0:4.10.16-13.el7_9 samba-libs.x86_64 0:4.10.16-13.el7_9 trousers.x86_64 0:0.3.14-2.el7
Complete!
[root@localhost ~]# rpm -qa | grep samba
samba-common-4.10.16-13.el7_9.noarch
samba-client-libs-4.10.16-13.el7_9.x86_64
samba-libs-4.10.16-13.el7_9.x86_64
samba-4.10.16-13.el7_9.x86_64
samba-common-libs-4.10.16-13.el7_9.x86_64
samba-common-tools-4.10.16-13.el7_9.x86_64
2、防火墙允许samba、关闭selinux
[root@localhost ~]# firewall-cmd --add-service samba --permanent
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# vim /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
3、创建共享目录
3.1作为共享服务器,共享目录当然选择磁盘分区最大的目录作为共享目录所在位置。
[root@localhost /]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 465.8G 0 disk
鈹溾攢sda1 8:1 0 200M 0 part /boot/efi
鈹溾攢sda2 8:2 0 1G 0 part /boot
鈹斺攢sda3 8:3 0 464.6G 0 part
鈹溾攢centos-root 253:0 0 50G 0 lvm /
鈹溾攢centos-swap 253:1 0 7.8G 0 lvm [SWAP]
鈹斺攢centos-home 253:2 0 406.8G 0 lvm /home
[root@localhost /]#
3.2在/home下创建共享文件及目录
[root@localhost /]# mkdir /home/samba
[root@localhost /]# chmod 777 /home/samba #为了方便验证,先给共享目录777权限
4、创建用户及用户组
[root@localhost /]# groupadd hr
[root@localhost /]# useradd zhaoyu -d /home/samba -s /sbin/nologin
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@localhost /]# cd /home
[root@localhost home]# ls
hrserver samba
[root@localhost home]# cd ~
[root@localhost ~]# gpasswd -a zhaoyu hr
Adding user zhaoyu to group hr
[root@localhost ~]# useradd hujin -d /home/samba -s /sbin/nologin
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@localhost ~]# gpasswd -a hujin hr
Adding user hujin to group hr
[root@localhost ~]# pdbedit -a root
new password:
retype new password:
Unix username: root
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1000
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name: root
Home Directory: \\localhost\root
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\root\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 03:21:36 EDT
Password can change: Mon, 29 Mar 2021 03:21:36 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# pdbedit -a zhaoyu
new password:
retype new password:
Unix username: zhaoyu
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1001
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name:
Home Directory: \\localhost\zhaoyu
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\zhaoyu\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 03:21:50 EDT
Password can change: Mon, 29 Mar 2021 03:21:50 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# pdbedit -a hujin
new password:
retype new password:
Unix username: hujin
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1002
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name:
Home Directory: \\localhost\hujin
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\hujin\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 03:22:01 EDT
Password can change: Mon, 29 Mar 2021 03:22:01 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# pdbedit -L
root:0:root
hujin:1002:
zhaoyu:1001:
[root@localhost ~]#
5、编辑smb.conf
[root@localhost ~]# vim /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 100
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
#[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[hrserver]
comment = hrserver
path = /home/samba
public = no
valid users = @root,@hr
write list = @root,@hr
[root@localhost ~]# systemctl restart smb
[root@localhost ~]# systemctl status smb
鈼[0m smb.service - Samba SMB Daemon
Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2021-03-29 03:49:41 EDT; 12s ago
Docs: man:smbd(8)
man:samba(7)
man:smb.conf(5)
Main PID: 30216 (smbd)
Status: "smbd: ready to serve connections..."
CGroup: /system.slice/smb.service
鈹溾攢30216 /usr/sbin/smbd --foreground --no-process-group
鈹溾攢30218 /usr/sbin/smbd --foreground --no-process-group
鈹溾攢30219 /usr/sbin/smbd --foreground --no-process-group
鈹斺攢30221 /usr/sbin/smbd --foreground --no-process-group
Mar 29 03:49:40 localhost.localdomain systemd[1]: Starting Samba SMB Daemon...
