关于我们
技术分享
技术分享
Samba+Changepassword+Sendmail+rsync实现用户修改密码实时同步并备份
Samba+Changepassword+Sendmail+rsync实现用户修改密码实时同步并备份
2020-01-28
Samba类unix和windows之间的共享,可实现linux+linux和linux和windows之间共享 安装
配置yum源参
[root@130 ~]# yum install samba -y samba涉及的两个服务 smb tcp 139 445 现在的windows操作系统 nmb udp 137 138 兼容古老的操作系统,例如95、98 已淘汰 启动并设置开机自启 [root@130 ~]# systemctl start smb [root@130 ~]# systemctl enable smb. 设置防火墙 [root@130 ~]# firewall-cmd --add-service=samba success 重启之后生效 [root@130 ~]# firewall-cmd --add-service=samba --permanent success 配置文件 [root@130 ~]# cd /etc/samba/ [root@130 samba]# ls lmhosts smb.conf 配置文件结构 [root@130 samba]# egrep -v '(#|;|^$)' /etc/samba/smb.conf workgroup = MYGROUP # 想让Windows和Linux共享必须组名相同 server string = Samba Server Version %v #Samba版本 log file = /var/log/samba/log.%m #日志文件 max log size = 50 #超过最大,日志会回滚 security = user #Samba的用户必须是系统中已经存在的用户,密码可以和系统用户不同 passdb backend = tdbsam load printers = yes cups options = raw [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes 查看samba是否存在用户和密码 [root@130 ~]# pdbedit -L [root@130 ~]# 创建samba用户 samba用户必须是系统中已经存在的用户,但密码可以和系统密码不一样 [root@130 ~]# useradd tom [root@130 ~]# echo 123456 | passwd --stdin tom Changing password for user tom. passwd: all authentication tokens updated successfully. [root@130 ~]# id tom uid=1000(tom) gid=1000(tom) groups=1000(tom) [root@130 ~]# useradd jack [root@130 ~]# echo 123456 | passwd --stdin jack Changing password for user jack. passwd: all authentication tokens updated successfully. [root@130 ~]# id jack uid=1001(jack) gid=1001(jack) groups=1001(jack) 给samba用户设置密码 查看需要的命令 [root@130 ~]# yum whatprovides */smbpasswd Loaded plugins: product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. myrepo/filelists_db | 3.0 MB 00:00 freeradius-3.0.1-6.el7.x86_64 : High-performance and highly : configurable free RADIUS server Repo : myrepo Matched from: Filename : /etc/raddb/mods-available/smbpasswd samba-client-4.1.1-31.el7.x86_64 : Samba client programs Repo : myrepo Matched from: Filename : /usr/bin/smbpasswd [root@130 ~]# yum install samba-client -y 添加tom为samba用户 [root@130 ~]# smbpasswd -a tom New SMB password: Retype new SMB password: Added user tom. 修改密码 [root@130 ~]# smbpasswd tom New SMB password: 禁用用户 [root@130 ~]# smbpasswd -d tom Disabled user tom. 启用用户 [root@130 ~]# smbpasswd -e tom Enabled user tom. 删除用户 [root@130 ~]# smbpasswd -x tom Deleted user tom. [root@130 ~]# smbpasswd -a tom New SMB password: Retype new SMB password: Added user tom. [root@130 ~]# smbpasswd -a jack New SMB password: Retype new SMB password: Added user jack. 查看smaba用户 [root@130 ~]# pdbedit -L jack:1001: tom:1000: window端测试
![]
此时无法访问家目录 修改selinux的上下文 [root@130 ~]# setsebool -P samba_enable_home_dirs on
