nfs-samba
DESCRIPTION
linuxTRANSCRIPT
RH253
Red Hat Network Services and Security Administration
Welcome!
2
Objectives
Understanding and Managing NFS Server Understanding NFS NFS Server Configuration
Creating Shares NFS Client Configuration
Mounting NFS Shares Understanding and Managing SAMBA Server
Understanding SAMBA Server SAMBA Server Configuration
Creating Shares SAMBA Client Configuration
Accessing SAMBA Shares
3
Understanding and Managing NFS Server
4
What is NFS?
A Network File System (NFS) allows remote hosts to mount file systems over a network and interact with those file systems as though they are mounted locally. This enables system administrators to consolidate resources onto centralized servers on the network. The Network File System (NFS) is the standard for sharing files on a directory with Linux and Unix computers. It was originally developed by Sun Microsystems in the mid-1980s.
You can create shared NFS directories directly by editing the
/etc/exports/etc/exports configuration file, or you can create them with Red Hat's
NFS Configuration tool.
5
NFS:- Benefits and Problems
Benefits:Benefits:-> DFS that allows local access to remote files.-> Uses standard client/server architecture.-> Using NFS the server “export” his data to other clients.-> Provide centralize storage solution.-> Users get their data irrespective of physical location.Problems:Problems:-> Network congestion.-> Heavy disk activity on NFS server.-> Its design assume a trusted environment, not a hostile
environment.-> NFS is based on RPC (Remote Procedural Call) which is easy to
exploit.-> For Security reasons – NFS cannot be used over Internet.
6
NFS Services portmapportmap : Map calls made from other machines nfsnfs : Translates NFS requests in requests on the local
system rpc.mountdrpc.mountd : Mounts and Unmounts filessystems
7
Server Configuration : Sharing Files Exported files are defined in main configuration file /etc/exports/etc/exports Examples : - vi /etc/exports /data *.example.com(ro,sync) station1.cracker.org(rw,sync) /data 192.168.0.0/255.255.255.0(ro,sync) Then After Exporting Files service portmap start service nfs start chkconfig --level 35 portmap on chkconfig --level 35 nfs on
8
Client Configuration : Mounting Shares Mounting can be done by using following methods Mount command [ Temporary ] mount -t nfs 192.168.0.254:/data /mntmount -t nfs 192.168.0.254:/data /mnt /etc/fstab file [ Permanent ] 192.168.0.254:/data 192.168.0.254:/data /mnt nfs defaults 0 0 /mnt nfs defaults 0 0
Mounting NFS share on two directories on same systemFirst mount to /home/data
mount -t nfs x.x.x.x:/data /home/data
Now bind /home/data to /backup
mount --bind /home/data /backup
9
NFS Commands showmount -eshowmount -e :shows the available shares exportfs -vexportfs -v :Displays a list of shares files and options on a server exportfs -aexportfs -a :Exports all shares listed in /etc/exports ,or given name exportfs -uexportfs -u :Unexports all shares listed in /etc/exports ,or given
name exportfs -rexportfs -r :Refresh the server’s list after modifying /etc/exports
NFS & TCP Wrappers:
Two services are required for TCP wrappers -
Mountd
portmap
10
Understanding and Managing SAMBA Server
11
What is SAMBA?
Samba is a software package that comes with RHEL that lets you share file systems and printers on a network with computers that use the Session Message Block (SMB) protocol. SMB is the protocol that is delivered with Windows operating systems for sharing files and printers
You can do four basic things with SambaYou can do four basic things with Samba:
Share a Linux directory tree with Windows and Linux/Unix computers
Share a Windows directory with Linux/Unix computers Share a Linux printer with Windows and Linux/Unix computers Share a Windows printer with Linux/Unix computers
12
SAMBA Services smbdsmbd : Main File and Printer Sharing Service nmbdnmbd : Act as WINS Server
13
Managing SAMBA Server Samba Server can be configured by two methods
Configuration in /etc/samba/smb.conf/etc/samba/smb.conf File Using Configuration GUI Tool system-config-samba system-config-samba
14
SAMBA Server side configuration Step1 : Creating samba shares vi /etc/samba/smb.confvi /etc/samba/smb.conf
[mysharename][mysharename]
comment = My Shares from Station1 comment = My Shares from Station1
path = /mysharepath = /myshare
valid users = marcvalid users = marc
invalid users = rootinvalid users = root
public = nopublic = no
writable = yeswritable = yes
browseable = yesbrowseable = yes
15
SAMBA Server side configuration For sharing files other than home directories, label them as samba_share_t.
So if you created a special directory /common, you would need to label the directory with the chcon tool.
chcon -t samba_share_t /common
Step 2: Test configuration testparm Step 3: Adding User to samba share who can access samba share smbpasswd -a marc Step 4: Starting SAMBA service service smb start chkconfig --level 345 smb on Step 5 :Testing SAMBA Shares smbclient -L //station1.example.com
16
SAMBA Server side configuration
SELinux Portion (if SELinux is enabled on the system,which will be enabled
in RHCE examination)
Check the SELinux boolean by command:
getsebool -a | grep samba
Permit all the SELinux booleans coming in the output:
setsebool -P samba_enable_home_dirs on
setsebool -P samba_share_nfs on
setsebool -P use_samba_home_dirs on
setsebool -P allow_smbd_anon_write on
17
SAMBA Client Configuration Client can access samba shares using following methods smbclient //x.x.x.x/myshare smbclient //x.x.x.x/myshare -U -U usernameusername smbmount //station1/myshare /mnt -o username=marcsmbmount //station1/myshare /mnt -o username=marc
Samba Mounts in /etc/fstab file
//station1/myshare /mnt cifs defaults,username=marc 0 0//station1/myshare /mnt cifs defaults,username=marc 0 0 //station1/myshare /mnt cifs defaults,credentials=/etc/cred.txt 0 0//station1/myshare /mnt cifs defaults,credentials=/etc/cred.txt 0 0
Then Create /etc/cred.txt vi /etc/cred.txtvi /etc/cred.txt username=marcusername=marc password=passwordpassword=password
18
Samba Mounts in /etc/fstab file
vi /etc/fstabvi /etc/fstab //station1/myshare /mnt smbfs defaults,username=marc 0 0//station1/myshare /mnt smbfs defaults,username=marc 0 0
Using Credentials FileUsing Credentials File vi /etc/fstabvi /etc/fstab //station1/myshare /mnt smbfs defaults,credentials=/etc/cred.txt 0 0//station1/myshare /mnt smbfs defaults,credentials=/etc/cred.txt 0 0
Then Create /etc/cred.txt vi /etc/cred.txtvi /etc/cred.txt username=marcusername=marc password=passwordpassword=password
?Questions