Mar 29 03:49:41 localhost.localdomain smbd[30216]: [2021/03/29 03:49:41.345958, 0] ../../lib/util/become_daemon.c:136(daemon_ready)
Mar 29 03:49:41 localhost.localdomain smbd[30216]: daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
Mar 29 03:49:41 localhost.localdomain systemd[1]: Started Samba SMB Daemon.
[root@localhost ~]#
[root@localhost ~]# systemctl enable smb
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
[root@localhost ~]#
6、验证配置
这个是啥原因呢?
关闭防火墙后还是不行,排除防火墙原因导致的无权限访问;
[root@localhost home]# systemctl stop firewalld
[root@localhost home]# systemctl status firewalld
鈼firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2021-03-29 04:24:37 EDT; 6s ago
Docs: man:firewalld(1)
Process: 4201 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 4201 (code=exited, status=0/SUCCESS)
Mar 29 04:07:06 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Mar 29 04:07:06 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Mar 29 04:23:58 localhost.localdomain firewalld[4201]: WARNING: ALREADY_ENABLED: samba
Mar 29 04:24:36 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
Mar 29 04:24:37 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@localhost home]# systemctl restart smb
[root@localhost home]#
修改smb.conf,还是不行,排除用户权限原因导致的无权限访问;
[hrserver]
comment = hrserver
path = /home/samba
public = yes
guest ok = yes
valid users = root zhaoyu hujin
"/etc/samba/smb.conf" 48L, 1050C written
[root@localhost home]# systemctl restart smb
[root@localhost home]#
将smb.conf中[homes]项内容全部注销掉后,可以打开共享
新的问题又来了,无hrserver操作权限
先检查共享目录权限
[root@localhost ~]# cd /home
[root@localhost home]# ll
total 0
drwx------. 2 hrserver hrserver 62 Apr 11 2018 hrserver
drwxr-xr-x 2 root root 6 Mar 29 05:15 samba
[root@localhost home]# chmod 777 samba
[root@localhost home]# ll
total 0
drwx------. 2 hrserver hrserver 62 Apr 11 2018 hrserver
drwxrwxrwx 2 root root 6 Mar 29 05:15 samba
[root@localhost home]# systemctl restart smb
[root@localhost home]#
无效,再看看smb.conf的设置
[hrserver]
comment = hrserver
path = /home/samba
public = no
valid users = @hr,@root
write list = @hr,@root
create mask = 0777
directory mask = 0777
"/etc/samba/smb.conf" 49L, 1072C written
[root@localhost home]# systemctl restart smb
仍旧无hrserver权限
实在找不出来问题原因,但是在其他电脑上居然可以正常登陆,难道是在同一台电脑上ssh和samba不允许同时登陆?也不是啊,关闭ssh也是无法登录samba,先不管这个了,接着配置其他。
7、增加用户,尽量做到每个人使用一个用户,以便日志记录及追责
[root@localhost ~]# pdbedit -L
root:0:root
hujin:1002:
zhaoyu:1001:
liuwen:1003:
[root@localhost ~]# useradd -s /sbin/nologin -G hr liuwen
useradd: user 'liuwen' already exists
[root@localhost ~]# userdel liuwen
[root@localhost ~]# useradd -s /sbin/nologin -G hr liuwen
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
[root@localhost ~]# useradd -s /sbin/nologin -G hr dangrou
[root@localhost ~]# useradd -s /sbin/nologin -G hr liujia
[root@localhost ~]# useradd -s /sbin/nologin -G hr shixisheng
[root@localhost ~]# pdbedit -a liuwen
new password:
retype new password:
Unix username: liuwen
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1003
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name:
Home Directory: \\localhost\liuwen
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\liuwen\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 22:26:42 EDT
Password can change: Mon, 29 Mar 2021 22:26:42 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# pdbedit -a dangrou
new password:
retype new password:
Unix username: dangrou
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1004
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name:
Home Directory: \\localhost\dangrou
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\dangrou\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 22:27:03 EDT