linux端测试 [root@132 ~]# yum install samba-client -y [root@132 ~]# smbclient -L //192.168.85.130 -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.1.1) jack Disk Home Directories Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Server Comment --------- ------- Workgroup Master --------- ------- [root@132 ~]# smbclient //192.168.85.130/jack -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> ls . D 0 Mon Mar 16 05:23:23 2020 .. D 0 Mon Mar 16 05:23:23 2020 .bash_logout H 18 Wed Jan 29 20:45:18 2014 .bash_profile H 193 Wed Jan 29 20:45:18 2014 .bashrc H 231 Wed Jan 29 20:45:18 2014 35836 blocks of size 524288. 34068 blocks available smb: \> quit 自动共享家目录的原因是因为配置文件 [homes] comment = Home Directories browseable = no writable = yes 如何共享一下目录/zz /test [root@130 ~]# mkdir /test [root@130 ~]# mkdir /zz [root@130 ~]# vim /etc/samba/smb.conf [test] comment = test path = /test [zz-test] comment = zz-test path = /zz [root@130 ~]# systemctl restart smb 出现zz-test文件,此时发现zz-test根本访问不了,修改上下文 [root@130 ~]# chcon -R -t samba_share_t /zz
此时zz-test可以访问
linux端测试 [root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> quit
zz-test右击新建是写不进去的 [zz-test] comment = zz-test path = /zz writable = yes [root@130 ~]# systemctl restart smb
还是写不进去
如果以后我们配置了某个服务,然后从客户端上往这个服务里写东西 但是写不进去,我们应该从以下3个方面进行检查: 1、服务器的配置是否开启了写权限 2、文件系统是否具有写权限 3、selinux(上下文|布尔值) 查看文件系统权限 [root@130 ~]# groups tom tom : tom [root@130 ~]# ls -ld /zz drwxr-xr-x. 2 root root 6 Mar 15 18:30 /zz 添加写权限 [root@localhost ~]# chmod o+w /zz [root@130 ~]# chmod o+w /zz [root@130 ~]# ls -ld /zz drwxr-xrwx. 2 root root 6 Mar 15 18:30 /zz
此时windows端可以正常写入 linux测试也可以 [root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> mkdir test11 smb: \> ls . D 0 Mon Mar 16 06:30:03 2020 .. D 0 Mon Mar 16 06:34:34 2020 新建文件夹 D 0 Mon Mar 16 06:45:15 2020 test11 D 0 Mon Mar 16 06:46:42 2020 35836 blocks of size 524288. 33925 blocks available 是否可以实现部分用户可写? 1、writable = yes 文件系统都允许写,通过配置文件来限制 [zz-test] comment = zz-test path = /zz writable = no write list = tom [root@130 ~]# systemctl restart smb 此时windows上用tom用户测试可以写
linux端用jack用户测试是写不进去的,因为配置文件不允许jack写 [root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> mkdir t NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \t 运行多个用户用","隔开 [zz-test] comment = zz-test path = /zz writable = no write list = tom,jack [root@130 ~]# systemctl restart smb 此时jack用户可以写了 [root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> mkdir jacktest # write list = @tom,@jack 允许tom组和jack组写 2、允许所有的客户端都是可写的,从文件系统更改 [zz-test] comment = zz-test path = /zz writable = yes write list = tom [root@130 ~]# systemctl restart smb [root@130 ~]# chmod o-w /zz [root@130 ~]# systemctl restart smb 现在允许jack可写 [root@130 ~]# setfacl -m u:jack:rwx /zz 此时linux端jack用户可以写 [root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> mkdir jack1 此时windows端tom用户无权限
还原 [root@130 ~]# setfacl -x u:jack /zz [root@130 ~]# chmod o+w /zz/ 凡是出现在hosts allow的都是允许的,没有出现在hosts allow的都是拒绝的 [zz-test] comment = zz-test path = /zz writable = no write list = tom hosts allow = 192.168.85.132 只允许访问的地址 [root@130 ~]# systemctl restart smb 此时windows 访问不成功,linux可以访问
[root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] smb: \> 凡是出现在deny的都是拒绝的,没有出现在deny的都是允许的 [zz-test] comment = zz-test path = /zz writable = no write list = tom hosts deny = 192.168.85.132 [root@130 ~]# systemctl restart smb 此时windows可以访问,linux被拒绝
