linux 文件服务器搭建 ftp sftp smb httpd实现文件共享传输
服务器配置规划:
虚拟机 Oracle VM VirtualBox 6.1
linux centos7.6 最小化安装
软件安装说明:
sftp 默认安装linux 后开启,windows用户需要安装工具连接,ftp 安装vsftpd服务,配置虚拟用户,制定上传下载目录
samba:服务安装samba服务器,配置共享目录,设定特定访问权限,和所有人访问权限。访问方式windows 下 \\ip 访问。
httpd :配置文件http方式下载,仅用于浏览器实现文件下载。
系统配置
本地源离线环境配置
配置本地光盘源 文件/etc/yum.repos.d/CentOS-CR.repo
[cr]
name=CentOS-$releasever - cr
baseurl=file:///mnt/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1联网环境无需配置本地yum,联网安装使用yum即可
ftp文件服务器搭建
[root@localhost ~]# yum install vsftpd -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
cr | 3.6 kB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:3.0.2-25.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=================================================================================================================================================
Package Arch Version Repository Size
=================================================================================================================================================
Installing:
vsftpd x86_64 3.0.2-25.el7 cr 171 k
Transaction Summary
=================================================================================================================================================
Install 1 Package
Total download size: 171 k
Installed size: 353 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : vsftpd-3.0.2-25.el7.x86_64 1/1
Verifying : vsftpd-3.0.2-25.el7.x86_64 1/1
Installed:
vsftpd.x86_64 0:3.0.2-25.el7
Complete!
[root@localhost ~]# 启动vsftpd服务
[root@localhost ~]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
[root@localhost ~]# systemctl start vsftpd
[root@localhost ~]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2022-08-30 23:16:57 EDT; 1s ago
Process: 3787 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
Main PID: 3788 (vsftpd)
CGroup: /system.slice/vsftpd.service
└─3788 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
Aug 30 23:16:57 localhost.localdomain systemd[1]: Starting Vsftpd ftp daemon...
Aug 30 23:16:57 localhost.localdomain systemd[1]: Started Vsftpd ftp daemon.
[root@localhost ~]#
创建用户用于配置ftp主账户,虚拟账户权限映射到此用户
[root@localhost ~]# useradd -s /usr/sbin/nologin admin
[root@localhost ~]# echo "admin" | passwd --stdin admin
Changing password for user admin.
passwd: all authentication tokens updated successfully.
[root@localhost ~]# id admin
uid=1000(admin) gid=1000(admin) groups=1000(admin)
[root@localhost ~]# mkdir /data
[root@localhost ~]# chown -R admin:admin /data
[root@localhost ~]# ls -ld /data
drwxr-xr-x. 2 admin admin 6 Aug 30 23:20 /data
[root@localhost ~]# 停止防火墙,关掉selinux
[root@localhost vsftpd]# systemctl stop firewalld
[root@localhost vsftpd]# systemctl disable firewalld
[root@localhost vsftpd]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@localhost vsftpd]# 关闭selnux 之后重启系统
配置vsftpd.conf,配置参考
chroot_list_file=/etc/vsftpd/chroot_list 配置限制用户登陆ftp后切换家目录。
user_config_dir=/etc/vsftpd/vir_user_conf 配置虚拟用户配置文件目录。
vi vsftpd.conf 如下配置文件
anonymous_enable=NO
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
allow_writeable_chroot=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
userlist_enable=YES
tcp_wrappers=YES
pam_service_name=vsftpd
guest_enable=YES
guest_username=admin
user_config_dir=/etc/vsftpd/vir_user_conf
virtual_use_local_privs=YES配置vsftpd,配置虚拟用户,创建v_user.txt 编辑加入分别为账号密码分别一行,这里配置了三个虚拟用户,admin,admin1,admin2。
[root@localhost vsftpd]# cat v_user.txt
admin
admin
admin1
admin1
admin2
admin2
[root@localhost vsftpd]# db_load -T -t hash -f v_user.txt v_user.db
[root@localhost vsftpd]# ls
ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh v_user.db v_user.txt虚拟用户配置文件,创建vir_user_conf,目录下创建针对虚拟用户的配置文件,创建三个用户登陆的家目录分别为/data/ftp/{admin,admin1,admin2},用户配置文件为 /etc/vsftpd/vir_user_conf/{admin,admin1,admin2},最后需要修改/data/ftp/目录文件为admin:admin
[root@localhost vsftpd]# mkdir -p /etc/vsftpd/vir_user_conf/