Password can change: Mon, 29 Mar 2021 22:27:03 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# pdbedit -a liujia
new password:
retype new password:
Unix username: liujia
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1005
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name:
Home Directory: \\localhost\liujia
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\liujia\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 22:27:24 EDT
Password can change: Mon, 29 Mar 2021 22:27:24 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# pdbedit -a shixisheng
new password:
retype new password:
Unix username: shixisheng
NT username:
Account Flags: [U ]
User SID: S-1-5-21-359968618-1934885811-993237958-1006
Primary Group SID: S-1-5-21-359968618-1934885811-993237958-513
Full Name:
Home Directory: \\localhost\shixisheng
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\shixisheng\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Mon, 29 Mar 2021 22:27:40 EDT
Password can change: Mon, 29 Mar 2021 22:27:40 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]#
[root@localhost ~]# pdbedit -L
root:0:root
hujin:1002:
dangrou:1004:
zhaoyu:1001:
liuwen:1003:
liujia:1005:
shixisheng:1006:
[root@localhost ~]#
在此,已实现不同用户均对共享文件夹具有增删改查权限,现在需要配置日志及回收站。
8、配置回收站
[root@localhost ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 465.8G 0 disk
鈹溾攢sda1 8:1 0 200M 0 part /boot/efi
鈹溾攢sda2 8:2 0 1G 0 part /boot
鈹斺攢sda3 8:3 0 464.6G 0 part
鈹溾攢centos-root 253:0 0 50G 0 lvm /
鈹溾攢centos-swap 253:1 0 7.8G 0 lvm [SWAP]
鈹斺攢centos-home 253:2 0 406.8G 0 lvm /home
[root@localhost ~]# cd /home
[root@localhost home]# ll
total 0
drwx------ 2 dangrou dangrou 62 Mar 29 22:24 dangrou
drwx------. 2 hrserver hrserver 62 Apr 11 2018 hrserver
drwx------ 2 liujia liujia 62 Mar 29 22:25 liujia
drwx------ 2 liuwen liuwen 62 Mar 29 05:59 liuwen
drwxrwxrwx 2 root root 24 Mar 29 22:34 samba
drwx------ 2 shixisheng shixisheng 62 Mar 29 22:25 shixisheng
[root@localhost home]# su shixisheng
This account is currently not available.
[root@localhost home]# su zhaoyu
This account is currently not available.
[root@localhost home]# mkdir recycle
[root@localhost home]# chmod 777 recycle
[root@localhost home]# ll
total 0
drwx------ 2 dangrou dangrou 62 Mar 29 22:24 dangrou
drwx------. 2 hrserver hrserver 62 Apr 11 2018 hrserver
drwx------ 2 liujia liujia 62 Mar 29 22:25 liujia
drwx------ 2 liuwen liuwen 62 Mar 29 05:59 liuwen
drwxrwxrwx 2 root root 6 Mar 29 22:46 recycle
drwxrwxrwx 2 root root 24 Mar 29 22:34 samba
drwx------ 2 shixisheng shixisheng 62 Mar 29 22:25 shixisheng
[root@localhost home]#
[root@localhost home]# vim /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 100
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
#[homes]
#comment = Home Directories
#valid users = %S, %D%w%S
#browseable = No
#read only = No
#inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[hrserver]
comment = hrserver
path = /home/samba
public = yes
valid users = liuwen,@hr,@root
write list = liuwen,@hr,@root
create mask = 0777
directory mask = 0777
read only = no
vfs object = recycle
recycle:repository = /home/recycle/%U #指定该共享文件夹的回收站目录%U是按登录的用户名分开存放
recycle:keeptree = Yes #指定是否按照删除时的目录结构存放
recycle:versions = Yes #指定是否覆盖同名的文件,yes是不覆盖
recycle:maxsixe = 0 #指定回收站目录的大小,0是不限制
recycle:exclude = *.tmp #不放入回收站的文件类型
recycle:noversions = *.doc #指定覆盖同名文件的文件类型
"/etc/samba/smb.conf" 57L, 1319C written
[root@localhost home]# systemctl restart smb
[root@localhost home]# systemctl restart nmb
[root@localhost home]# systemctl enable nmb
Created symlink from /etc/systemd/system/multi-user.target.wants/nmb.service to /usr/lib/systemd/system/nmb.service.
