[opensuse] smbfs vs. cifs mounts to samba shares
Hello, I have a Samba share on a host server that when mounting via smbfs the users on the client machine can read and write to the dir's in the mount, however when mounting it via cifs everyone gets permission denied errors. The Samba host server has the same usernames & passwords as the client machine. Examples in /etc/fstab below; <snip> //sambahost/ftp /mnt/ftp cifs credentials=/etc/cifsusers/user1,domain=sales,file_mode=0777,dir_mode=0777,r w 0 0 *****premission denied errors with cifs***** //sambahost/ftp /mnt/ftp smbfs workgroup=sales,username=user1,password=aword,fmask=777,dmask=777 0 0 *****everything works with smbfs***** <snip> I would prefer to use cifs and utilize the credentials files. When connecting via cifs, the user in the credentials file also gets the permission denied error. How can I get cifs mounts to work with a Samba share? Thank you in advance. James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 06 May 2008 14:26, James D. Parra wrote:
<snip> //sambahost/ftp /mnt/ftp cifs credentials=/etc/cifsusers/user1,domain=sales,file_mode=0777,dir_mode=0777, r w 0 0 *****premission denied errors with cifs***** I had the same problem, and adding 'noacl,noperm' to option list for cifs resolved it for me.
Peter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, May 6, 2008 at 11:26 AM, James D. Parra
Hello,
I have a Samba share on a host server that when mounting via smbfs the users on the client machine can read and write to the dir's in the mount, however when mounting it via cifs everyone gets permission denied errors. The Samba host server has the same usernames & passwords as the client machine. Examples in /etc/fstab below;
<snip> //sambahost/ftp /mnt/ftp cifs credentials=/etc/cifsusers/user1,domain=sales,file_mode=0777,dir_mode=0777,r w 0 0 *****premission denied errors with cifs*****
//sambahost/ftp /mnt/ftp smbfs workgroup=sales,username=user1,password=aword,fmask=777,dmask=777 0 0 *****everything works with smbfs***** <snip>
I would prefer to use cifs and utilize the credentials files. When connecting via cifs, the user in the credentials file also gets the permission denied error.
How can I get cifs mounts to work with a Samba share?
Thank you in advance.
As Peter responded, you need noacl, noperm in the client machine fstab. Without these, the client tries to manage permissions on the server, even tho the server may well have different UID and GID than the client. So Bob at the client may be UID 1000 but the same Bob has uid 1368 on the server side. Unless and until you match UID/GID across the network (don't even go there) this will never work. (I can't imagine it ever working unless you used kreberos for login or something). The noacl, noperm parameters tells the client side to let the server side handle setting/checking of permissions and ownership, which is what you want for a samba server, the way its always been, and the only way that really works for most environments. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John Andersen wrote:
On Tue, May 6, 2008 at 11:26 AM, James D. Parra
wrote: Hello,
<snip> //sambahost/ftp /mnt/ftp cifs credentials=/etc/cifsusers/user1,domain=sales,file_mode=0777,dir_mode=0777,r w 0 0 *****premission denied errors with cifs*****
//sambahost/ftp /mnt/ftp smbfs workgroup=sales,username=user1,password=aword,fmask=777,dmask=777 0 0 *****everything works with smbfs***** <snip>
I would prefer to use cifs and utilize the credentials files. When connecting via cifs, the user in the credentials file also gets the permission denied error.
How can I get cifs mounts to work with a Samba share?
Thank you in advance.
As Peter responded, you need noacl, noperm in the client machine fstab.
<snip>
The noacl, noperm parameters tells the client side to let the server side handle setting/checking of permissions and ownership, which is what you want for a samba server, the way its always been, and the only way that really works for most environments.