[root@localhost vsftpd]# mkdir -p /data/ftp/{admin,admin1,admin2}
[root@localhost vsftpd]# touch /etc/vsftpd/vir_user_conf/{admin,admin1,admin2}
[root@localhost vsftpd]# touch /data/ftp/admin/admin-test
[root@localhost vsftpd]# touch /data/ftp/admin1/admin1-test
[root@localhost vsftpd]# touch /data/ftp/admin2/admin2-test
[root@localhost vsftpd]# chown -R admin:admin /data/
[root@localhost vsftpd]# ls -lR /data/ftp/
/data/ftp/:
total 0
drwxr-xr-x. 2 admin admin 24 Aug 30 23:44 admin
drwxr-xr-x. 2 admin admin 25 Aug 30 23:44 admin1
drwxr-xr-x. 2 admin admin 25 Aug 30 23:44 admin2
/data/ftp/admin:
total 0
-rw-r--r--. 1 admin admin 0 Aug 30 23:44 admin-test
/data/ftp/admin1:
total 0
-rw-r--r--. 1 admin admin 0 Aug 30 23:44 admin1-test
/data/ftp/admin2:
total 0
-rw-r--r--. 1 admin admin 0 Aug 30 23:44 admin2-test
[root@localhost vsftpd]#
admin用户配置文件
复制代码
local_root=/data/ftp/admin
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
复制代码
admin1用户配置文件
复制代码
local_root=/data/ftp/admin1
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
复制代码
admin2配置文件
复制代码
local_root=/data/ftp/admin2
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
复制代码
配置pam文件/etc/pam.d/vsftpd,加入以下文本,其余的注释掉
auth required pam_userdb.so db=/etc/vsftpd/v_user
account required pam_userdb.so db=/etc/vsftpd/v_user
限制ftp用户切换目录,将需要限制的用户加入chroot_list
[root@localhost vsftpd]# cat chroot_list
admin
[root@localhost vsftpd]#
重启vsftpd,登陆验证
登陆admin,验证切换目录,验证文件上传
文件上传成功,切换目录限制成功,用户不能切换到其他目录, 验证admin1 用户,验证切换目录,验证文件上传
验证成功,用户上传成功,用户无限制,可以切换目录, 验证admin2 用户,验证切换目录,验证文件上传
文件上传下载成功,目录切换无限制,可以切换根目录。
搭建samba服务器
操作步骤如下脚本参考
yum install samba -y
修改配置文件 /etc/samba/smb.conf
复制代码
[smbshare]
comment = share my file
path = /data/smb/
browseable = yes
public = no
writeable = yes
valid users =@admin
create mask = 0664
directory mask = 0775
force user = admin
force group = admin
available = yes
unix charset = UTF-8
dos charset = cp936
[share]
comment = share all
path = /tmp/
browseable = yes
public = yes
writable = no
复制代码
创建/data/smb文件夹,将权限修改为admin:admin,修改smb服务使用的admin账户密码,修改后才能登陆
复制代码
[root@localhost ~]# mkdir /data/smb/ -p
[root@localhost ~]# chown -R admin:admin /data/smb/
[root@localhost ~]# pdbedit -a -u admin
new password:
retype new password:
Unix username: admin
NT username:
Account Flags: [U ]
User SID: S-1-5-21-3787976277-2559902122-3613698349-1000
Primary Group SID: S-1-5-21-3787976277-2559902122-3613698349-513
Full Name:
Home Directory: \\localhost\admin
HomeDir Drive:
Logon Script:
Profile Path: \\localhost\admin\profile
Domain: LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Wed, 06 Feb 2036 10:06:39 EST
Kickoff time: Wed, 06 Feb 2036 10:06:39 EST
Password last set: Wed, 31 Aug 2022 01:29:43 EDT
Password can change: Wed, 31 Aug 2022 01:29:43 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[root@localhost ~]# systemctl restart smb
[root@localhost ~]# 验证登录
网页文件服务器搭建
方便余仅供于网页版下载文件使用,使用web界面无需下载部分插件,下载使用兼容性强。
安装httpd服务
yum install httpd -y
登录网页
修改/var/www/html ,删除原来的html文件夹,新建html软连接链接到需要共享的目录,修改配置文件welcome.conf 参数Options -Indexes修改为为Options +Indexes,
[root@localhost ~]# ll /var/www/html
lrwxrwxrwx 1 root root 10 Aug 25 23:21 /var/www/html -> /data/smb/
welcome.conf 配置如下
复制代码
[root@localhost ~]# cat /etc/httpd/conf.d/welcome.conf | grep -v ^#
<LocationMatch "^/+$">
Options +Indexes
ErrorDocument 403 /.noindex.html
</LocationMatch>
<Directory /usr/share/httpd/noindex>
AllowOverride None
Require all granted
</Directory>
Alias /.noindex.html /usr/share/httpd/noindex/index.html
[root@localhost ~]#
复制代码
乱码解决:
乱码解决,修改httpd.conf 配置文件,加入IndexOptions Charset=UTF-8,重新启动服务。
配置如下,列出部分代码配置
复制代码
AddDefaultCharset UTF-8
IndexOptions Charset=UTF-8
<IfModule mime_magic_module>
#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
MIMEMagicFile conf/magic
</IfModule>
修改配置后
淘宝小店,欢迎你的光临,可定制你的需求
https://shop340822098.taobao.com/
浙公网安备 33010602011771号