[root@localhost home]# systemctl enable smb
[root@localhost home]# ll
total 0
drwx------ 2 dangrou dangrou 62 Mar 29 22:24 dangrou
drwx------. 2 hrserver hrserver 62 Apr 11 2018 hrserver
drwx------ 2 liujia liujia 62 Mar 29 22:25 liujia
drwx------ 2 liuwen liuwen 62 Mar 29 05:59 liuwen
drwxrwxrwx 3 root root 20 Mar 29 22:57 recycle
drwxrwxrwx 2 root root 6 Mar 29 22:57 samba
drwx------ 2 shixisheng shixisheng 62 Mar 29 22:25 shixisheng
[root@localhost home]# cd /home/recycle #切换到回收站目录,可以看到删除过文件的用户
liuwen已经自动创建了目录
[root@localhost recycle]# ll
total 0
drwx------ 2 liuwen liuwen 24 Mar 29 22:57 liuwen
[root@localhost recycle]# cd /home/recycle/liuwen
[root@localhost liuwen]# ll
total 0
-rwxrw-rw- 1 liuwen liuwen 0 Mar 29 22:34 liuwen.txt #在此目录下找到了被删除的文件
[root@localhost liuwen]#
9、日志
[global]
workgroup = SAMBA
security = user
server string = Samba Server Version %v
log file = /var/log/samba/log.%m #日志目录
log level = 2 #日志级别
max log size = 1000 #最大日志
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
#[homes]
#comment = Home Directories
#valid users = %S, %D%w%S
#browseable = No
#read only = No
#inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[hrserver]
comment = hrserver
path = /home/samba
public = yes
valid users = @hr,@root
write list = @hr,@root
create mask = 0777
directory mask = 0777
read only = no
vfs object = recycle
recycle:repository = /home/recycle/%U
recycle:keeptree = Yes
recycle:versions = Yes
recycle:maxsixe = 0
recycle:exclude = *.tmp
recycle:noversions = *.doc
vfs object = extd_audit #引用VFS
此段参考
https://shipengliang.com/software-exp/samba%e6%97%a5%e5%bf%97%e8%be%93%e5%87%ba%e5%88%a0%e9%99%a4%e8%ae%b0%e5%bd%95.html
查看日志
[root@localhost samba]# cd /var/log/samba
[root@localhost samba]# ll
total 1704
drwx------. 4 root root 30 Mar 29 03:54 cores
-rw-r--r--. 1 root root 0 Mar 29 03:54 log.
-rw-r--r-- 1 root root 166883 Mar 30 02:46 log.10.180.108.30
-rw-r--r-- 1 root root 0 Mar 29 22:03 log.10.180.108.53
-rw-r--r--. 1 root root 0 Mar 29 03:50 log.10.180.108.55
-rw-r--r-- 1 root root 187 Mar 30 01:21 log.10.246.94.201
-rw-r--r-- 1 root root 0 Mar 29 04:13 log.69a000101484248
-rw-r--r-- 1 root root 0 Mar 29 22:03 log.69a026420025464
-rw-r--r-- 1 root root 92816 Mar 30 02:48 log.desktop-emj4o3k
-rw-r--r-- 1 root root 1028079 Mar 30 02:34 log.desktop-emj4o3k.old
-rw-r--r--. 1 root root 3158 Mar 29 22:57 log.nmbd
-rw-r--r--. 1 root root 444380 Mar 30 02:46 log.smbd
drwx------. 2 root root 6 Mar 16 11:45 old
[root@localhost samba]# cat log.desktop-emj4o3k
[2021/03/30 02:46:39.253156, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[hrserver]"
[2021/03/30 02:47:56.691734, 1] ../../source3/modules/vfs_extd_audit.c:208(audit_opendir)
vfs_extd_audit: opendir .
