nfs部署以及优化
Server端配置
安装rpm服务包
yum install -y nfs-utils
创建数据挂载点
mkdir -p /data
编辑exports文件
vi /etc/exports
[root@localhost /]# cat /etc/exports
/data/ 192.168.211.0/24(rw,sync,no_root_squash)
启/停服务
/etc/init.d/rpcbind stop
/etc/init.d/nfs stop
/etc/init.d/rpcbind start
/etc/init.d/nfs start
确认
exportfs –v
[root@localhost /]# exportfs -v
/data 192.168.211.0/24(rw,wdelay,no_root_squash,no_subtree_check,sec=sys,rw,no_root_squash,no_all_squash)
[root@localhost /]#
Client配置
查看showmount命令得安装服务包
yum install -y nfs-utils
查看nfs server共享目录
showmount -e 192.168.211.128
[root@localhost /]# showmount -e 192.168.211.128
Export list for 192.168.211.128:
/data 192.168.211.0/24
[root@localhost /]#
创建client挂载点
mkdir -p /nfs-data/
挂载nfs共享目录
mount -t nfs 192.168.211.128:/data/ /nfs-data/
确认
[root@localhost nfs-data]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 39G 1.1G 38G 3% /
devtmpfs 479M 0 479M 0% /dev
tmpfs 489M 0 489M 0% /dev/shm
tmpfs 489M 6.7M 483M 2% /run
tmpfs 489M 0 489M 0% /sys/fs/cgroup
/dev/mapper/centos-home 19G 33M 19G 1% /home
/dev/sda1 497M 123M 374M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
192.168.211.128:/data 18G 1.9G 15G 12% /nfs-data
[root@localhost nfs-data]#
exports配置参数详细说明
rw:读写
ro:只读
sync同步模式,由内存数据写入硬盘
async不同步,内存数据定期写入磁盘
no_root_squash,root用户对共享目录拥有最高权限。
root_squash:root用户对共享目录权限不高,只有普通用户权限,限制了root
all_squash:不管使用nfs用户是谁,都会被限定为一个指定的普通用户身份。
anonuid、anongid:要和root_squash和all_squash一起使用,用于指定nfs用户限定后的uid和gid,前提是本机/etc/passwd中存在这个uid和gid。
showmount参数说明
showmount –e 加ip查看nfs共享情况
exportfs参数说明
-a全部挂载或者卸载
-r重新挂载
-u卸载某一个目录
-v显示共享的目录
samba部署和优化
Server端配置
安装软件
yum install -y samba samba-client
备份主配置文件
cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
编辑主配置文件
vim /etc/samba/smb.conf
# --------------------------- Logging Options -----------------------------
#
# Log File let you specify where to put logs and how to split them up.
#
# Max Log Size let you specify the max size log files should reach
///保持默认
# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
# ----------------------- Standalone Server Options ------------------------
#
# Scurity can be set to user, share(deprecated) or server(deprecated)
#
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
///保持默认
security = user
passdb backend = tdbsam
# --------------------------- Printing Options -----------------------------
#
# Load Printers let you load automatically the list of printers rather
# than setting them up individually
#
# Cups Options let you pass the cups libs custom options, setting it to raw
# for example will let you use drivers on your Windows clients
#
# Printcap Name let you specify an alternative printcap file
#
# You can choose a non default printing system using the Printing option
///保持默认
load printers = yes
cups options = raw
///***自定义***
map to guest = bad user
guest account = nobody
encrypt password = yes
smb passwd file = /etc/samba/smbpasswd
#============================ Share Definitions ==============================
///***自定义配置share ***
[share]
comment = share all
path = /tmp/samba
browseable = yes
guest ok = yes
writable = yes
printable = no
create mask = 0644
directory mask = 0755
///***自定义配置Non-share ***
[myshare]
comment = share for users
path = /samba
browseable = yes
writable = yes
public = no
guest ok = no
force user = root
printable = no
create mask = 0644
directory mask = 0755
创建share目录
mkdir /tmp/samba
chmod 777 /tmp/samba/
touch /tmp/samba/sharefiles
echo "Hello,world" >/tmp/samba/sharefiles
创建non-share目录
mkdir /samba
chmod 777 /samba
测试
