samba-smb-权限管理

#精确到指定用户的权限
#4个用户
#2个文件夹权限 /home/public/test01 /home/public/test02
#admin  拥有 /home/public/ 所有权限
#user01 拥有 /home/public/test01 所有权限
#user02 拥有 /home/public/test02 所有权限
#user03 拥有 /home/public/test01 读取权限


#添加用户
usernames=(admin user1 user02 user03)
for i in "${usernames[@]}"
do
useradd $i
done

#添加smb权限 设置默认密码123456
usernames=(admin user1 user02 user03)
for i in "${usernames[@]}"
do
(echo 123456; echo 123456) | smbpasswd -s -a $i
done

#/etc/samba/smb.conf
vim /etc/samba/smb.conf
[global]
        ...
        config file = /etc/samba/users/%U.smb.conf


#各个用户的权限
#应该还有更好的方法,此方法比较原始。
#先解决问题再说
cat >/etc/samba/users/user03.smb.conf<<EOF
[public]
        comment = public
        path = /home/public/test02
        valid users = user03
        read list = user03
        writable = no
        browseable = no
        printable = no
        security = user
        only guest = no
EOF
cat >/etc/samba/users/user02.smb.conf<<EOF
[public]
        security = user
        path = /home/public/test02
        admin users = user02
        write list = user02
        writable = yes
        browseable = no
        printable = no
        create mask = 0755
        directory mask = 0755
EOF
cat >/etc/samba/users/user01.smb.conf<<EOF
[public]
        security = user
        path = /home/public/test01
        admin users = user01
        write list = user01
        writable = yes
        browseable = no
        printable = no
        create mask = 0755
        directory mask = 0755
EOF
cat >/etc/samba/users/admin.smb.conf<<EOF
[public]
        security = user
        path = /home/public/
        admin users = admin
        write list = admin
        writable = yes
        browseable = no
        printable = no
        create mask = 0755
        directory mask = 0755
EOF

systemctl restart smb


#查看用户的权限
#需要 browseable = yes

usernames=(admin user1 user02 user03)
for i in "${usernames[@]}"
do
ip='127.0.0.1'
smbclient -L //${ip}/public -U $i%123123
done