[2021/03/30 02:47:56.714241, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.080212, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open 鏂板缓鏂囦欢澶
[2021/03/30 02:48:01.080330, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 02:48:01.080718, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.086085, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.086203, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 02:48:01.086534, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.089623, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 02:48:01.093140, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 10
[2021/03/30 02:48:01.099301, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.100866, 1] ../../source3/modules/vfs_extd_audit.c:208(audit_opendir)
vfs_extd_audit: opendir .
[2021/03/30 02:48:01.102106, 0] ../../source3/modules/vfs_extd_audit.c:251(audit_rmdir)
vfs_extd_audit: rmdir 鏂板缓鏂囦欢澶
[2021/03/30 02:48:01.102286, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 02:48:01.103410, 1] ../../source3/modules/vfs_extd_audit.c:208(audit_opendir)
vfs_extd_audit: opendir .
[2021/03/30 02:48:01.105482, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.105564, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 02:48:01.105771, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.113874, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 02:48:01.113951, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 35
[2021/03/30 02:48:01.114131, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[root@localhost samba]#
可以看到上面有(audit_rmdir)说明删除了文件夹,那么删除的文件夹在哪里可以找到呢?
就需要在回收站中找了
[2021/03/30 03:01:42.533836, 0] ../../source3/modules/vfs_extd_audit.c:251(audit_rmdir)
vfs_extd_audit: rmdir 鏂板缓鏂囦欢澶
[2021/03/30 03:01:42.534019, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 16
[2021/03/30 03:01:42.536384, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:01:42.536451, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 16
[2021/03/30 03:01:42.536655, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:01:42.542603, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:01:42.542676, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 03:01:42.542843, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[root@localhost samba]#
[root@localhost samba]# cat /home/recycle
cat: /home/recycle: Is a directory
[root@localhost samba]# cd /home/recycle
[root@localhost recycle]# ll
total 0
drwx------ 2 liuwen liuwen 24 Mar 29 22:57 liuwen
[root@localhost recycle]# ^C
[root@localhost recycle]#
可以从日志中看到zhaoyu用户删除了文件夹,但是在回收站中并没有,难道是因为vfs object = recycle和vfs object = extd_audit冲突了?
[hrserver]
comment = hrserver
path = /home/samba
public = yes
valid users = @hr,@root
write list = @hr,@root
create mask = 0777
directory mask = 0777
read only = no
vfs object = recycle
recycle:repository = /home/recycle/%U
recycle:keeptree = Yes
recycle:versions = Yes
recycle:maxsixe = 0
recycle:exclude = *.tmp
recycle:noversions = *.doc
vfs object = extd_audit
注销掉vfs object = extd_audit
重启smb
再删除,看到日志已经不显示增删,只显示访问
[2021/03/30 03:08:33.023154, 2] ../../source3/smbd/service.c:1131(close_cnum)
desktop-emj4o3k (ipv4:10.180.108.30:49694) closed connection to service hrserver
[2021/03/30 03:08:34.082114, 2] ../../source3/smbd/service.c:851(make_connection_snum)
desktop-emj4o3k (ipv4:10.180.108.30:49770) connect to service hrserver initially as user zhaoyu (uid=1001, gid=1002) (pid 6099)
[2021/03/30 03:08:43.076772, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[printers]"
