Networking :: Mounting Cifs As User - Permissions With SUID Bit?
Jan 11, 2010
I have looked at a LOT of forum posts and other sites trying to solve this problem but I have had no luck. I've seen the following:[URL].. I have an entry in my fstab that lets root mount a samba share on a Windows Server 2003 machine and gives users full read/write access to the share. The fstab entry looks like:
//servername.net/share /mnt/share cifs rw,user,umask=000,username=someuser,noauto,file_mode=0777,dir_mode=0777 0 0
However, when a normal user tries to mount the share they get one of two errors:
1. If I have /sbin/mount.cifs set to 777
mount error(1): Operation not permitted
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
2. If I have /sbin/mount.cifs set to +s
Code: mount error: permission denied or not superuser and mount.cifs not installed SUID Does anyone have any suggestions as to how I would go about getting a user able to mount this samba share?
I need to mount a windows share on my OpenSUSE 11.3. I get it using the mount.cifs command (by itself or using cifstab), but only root can rw file. I try the uid/gid parameters (also using forceuid) and the file_mode/dir_mode parameters, but I get the same behavior: all files and directory with rwxr-xr-x permissions and root/root (user/group). I read the whole section FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS in man mount.cifs but nothing works.
I am having permissions errors every time I try to mount a windows host. I have a linux server and all the windows computers can see that computer and its files, but we wanted to start backing up the linux machine to one of our other computers. so I tried to mount one of the computers. here is the sequence of events:
Code: $mount -t cifs //192.168.1.194/Admin$ /mnt/Anita-comp password: (I have no password so I left it blank) Mount error (13): Permission Denied I tried all sorts of passwords we use around the office and none of them worked.
I then decided to try mounting one of our other computers. this one looked like it worked fine. no error messages at all. (I left password blank) so I look in my filesystem and the mounted drive is not in the /mnt/Anita-comp file. What gives?
Q: How can I allow my users to mount a cifs share without an entry in fstab in OpenSuse 11.4?
I have an answer myself. Until OpenSuse 11.2 I could mount my samba shares by making mount.cifs and umount.cifs setuid root. Today I installed OpenSuse 11.4. Unfortunately mount.cifs isn't anymore allowed to be setuid due to security concerns. Security is not an issue in my case, so I copied the mount.cifs and umount.cifs from 11.2 to make it work again:
1. Download cifs-mount-3.4.2-22.214.171.124.x86_64.rpm from this repository (I use 64 bit): "http://download.opensuse.org/distribution/11.2/repo/oss/suse/x86_64/" 2. Extract the files mount.cifs and umount.cifs from the rpm and copy them to /sbin 3. Make them setuid root:
Code: linux-y5qw:~ # chmod u+s /sbin/mount.cifs linux-y5qw:~ # chmod u+s /sbin/umount.cifs 4. Mount your cifs shares as a normal user:
and then putting it in the /usr/local/bin directory. Ok, the things seem to be fine, but then I realized that the program tries to write some config and log files. I noticed that because some warnings appear in the command line, like that Couldn't write etconfig.cfg always that I run the command as a normal user. On the other hand, if I give writing permission to these files, all the warnings disapear. But I don't think it is a good way, because someone could change these files by hand, what would not be good.
My last try was to set the suid of the script up, with the command chmod u+s /usr/local/bin/etded-server But as I already knew that suid does not work well with shell script I wrote a C source like that:
Following instructions that I received from the Fedora 10 Guide, I recently edited my etc/fstab file so that I could auto mount my Windows share. It worked the first time, but when I rebooted, I noticed an error saying that Linux could not not unmount the cifs shares. Eventually it did reboot, but now I cannot mount the share at all from fstab. When I run the command #mount -a and then #mount, my share is shown to be mounted although I cannot access it and there is no link to it on the desktop like there was the first time it mounted. I basically want my Windows share to be permanently mounted with read/write permissions. My Distro is Fedora Core 10 64 bit. How can I resolve this issue?