testparm
建立用户
useradd user1
useradd user2
pdbedit -a user1
pdbedit -a user2
查看
pdbedit -L
Client配置
安装client软件
yum install samba-client
linux client 浏览共享
smbclient //192.168.211.128/myshare -U user1
挂载
mount -t cifs //192.168.211.128/myshare /mnt -o username=user1,password=root1234
window访问:
file://192.168.211.128
pureftp部署和优化
Server端配置
下载软件
wget http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.42.tar.bz2 --no-check-certificate
拷贝至src目录
cp pure-ftpd-1.0.42.tar.bz2 /usr/local/src/
解压tar.bz2
tar jxvf pure-ftpd-1.0.42.tar.bz2
进入解压目录
cd pure-ftpd-1.0.42
配置
./configure --prefix=/usr/local/pureftpd --without-inetd --with-altlog --with-puredb --with-throttling --with-peruserlimits --with-tls
编译
make
安装
make install
进入...-file目录
cd configuration-file/
创建../etc/目录
mkdir -p /usr/local/pureftpd/etc/
拷贝模板文件到..etc/目录
cp pure-ftpd.conf /usr/local/pureftpd/etc/pure-ftpd.conf
cp pure-config.pl /usr/local/pureftpd/sbin/pure-config.pl
更改权限
chmod 755 /usr/local/pureftpd/sbin/pure-config.pl
编辑配置文件
vim /usr/local/pureftpd/etc/pure-ftpd.conf
PIDFile /usr/local/pureftpd/var/run/pure-ftpd.pid
启动服务
./sbin/pure-config.pl ./etc/pure-ftpd.conf
关闭服务
killall puref-ftpd
创建ftp user 目录
mkdir /data/www/
useradd www
chown -R www:www /data/www/
配置虚拟账号与系统账号对应关系
/usr/local/pureftpd/bin/pure-pw useradd ftp_user1 -u www -d /data/www/
/usr/local/pureftpd/bin/pure-pw useradd ftp_user2 -u www -d /tmp
生成密码加密数据
/usr/local/pureftpd/bin/pure-pw mkdb
查看用户列表
/usr/local/pureftpd/bin/pure-pw list
删除
/usr/local/pureftpd/bin/pure-pw userdel ftp_user2
Client配置
yum install -y lftp
lftp ftp_user1@192.168.211.128
注意事项
上面是以源代码方式编译安装,启停服务得不方便,也可以采用以下yum rpm方式安装。
yum install -y epel-release expect
yum install -y pure-ftpd
/etc/init.d/pure-ftpd start
/etc/init.d/pure-ftpd status
vsftp部署和优化
Server端配置
安装包
yum install -y vsftpd db4-utils
添加虚拟用户
useradd virftp -s /sbin/nologin
编辑主配置文件
vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
hroot_local_user=YES
guest_enable=YES
guest_username=virftp
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf
编辑pam认证文件
[root@localhost vsftpd_user_conf]# cat /etc/pam.d/vsftpd
#%PAM-1.0
auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
编辑user&password文件
vim /etc/vsftpd/vsftpd_login
test1
123456
test2
abcdef
test3
root123
生成加密user&password数据文件
db_load -T -t hash -f /etc/vsftpd/vsftpd_login /etc/vsftpd/vsftpd_login.db
更改权限
chmod 600 /etc/vsftpd/vsftpd_login
创建user配置文件
mkdir /etc/vsftpd/vsftpd_user_conf
cd /etc/vsftpd/vsftpd_user_conf/
[root@localhost vsftpd_user_conf]# vi test1
local_root=/home/virftp/test1
anonymous_enable=NO
write_enable=YES
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
idle_session_timeout=600
data_connection_timeout=120
max_clients=10
max_per_ip=5
local_max_rate=50000
[root@localhost vsftpd_user_conf]# vi test2
local_root=/home/virftp/test2
anonymous_enable=NO
write_enable=YES
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
idle_session_timeout=600
data_connection_timeout=120
max_clients=10
max_per_ip=5
local_max_rate=50000
[root@localhost vsftpd_user_conf]# vi test3
local_root=/test3
anonymous_enable=NO
write_enable=YES
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
idle_session_timeout=600
data_connection_timeout=120
max_clients=10
max_per_ip=5
local_max_rate=50000
[root@localhost vsftpd_user_conf]#
创建user ftp 目录
mkdir /home/virftp/test1
mkdir /home/virftp/test2
mkdir -p /test3
chown virftp:virftp /home/virftp/ -R
chown virftp:virftp /test3/ -R
启/停vsftpd服务
/etc/init.d/vsftpd stop
/etc/init.d/vsftpd start
/etc/init.d/vsftpd status