I would suggest a closer look at the 'man mount.cifs' comments for noperm, as this could be a security issue in a multiuser environment. Though giving access via fstab does kind of make things global on the client. (For a per user option there is pam.mount). I have being using the uid and guid option with setuids for some time without issues (except a possible latency issue). In my case uid and gid are probably redundant but setuids sets up a form of dynamic local permission cache. Look at man mount.cifs again for more info... and http://pserver.samba.org/samba/ftp/cifs-cvs/linux-cifs-client-guide.pdf may help...
- -- ============================================================================== I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup ============================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFIIWyXasN0sSnLmgIRAtSIAJ9bgrkIux/8UPDgGqPtIMRTC5RYKQCeMfSd 8PvgWAwPPBwveMjz5AS1Mig= =eEcv -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, May 7, 2008 at 1:47 AM, G T Smith
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
John Andersen wrote:
On Tue, May 6, 2008 at 11:26 AM, James D. Parra
wrote: Hello,
<snip> //sambahost/ftp /mnt/ftp cifs credentials=/etc/cifsusers/user1,domain=sales,file_mode=0777,dir_mode=0777,r w 0 0 *****premission denied errors with cifs*****
//sambahost/ftp /mnt/ftp smbfs workgroup=sales,username=user1,password=aword,fmask=777,dmask=777 0 0 *****everything works with smbfs***** <snip>
I would prefer to use cifs and utilize the credentials files. When connecting via cifs, the user in the credentials file also gets the permission denied error.
How can I get cifs mounts to work with a Samba share?
Thank you in advance.
As Peter responded, you need noacl, noperm in the client machine fstab.
<snip>
The noacl, noperm parameters tells the client side to let the server side handle setting/checking of permissions and ownership, which is what you want for a samba server, the way its always been, and the only way that really works for most environments.
I would suggest a closer look at the 'man mount.cifs' comments for noperm, as this could be a security issue in a multiuser environment. Though giving access via fstab does kind of make things global on the client. (For a per user option there is pam.mount).
In a multi-user environment (multi-user on the CIFS client machine) mounting via fstab would not seem to be the way to go. In this case, you could use a mount command with individual credentials for the user. pam mount doesn't always work when the user's credentials on the server differ from those on the client. It seems there are a lot of people using noperm and noacl, google is full of hits from all different distros. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
G T Smith wrote:
John Andersen wrote:
On Tue, May 6, 2008 at 11:26 AM, James D. Parra
wrote: Hello,
<snip> //sambahost/ftp /mnt/ftp cifs credentials=/etc/cifsusers/user1,domain=sales,file_mode=0777,dir_mode=0777,r w 0 0 *****premission denied errors with cifs*****
//sambahost/ftp /mnt/ftp smbfs workgroup=sales,username=user1,password=aword,fmask=777,dmask=777 0 0 *****everything works with smbfs***** <snip>
I would prefer to use cifs and utilize the credentials files. When connecting via cifs, the user in the credentials file also gets the permission denied error.
How can I get cifs mounts to work with a Samba share?
Thank you in advance. As Peter responded, you need noacl, noperm in the client machine fstab.
<snip>
The noacl, noperm parameters tells the client side to let the server side handle setting/checking of permissions and ownership, which is what you want for a samba server, the way its always been, and the only way that really works for most environments.
I would suggest a closer look at the 'man mount.cifs' comments for noperm, as this could be a security issue in a multiuser environment. Though giving access via fstab does kind of make things global on the client. (For a per user option there is pam.mount).
I have being using the uid and guid option with setuids for some time without issues (except a possible latency issue). In my case uid and gid are probably redundant but setuids sets up a form of dynamic local permission cache.
Look at man mount.cifs again for more info...
and
http://pserver.samba.org/samba/ftp/cifs-cvs/linux-cifs-client-guide.pdf
may help...
WARNING, WARNING, the use of ,noperm will give root access to all cifs mounted shares mounted with the ,noperm options. A stray chmod -R or the like above the mount point will work all the way down the mounted client as well... -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (5)
-
David C. Rankin
-
G T Smith
-
James D. Parra
-
John Andersen
-
Peter Bloomfield