Yadda ake Sanya Samba4 akan CentOS 7 don Raba Fayil akan Windows

A cikin labarinmu na ƙarshe, mun nuna yadda ake shigar da Samba4 akan Ubuntu don ainihin raba fayil tsakanin tsarin Ubuntu da injin Windows. Inda muka kalli daidaitawa mara izini (mara tsaro) da amintaccen raba fayil ɗin.

Anan, zamu bayyana yadda ake shigarwa da daidaita Samba4 akan CentOS 7 (kuma yana aiki akan RHEL 7) don raba fayil na asali tsakanin sauran tsarin Linux da injin Windows.

Muhimmi: Fara daga sigar 4.0, Samba na iya gudana azaman Samba4 Active Directory Domain Controller, wanda ya haɗa da mahimman batutuwa don Ubuntu, CentOS, da Windows.

Sanya Samba4 a cikin CentOS 7

1. Da farko shigar da Samba4 da fakitin da ake buƙata daga tsoffin ma'ajin CentOS ta amfani da kayan aikin sarrafa fakitin yum kamar yadda aka nuna.

# yum install samba samba-client samba-common

2. Bayan shigar da fakitin samba, ba da damar sabis na samba da za a ba su izini ta tsarin Tacewar zaɓi tare da waɗannan umarni.

# firewall-cmd --permanent --zone=public --add-service=samba
# firewall-cmd --reload

Duba Saitunan Rukunin Aiki na Windows Machine

3. Kafin ka ci gaba da saita samba, tabbatar da cewa injin Windows yana cikin rukunin aiki iri ɗaya don daidaita shi akan uwar garken CentOS.

Akwai yuwuwar hanyoyi guda biyu don duba saitunan rukunin aikin injin Windows:

  • Dama danna kan \Wannan PC ko Kwamfuta ta → Properties → Advanced system settings → Name Computer.

  • A madadin, buɗe cmd da sauri sannan ka gudanar da umarni mai zuwa, sannan ka nemi \yankin aiki a cikin fitarwa kamar yadda aka nuna a ƙasa.

>net config workstation

Ana saita Samba4 akan CentOS 7

4. Babban fayil ɗin sanyi na samba shine /etc/samba/smb.conf, ainihin fayil ɗin yana zuwa tare da saitunan saiti waɗanda suka bayyana umarnin daidaitawa daban-daban don jagorantar ku.

Amma, kafin saita samba, Ina ba ku shawarar ɗaukar madadin fayil ɗin tsoho kamar wannan.

# cp /etc/samba/smb.conf /etc/samba/smb.conf.orig

Sannan, ci gaba da saita samba don sabis ɗin raba fayil mara suna kuma amintattu kamar yadda aka bayyana a ƙasa.

5. Da farko ƙirƙirar kundin adireshi inda za a adana fayilolin akan uwar garken kuma saita izini masu dacewa akan kundin adireshi.

# mkdir -p /srv/samba/anonymous
# chmod -R 0775 /srv/samba/anonymous
# chown -R nobody:nobody /srv/samba/anonymous

Hakanan, kuna buƙatar canza yanayin tsaro na SELinux don samba da aka raba directory kamar haka.

# chcon -t samba_share_t /srv/samba/anonymous

6. Na gaba, buɗe fayil ɗin sanyi na samba don gyarawa, inda zaku iya gyara/ƙara sassan da ke ƙasa tare da umarni masu dacewa.

# vi /etc/samba/smb.conf

[global]
	workgroup = WORKGROUP
	netbios name = centos
	security = user
[Anonymous]
	comment = Anonymous File Server Share
	path = /srv/samba/anonymous
	browsable =yes
	writable = yes
	guest ok = yes
	read only = no
	force user = nobody

7. Yanzu tabbatar da saitunan samba na yanzu ta hanyar aiwatar da umarnin da ke ƙasa.

# testparm

Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[Anonymous]"
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
	netbios name = centos
	printcap name = cups
	security = USER
	idmap config * : backend = tdb
	cups options = raw
[homes]
	comment = Home Directories
	browseable = No
	inherit acls = Yes
	read only = No
	valid users = %S %D%w%S
[printers]
	comment = All Printers
	path = /var/tmp
	browseable = No
	printable = Yes
	create mask = 0600
[print$]
	comment = Printer Drivers
	path = /var/lib/samba/drivers
	create mask = 0664
	directory mask = 0775
	write list = root
[Anonymous]
 	comment = Anonymous File Server Share
	path = /srv/samba/anonymous
	force user = nobody
	guest ok = Yes
	read only = No

8. A ƙarshe, fara kuma kunna sabis na samba don farawa ta atomatik a boot na gaba sannan kuma yi amfani da canje-canjen da ke sama don yin tasiri.