[root@132 ~]# smbclient //192.168.85.130/zz-test -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] tree connect failed: NT_STATUS_ACCESS_DENIED 隐藏共享browseable [zz-test] comment = zz-test path = /zz writable = no write list = tom browseable = no [root@130 ~]# systemctl restart smb 重启后看不到隐藏文件
[root@132 ~]# smbclient -L //192.168.85.130/ -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 4.1.1) test Disk test jack Disk Home Directories Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Server Comment --------- ------- Workgroup Master --------- ------- 想实现指定某用户看到隐藏文件,给特定的用户设置配置文件 config file =/etc/samba/smb.conf.%U [root@130 ~]# cd /etc/samba/ [root@130 samba]# cp smb.conf smb.conf.tom [root@130 samba]# vim smb.conf.tom [zz-test] comment = zz-test path = /zz writable = no write list = tom browseable = yes [root@130 ~]# systemctl restart smb 此时使用tom用户可以看到隐藏文件,jack看不到隐藏文件
[root@132 ~]# smbclient -L //192.168.85.130/ -U jack%redhat Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Sharename Type Comment --------- ---- ------- test Disk test IPC$ IPC IPC Service (Samba Server Version 4.1.1) jack Disk Home Directories Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1] Server Comment --------- ------- Workgroup Master --------- ------- samba+changepassword+crontab项目 查看系统版本 [root@localhost ~]# cat /etc/redhat-release CentOS Linux release 7.7.1908 (Core) 修改用户名 [root@localhost ~]# vim /etc/hostname 关闭防火墙 [root@localhost ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. 关闭selinux [root@localhost ~]# vim /etc/selinux/config SELINUX=disabled init 6 安装samba [root@zbj ~]# yum install samba -y [root@zbj ~]# vim /etc/samba/smb.conf #[homes] # comment = Home Directories # browseable = no # writable = yes ; valid users = %S ; valid users = MYDOMAIN\%S 启动 [root@zbj ~]# systemctl start smb [root@zbj ~]# systemctl enable smb Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service. 查看samba用户 [root@zbj ~]# pdbedit -L 新建用户 [root@zbj ~]# useradd -s /sbin/nologin beijing [root@zbj ~]# useradd -s /sbin/nologin chengdu [root@zbj ~]# useradd -s /sbin/nologin hefei [root@zbj ~]# useradd -s /sbin/nologin jinan [root@zbj ~]# useradd -s /sbin/nologin shijiazhuang [root@zbj ~]# useradd -s /sbin/nologin xian [root@zbj ~]# useradd -s /sbin/nologin zhengzhou [root@zbj ~]# useradd -s /sbin/nologin nanjing [root@zbj ~]# useradd -s /sbin/nologin zbj 设置密码 [root@zbj ~]# passwd beijing [root@zbj ~]# passwd chengdu [root@zbj ~]# passwd hefei [root@zbj ~]# passwd jinan [root@zbj ~]# passwd shijiazhuang [root@zbj ~]# passwd xian [root@zbj ~]# passwd zhengzhou [root@zbj ~]# passwd nanjing [root@zbj ~]# passwd zbj 添加samba用户 [root@zbj ~]# smbpasswd -a beijing [root@zbj ~]# smbpasswd -a chengdu [root@zbj ~]# smbpasswd -a hefei [root@zbj ~]# smbpasswd -a jinan [root@zbj ~]# smbpasswd -a shijiazhuang [root@zbj ~]# smbpasswd -a xian [root@zbj ~]# smbpasswd -a zhengzhou [root@zbj ~]# smbpasswd -a nanjing [root@zbj ~]# smbpasswd -a zbj 查看samba用户 [root@zbj ~]# pdbedit -L beijing:1000: hefei:1002: shijiazhuang:1004: chengdu:1001: jinan:1003: xian:1005: zhengzhou:1006: nanjing:1007: zbj:1008: 新建共享文件夹 [root@zbj ~]# mkdir /合肥 [root@zbj ~]# mkdir /石家庄 [root@zbj ~]# mkdir /郑州 [root@zbj ~]# mkdir /南京 [root@zbj ~]# mkdir /北京 [root@zbj ~]# mkdir /西安 [root@zbj ~]# mkdir /济南 [root@zbj ~]# mkdir /成都 [root@zbj ~]# mkdir /公共资料 给文件夹权限 [root@zbj ~]# chmod o+w /北京 [root@zbj ~]# chmod o+w /成都 [root@zbj ~]# chmod o+w /公共资料 [root@zbj ~]# chmod o+w /合肥 [root@zbj ~]# chmod o+w /济南 [root@zbj ~]# chmod o+w /南京 [root@zbj ~]# chmod o+w /石家庄 [root@zbj ~]# chmod o+w /西安 [root@zbj ~]# chmod o+w /郑州 更改samba配置文件 [root@zbj ~]# vim /etc/samba/smb.conf security = user pam password change = no passwd chat = **NEW*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *successfully* passwd program = LANG=en_US /usr/bin/passwd %u unix password sync = yes passdb backend = smbpasswd smb passwd file = /etc/samba/smbpasswd [公共资料] comment = 公共资料 path = /公共资料 writeable = no write list = hefei,shijiazhuang,zhengzhou,nanjing,beijing,xian,jinan,chengdu,zbj [合肥] comment = 合肥 path = /合肥 writeable = no write list = hefei,zbj [石家庄] comment = 石家庄 path = /石家庄 writeable = no write list = shijiazhuang,zbj [郑州] comment = 郑州 path = /郑州 writeable = no write list = zhengzhou,zbj [南京] comment = 南京 path = /南京 writeable = no write list = nanjing,zbj [北京] comment = 北京 path = /北京 writeable = no write list = beijing,zbj [西安] comment = 西安 path = /西安 writeable = no write list = xian,zbj [济南] comment = 济南 path = /济南 writeable = no write list = jinan,zbj [成都] comment = 成都 path = /成都 writeable = no write list = chengdu,zbj 安装httpd [root@zbj ~]# yum install httpd -y [root@zbj ~]# systemctl start httpd [root@zbj ~]# systemctl enable httpd 设置apache支持cgi模块 [root@zbj ~]# vim /etc/httpd/conf/httpd.conf 去掉注释 AddHandler cgi-script .cgi AddDefaultCharset UTF-8 改成 AddDefaultCharset GB2312 [root@zbj ~]# systemctl restart httpd 安装配置changepassword [root@zbj ~]# wget http://prdownloads.sourceforge.net/changepassword/changepassword-0.9.tar.gz [root@zbj ~]# yum install tar -y [root@zbj ~]# tar -zxvf changepassword-0.9.tar.gz [root@zbj ~]# vim changepassword-0.9/conf.h char TMPFILE[]="/changepw/changepassword-shadow-XXXXXX"; char TMPSMBFILE[]="/changepw/changepassword-smb-XXXXXX"; char TMPSQUIDFILE[]="/changepw/changepassword-squid-XXXXXX"; [root@zbj ~]# mkdir /changepw [root@zbj ~]# cd changepassword-0.9 [root@zbj changepassword-0.9]# cd smbencrypt/ [root@zbj smbencrypt]# tar -xzvf libdes-4.04b.tar.gz [root@zbj smbencrypt]# cd des/ [root@zbj des]# yum install gcc -y [root@zbj des]# make [root@zbj des]# cp libdes.a ../ cp: overwrite ‘../libdes.a’? y [root@zbj des]# cd ../.. [root@zbj changepassword-0.9]# 编译安装 [root@zbj changepassword-0.9]# ./configure -enable-cgidir=/var/www/cgi-bin -enable-language=Chinese -enable-smbpasswd=/etc/samba/smbpasswd -disable-squidpasswd [root@zbj changepassword-0.9]# make && make install 更改密码 /
windows下清空samba的记录需要在dos(win+r cmd)下运行 net use * /del 运行成功后重启电脑即可。
mac登录 command+k
MAC系统下,在实用程序里面有个钥匙串访问程序 打开后,选择你忘记的那项密码 然后勾选显示密码 填写主密码后就可以显示你设置的密码内容。
定时备份
[root@zbj ~]# cat /home/backup.sh
#!/bin/bash
mkdir /home/backup
cp -r /北京/ /home/backup
cp -r /南京/ /home/backup
cp -r /合肥/ /home/backup
cp -r /成都/ /home/backup
cp -r /济南/ /home/backup
cp -r /石家庄/ /home/backup
cp -r /西安/ /home/backup
cp -r /郑州/ /home/backup
zip -r /home/backup$(date +%Y%m%d).tar.gz /home/backup