[2021/03/30 03:08:43.076940, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[print$]"
[2021/03/30 03:08:43.077078, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[hrserver]"
[2021/03/30 03:08:48.428962, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[printers]"
[2021/03/30 03:08:48.429152, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[print$]"
[2021/03/30 03:08:48.429293, 2] ../../source3/param/loadparm.c:2807(lp_do_section)
Processing section "[hrserver]"
[root@localhost samba]#
再查看回收站中
回收站还是没有回收到被zhaoyu删除的文件。
那就把这两个vbs合并吧
[hrserver]
comment = hrserver
path = /home/samba
public = yes
valid users = @hr,@root
write list = @hr,@root
create mask = 0777
directory mask = 0777
read only = no
vfs object = recycle;extd_audit
recycle:repository = /home/recycle/%U
recycle:keeptree = Yes
recycle:versions = Yes
recycle:maxsixe = 0
recycle:exclude = *.tmp
recycle:noversions = *.doc
#vfs object = extd_audit
[root@localhost zhaoyu]# systemctl restart smb
[root@localhost zhaoyu]# systemctl restart nmb
2021/03/30 03:34:04.701864, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 10
[2021/03/30 03:34:04.701951, 2] ../../source3/smbd/close.c:807(close_normal_file)
zhaoyu closed file 鏂板缓鏂囨湰鏂囨。.txt (numopen=1) NT_STATUS_OK
[2021/03/30 03:34:04.703939, 2] ../../source3/smbd/open.c:1447(open_file)
zhaoyu opened file 鏂板缓鏂囨湰鏂囨。.txt read=No write=No (numopen=2)
[2021/03/30 03:34:04.706561, 1] ../../source3/modules/vfs_extd_audit.c:208(audit_opendir)
vfs_extd_audit: opendir .
[2021/03/30 03:34:04.706957, 1] ../../source3/modules/vfs_extd_audit.c:318(audit_rename)
vfs_extd_audit: rename old: 鏂板缓鏂囨湰鏂囨。.txt newname: test.txt
[2021/03/30 03:34:04.711856, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:34:04.714717, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 10
[2021/03/30 03:34:04.717409, 2] ../../source3/smbd/close.c:807(close_normal_file)
zhaoyu closed file test.txt (numopen=1) NT_STATUS_OK
[2021/03/30 03:34:04.719898, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:34:04.719977, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 10
[2021/03/30 03:34:04.720155, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:34:04.722448, 1] ../../source3/modules/vfs_extd_audit.c:208(audit_opendir)
vfs_extd_audit: opendir .
[2021/03/30 03:34:04.727835, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:34:04.727906, 2] ../../source3/modules/vfs_extd_audit.c:294(audit_close)
vfs_extd_audit: close fd 34
[2021/03/30 03:34:04.728060, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:34:04.754004, 2] ../../source3/smbd/open.c:1447(open_file)
zhaoyu opened file test.txt read=No write=No (numopen=4)
[2021/03/30 03:34:04.757640, 2] ../../source3/smbd/close.c:807(close_normal_file)
zhaoyu closed file test.txt (numopen=3) NT_STATUS_OK
[2021/03/30 03:34:04.770173, 2] ../../source3/modules/vfs_extd_audit.c:274(audit_open)
vfs_extd_audit: open .
[2021/03/30 03:34:04.772414, 2] ../../source3/smbd/open.c:1447(open_file)
zhaoyu opened file test.txt read=No write=No (numopen=4)
[2021/03/30 03:34:04.776522, 2] ../../source3/smbd/close.c:807(close_normal_file)
zhaoyu closed file test.txt (numopen=3) NT_STATUS_OK
[root@localhost samba]# cd /home/recycle
[root@localhost recycle]# ll
total 0
drwx------ 2 liuwen liuwen 24 Mar 29 22:57 liuwen
[root@localhost recycle]# ll
total 0
drwx------ 2 liuwen liuwen 24 Mar 29 22:57 liuwen
drwx------ 2 zhaoyu zhaoyu 22 Mar 30 03:36 zhaoyu
[root@localhost recycle]# cd /home/recycle/zhaoyu
[root@localhost zhaoyu]# ll
total 0
-rwxrw-rw- 1 zhaoyu zhaoyu 0 Mar 30 03:34 test.txt
好了!!!