课程第30次
RH124: 上完1 2 3 4 5 6 7 8 9 101112 131415 16RH134: 上完 1 2 3 4 5 6 78 9 10 11 12 13 14 15
RH254: 上完 1 2 3 4 5 6 7 891011 12 13 1415
nfs+autofs+kerberos+selinux:
/etc/auto.guests:
#
# This is an automounter map and it has the following format
# key [ -mount-options-separated-by-comma ] location
# Details may be found in the autofs(5) manpage
#cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
* -rw,sec=krb5p,v4.2,soft,intr,context="unconfined_u:object_r:public_content_t:s0" 192.168.0.103:/rhosts/&
# the following entries are samples to pique your imagination
#linux -ro,soft,intr ftp.example.org:/pub/linux
#boot -fstype=ext2 :/dev/hda1
#floppy -fstype=auto :/dev/fd0
#floppy -fstype=ext2 :/dev/fd0
#e2floppy -fstype=ext2 :/dev/fd0
#jaz -fstype=ext2 :/dev/sdc1
#removable -fstype=ext2 :/dev/hdd
~ 实验的过程:
# ssh ldapuser1@desktop3.example.com
ldapuser1@desktop3.example.com's password:
Last login: Wed Sep 11 10:03:34 2019 from desktop3.example.com
$ ls -Zd
drwx------. ldapuser1 ldapuser1 unconfined_u:object_r:public_content_t:s0 .
$ ls
67
$ touch 8
$ ls -Z
-rw-r--r--. root root unconfined_u:object_r:public_content_t:s0 6
-rw-rw-r--. ldapuser1 ldapuser1 unconfined_u:object_r:public_content_t:s0 7
-rw-rw-r--. ldapuser1 ldapuser1 unconfined_u:object_r:public_content_t:s0 8
-------
多用户samba挂载:
在server3上:
# useradd wang5
# smbpasswd-a wang5
New SMB password:
Retype new SMB password:
Added user wang5.在desktop3上:
/etc/fstab:
/dev/mapper/rhel-root / xfs defaults 0 0
UUID=cae2eaaa-59ea-4c63-9c87-8e5358b6d9ac /boot xfs defaults 0 0
/dev/mapper/rhel-swap swap swap defaults 0 0
//192.168.0.103/sharedir /mnt2 cifs defaults,username=wang5,password=wang5samba,multiuser,sec=ntlmssp 0 0
~ mount-a
(不建用户wang5,guest也可以)
-------------
# cd /mnt2
ls
# ls
li4.txtzhang3.txt
# ls
li4.txtzhang3.txt
# touch 6=
touch: cannot touch ‘6=’: Permission denied
# touch 6
touch: cannot touch ‘6’: Permission denied
# su - zhang3
Last login: Wed Sep 11 11:11:15 CST 2019 on pts/1
$ cd /mnt2
$ ls
ls: reading directory .: Permission denied
$ cifscreds add 192.168.0.103
Password:
$ ls
li4.txtzhang3.txt
$ echo "zhang3-2" >>zhang3.txt
$ 由于只看用户名(而NFS要看真的uid), 所以本地的某一个test用户,也能够使用multiuser
$ cifscredsadd-u zhang3192.168.0.103
Password:
$ ls
li4.txtzhang3.txt
$ echo "zhang3-3" >> zhang3.txt
页:
[1]