rm -rf /home/backup/
find /home/ -mtime +365 -name '*.tar.gz'|xargs rm -rf
安装sendmail邮件
一、下载软件,并安装相关依赖的perl组件
[root@zbj ~]# yum -y install perl-Net-SSLeay perl-IO-Socket-SSL
安装依赖
[root@zbj ~]# wget http://caspian.dotconf.net/menu/Software/SendEmail/sendEmail-v1.56.tar.gz
下载安装包
[root@zbj ~]# cd sendEmail-v1.56/
[root@zbj sendEmail-v1.56]# ls
CHANGELOG README README-BR.txt sendEmail sendEmail.pl TODO
进入目录sendEmail-v1.56/
[root@zbj sendEmail-v1.56]# cp sendEmail /usr/local/bin/sendEmail
[root@zbj sendEmail-v1.56]# chown root:root /usr/local/bin/sendEmail
[root@zbj sendEmail-v1.56]# ll /usr/local/bin/sendEmail
-rwxr-xr-x 1 root root 80183 Jul 31 15:14 /usr/local/bin/sendEmail
将sendEmail复制到执行目录/usr/local/bin/下,并赋予root用户权限、属组权限
二、创建脚本并赋予脚本执行权限
[root@zbj ~]# cd
[root@zbj ~]# pwd
/root
返回/root
[root@zbj ~]# vim mail.sh
#!/bin/bash
to=$1
subject=$2
body=$3
/usr/local/bin/sendEmail -o tls=auto -f ******@qq.com -t "$to" -s smtp.qq.com -u "$subject" -o
message-content-type=html -o message-charset=utf8 -xu ******@qq.com -xp ****** -m "$body"
脚本中 -f ********@qq.com表示发件人邮箱,-s smtp.qq.com 表示邮件的smtp服务器 本文中使用腾讯qq邮箱,使用
其他邮箱服务器需要修改
-xu ********@qq.com 表示发件人邮箱的用户名,-xp ********表示邮件协议授权密钥
[root@zbj ~]# chmod +x mail.sh
执行脚本测试发送邮件
[root@zbj ~]# ./mail.sh *******@qq.com test 123
test
发件人:**<********@qq.com>
时 间:2019年9月12日(星期四) 下午3:50 (UTC+0:00 伦敦、都柏林、里斯本时间)
收件人:** <********@qq.com>
123
收到的测试邮件
三、常见问题及处理:
1、当进行邮件测试时,出现invalid SSL_version ******/IO/Socket/SSL.pm line 444这样的报错时,原因是
sendEmail软件和perl里面的SSL版本不兼容导致,通过修改/usr/local/bin/sendEmail文件第1906行,不指定SSL
版本,原始文件为 if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version=> ‘SSLv3 TLSv1‘))
{ 更改后为 if (! IO::Socket::SSL->start_SSL($SERVER)) {
2、当进行邮件测试,出现ERROR => SMTP-AUTH: Authentication to smtp.qq.com:25 failed这样的报错时,
原因是邮箱要求使用第三方客户端发送邮件是必须使用授权码登录的,使用帐号密码验证时,授权码需要登录邮箱设置
中查找,有些邮件服务器需要先开启POP3服务。
[root@zbj ~]# vim sendzbj.sh
[root@zbj ~]# cat sendzbj.sh
email=y*n****x*n@*uoy***n*.*om,w*n*x**n*@*uoy***n*.*om,*u*u**n*@*uoy***n*.*om,
***n***n*02@*uoy***n*.*om,m**u*n*n*n*@*uoy***n*.*om,p*nl**n*@*uoy***n*.*om,
*ul*u***@*uoy***n*.*om,wu***n*y*@*uoy***n*.*om,l**o**ny*n*@*uoy***n*.*om,
wu**@*uoy***n*.*om,l****o@*uoy***n*.*om
title="温馨提示"
Content=哈喽,各位老师:今天该同步各地辅导出镜的信息了。Samba172.16.133.134\各地辅导共享,
下午2点前哦,有问题钉钉联系。祝:工作顺利!系统自动发送,请勿回复。
./mail.sh $email $title $Content
[root@zbj ~]# mkdir /各地辅导共享/
[root@zbj ~]# chmod a=rwx /各地辅导共享/
[root@zbj ~]# cat /home/backup.sh
#!/bin/bash
mkdir /home/backup
cp -r /北京/ /home/backup
cp -r /南京/ /home/backup
cp -r /合肥/ /home/backup
cp -r /成都/ /home/backup
cp -r /济南/ /home/backup
cp -r /石家庄/ /home/backup
cp -r /西安/ /home/backup
cp -r /郑州/ /home/backup
cp -r /各地辅导共享/ /home/backup
zip -r /home/backup$(date +%Y%m%d).tar.gz /home/backup
rm -rf /home/backup/
find /home/ -mtime +366 -name '*.tar.gz'|xargs rm -rf
使用rsync同步数据到备用服务器16上
1、安装配置rsync
[root@16 ~]# yum install rsync
[root@16 ~]# vim /etc/rsyncd.conf
uid = rsync
gid = rsync
use chroot = no
max connections = 100
timeout = 100
pid file = /var/lock/rsync.pid
lock file = /var/lock/rsync.lock
log file = /var/log/rsync.log
[mod1]
path = /rsync/134