# systemctl enable smb.service
# systemctl enable nmb.service
# systemctl start smb.service
# systemctl start nmb.service

9. Yanzu akan na'urar Windows, buɗe \Network daga taga Windows Explorer, sannan danna maballin CentOS, ko kuma a yi ƙoƙarin shiga uwar garken ta amfani da adireshin IP ɗinsa (yi amfani da umarnin ifconfig don samun adireshin IP).

e.g. \2.168.43.168.

10. Na gaba, buɗe littafin Anonymous kuma gwada ƙara fayiloli a wurin don rabawa tare da sauran masu amfani.

Saita Samba4 Amintaccen Rarraba Fayil

11. Da farko a fara da samar da tsarin tsarin samba, sannan a saka masu amfani a group din sannan a sanya kalmar sirri ga kowane mai amfani kamar haka.

# groupadd smbgrp
# usermod tecmint -aG smbgrp
# smbpasswd -a tecmint

12. Sa'an nan kuma ƙirƙirar kundin adireshi mai tsaro inda za a adana fayilolin da aka raba kuma saita izini masu dacewa akan kundin adireshi tare da yanayin tsaro na SELinux don samba.

# mkdir -p /srv/samba/secure
# chmod -R 0770 /srv/samba/secure
# chown -R root:smbgrp /srv/samba/secure
# chcon -t samba_share_t /srv/samba/secure

13. Na gaba bude fayil ɗin sanyi don gyarawa da gyara/ƙara sashin da ke ƙasa tare da umarni masu dacewa.

# vi /etc/samba/smb.conf

[Secure]
	comment = Secure File Server Share
	path =  /srv/samba/secure
	valid users = @smbgrp
	guest ok = no
	writable = yes
	browsable = yes

14. Bugu da ƙari, tabbatar da saitunan saitunan samba ta hanyar gudanar da umarni mai zuwa.

$ testparm

Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[Anonymous]"
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
	netbios name = centos
	printcap name = cups
	security = USER
	idmap config * : backend = tdb
	cups options = raw
[homes]
	comment = Home Directories
	browseable = No
	inherit acls = Yes
	read only = No
	valid users = %S %D%w%S
[printers]
	comment = All Printers
	path = /var/tmp
	browseable = No
	printable = Yes
	create mask = 0600
[print$]
	comment = Printer Drivers
	path = /var/lib/samba/drivers
	create mask = 0664
	directory mask = 0775
	write list = root
[Anonymous]
 	comment = Anonymous File Server Share
	path = /srv/samba/anonymous
	force user = nobody
	guest ok = Yes
	read only = No
[Secure]
	comment = Secure File Server Share
	path = /srv/samba/secure
	read only = No
	valid users = @smbgrp

15. Sake kunna sabis na Samba don amfani da canje-canje.

# systemctl restart smb.service
# systemctl restart nmb.service

16. Jeka injin Windows, ka bude \Network daga taga Windows Explorer, sannan ka danna maballin CentOS, ko kuma ka yi kokarin shiga uwar garken ta amfani da adireshin IP.

e.g. \2.168.43.168.

Za a tambaye ku don samar da sunan mai amfani da kalmar sirri don shiga uwar garken CentOS. Da zarar ka shigar da takardun shaidarka, danna Ok.

17. Da zarar ka yi nasarar shiga, za ka ga duk samba shared directories. Yanzu a amintaccen raba wasu fayiloli tare da sauran masu amfani da aka halatta akan hanyar sadarwa ta hanyar jefa su cikin amintaccen directory.

Hakanan zaka iya bincika waɗannan labarai masu amfani game da raba fayil ɗin Samba akan hanyar sadarwa.

  1. Yadda ake Dutsen/Cewa Tsarin Fayil na Gida da hanyar sadarwa (Samba & NFS) a cikin Linux
  2. Amfani da ACLs (Jess ɗin Sarrafa Shiga) da Haɗin Samba/NFS
  3. Yadda za a gyara Rashin lafiyar SambaCry (CVE-2017-7494) a cikin Linux Systems

A cikin wannan jagorar, mun nuna muku yadda ake saita Samba4 don amintaccen raba fayil tsakanin CentOS da sauran tsarin Linux da na'urorin Windows. Raba kowane tunani tare da mu ta sashin sharhin da ke ƙasa.