read only = false
hosts allow = 172.16.133.0/8
auth users = vuser1
secrets file = /rsync/rsync.passwd
list = false
[mod2]
path = /成都
read only = false
hosts allow = 172.16.133.0/8
auth users = vuser2
secrets file = /rsync/rsync.passwd
list = false
2、创建运行rsync的系统用户
[root@16 ~]# groupadd -r rsync
[root@16 ~]# useradd -r -s /sbin/nologin -g rsync rsync
3、创建目录
[root@16 ~]# mkdir -pv /rsync/134
[root@16 ~]# chown rsync.rsync /rsync/134
4、启动rsync
[root@16 ~]# rsync --daemon
[root@16 ~]# rsync --daemon
[root@16 ~]# failed to create pid file /var/lock/rsync.pid: File exists
补充:rsync默认配置文件/etc/rsyncd.conf
如果想使用其他位置的配置文件,可以--config=/path/to/confFile
5、查看rsync端口(默认873)
[root@16 ~]# netstat -an | grep 873
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN
tcp6 0 0 :::873 :::* LISTEN
6、创建虚拟用户文件以及虚拟用户
[root@16 ~]# cd /rsync/
[root@16 ~]# touch rsync.passwd
[root@16 ~]# chmod 600 rsync.passwd <<<<< 该文件的权限必须是600
[root@16 ~]# vim rsync.passwd
vuser1:123
配置客户端:
客户端免密码
[root@zbj ~]# vim /etc/rsync.passwd
123
rsyncd.conf rsync.passwd
[root@zbj ~]# chmod 600 /etc/rsync.passwd
使用rsync传递文件
[root@zbj ~]# rsync -az /home/*.tar.gz vuser1@172.16.133.16::mod1 --password-file=/etc/rsyncd.passwd
[root@zbj ~]# vim rsync.sh
rsync -az /home/*.tar.gz vuser1@172.16.133.16::mod1 --password-file=/etc/rsyncd.passwd
文件的实时同步
rsync+inotify
[root@zbj ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@zbj ~]# yum install inotify-tools -y
[root@zbj ~]# rpm -ql inotify-tools
/usr/bin/inotifywait
/usr/bin/inotifywatch
/usr/lib64/libinotifytools.so.0
/usr/lib64/libinotifytools.so.0.4.1
/usr/share/doc/inotify-tools-3.14
/usr/share/doc/inotify-tools-3.14/AUTHORS
/usr/share/doc/inotify-tools-3.14/COPYING
/usr/share/doc/inotify-tools-3.14/ChangeLog
/usr/share/doc/inotify-tools-3.14/NEWS
/usr/share/doc/inotify-tools-3.14/README
/usr/share/man/man1/inotifywait.1.gz
/usr/share/man/man1/inotifywatch.1.gz
应用程序
/usr/bin/inotifywait: 真正实现文件监控程序
/usr/bin/inotifywatch :数据统计
开发inotify实时同步备份脚本
[root@16 ~]# cat /rsync/rsync.passwd
vuser1:123
vuser2:123
[root@16 ~]# cat /etc/rsyncd.conf
uid = rsync
gid = rsync
use chroot = no
max connections = 100
timeout = 100
pid file = /var/lock/rsync.pid
lock file = /var/lock/rsync.lock
log file = /var/log/rsync.log
[mod1]
path = /rsync/134
read only = false
hosts allow = 172.16.133.0/8
auth users = vuser1
secrets file = /rsync/rsync.passwd
list = false
[mod2]
path = /北京
read only = false
hosts allow = 172.16.133.0/8
auth users = vuser2
secrets file = /rsync/rsync.passwd
list = false
推送端
[root@zbj ~]# cat CheckFile.sh
#!/bin/bash
#
prog="inotifywait"
events="create,delete,modify,attrib"
iopt="-mrq"
lpath="/北京/"
rhost="172.16.133.16"
vuser="vuser2"
secfile="/etc/rsyncd.passwd"
ropt="-az --delete"
modName="mod2"
$prog $iopt --format "%w%f" -e $events $lpath | while read line
do
echo $line
sleep 3
rsync $ropt $lpath $vuser@$rhost::$modName --password-file=$secfile
done
[root@zbj ~]# bash CheckFile.sh &
测试[root@zbj ~]# crontab -l 0 2 * * * /usr/bin/bash /home/backup.sh 0 10 * * 2 /usr/bin/bash sendzbj.sh 0 3 * * * /usr/bin/bash rsync.sh
- 标签:
-
容灾备份
您可能感兴趣的新闻 换一批
热门文章
现在下载,可享30天免费试用