Hopefully this'll be an easy one (but I wasn't able to find any other posts with the exact same problem).I'm connecting to a large hard drive at work. I can mount perfectly fine. The following is the relevant line in my fstab file:
The problem is that when I try to cd to the correct directory, I get a permission denied error. I don't own the mount point, and there aren't general read/write permissions set. But if I change to superuser, I can access it no problem. I can read, write, make directories, etc. So the problem is with my computer--not the remote one.
Now, if I add the option uid=MYID, I can read and write just fine. The system makes me the owner of the directory on mounting. But that's not what I want--I'm trying to allow multiple users access to this file system. I want there to either be a neutral owner (e.g. root) with others having read/write access, or I want the owner of the mount point to be the user currently logged in.
I looked through the guides and didn't find what I was looking for. Here is what I have so far:
That's the drive I am wanting to mount with full permissions for anyone. Right now the folder only has root permissions. Is there a specific group ID I assign this in fstab so it's automatically mounted with full permissions for anyone who logs in?
i was wondering if it is possible to run a program such as firefox or any other internet program as its own user (ie user firefox), but still in my desktop session, this way the program would have its own home folder and store all the data there, while i use it normally, i was trying to set the suid on the firefox binaries but then it doesn't starts at all.
There are a couple of way to mount Samba shares, but I prefer using "autofs" which can mount them on the fly. Use the autofs daemon to have shares automatically mounted on demand. The netfs service (installed by default in Fedora) is not a daemon and can only mount shares on boot, (it can't mount them on demand).
* Install the autofs package:
Code: yum install autofs * Edit /etc/auto.master (the master map file), and comment out all lines (with #). This avoids conflicts with the CDROM (which is handled by Gnome), etc. Save the file. * Create a new file /etc/auto.cifs, with the contents of: Code: #!/bin/bash # $Id$
Just upgraded (my Worksation) to Kernel 2.6.37, but can't mount CIFS shares with password any longer - CIFS shares without password works fine. Tried upgrading Samba (on my server), which holds the shares i'm mounting, to version 3.5.6 - but same result.
Workstation: (Which I just upgraded to 2.6.37) OS: LFS-6.5 (LinuxFromScratch) Kernel: 2.6.37 #1 SMP Sun Jan 9 16:21:11 CET 2011 i686 pentium3 i386 GNU/Linux (Upgraded from 126.96.36.199 where it worked fine) IP: 192.168.65.253 mount: util-linux-ng 2.19
am trying to sync data from Server A to Server B. The destination on Server B is a CIFS share and I need to preserve timestamps, permissions, etc. on all the data that I transfer. During the rsync process, I receive thousands of errors like the one below: rsync: chown "/LBDCASAN001/JasonHarper/files/1259810304676/2010-12-22-01-00-03/0x22/0xc8/0x43/0x0a" failed: Permission denied (13)
I'm not sure if it's related at all, but my mount point on Server B has the permissions set as: drwxr-xr-x 2 root root when it is unmounted. When I mount the CIFS share, the mount point permissions change to: drwxrws---+ 3 root root
Also, here is the line from my /etc/fstab that mounts the share: //X.X.X.X/LBXXXXX001 /LBXXXXX001 cifs username=LBXXXXX001,password=XXXXXXX!,uid=0,gid=0 0 0 When I perform the rsync, I'm authenticating to Server B from Server A as root.
I've to make a Windows 2000 share on my Server Linux CentOS 5.1 with all the updates installed with yum. I've a directory on a Windows 2000 that contains some images for a catalogue. I have my internet site on CentOS 5.1 with a Apache - Mysql - PHP web server. I have to mount my directory on a share in /mnt/catalogueimages and made a symbolic link from my /var/www/html/mysite/catimages to this samba share.
This is what I do following your guide a this link: [URL] I have placed in my /etc/fstab this line: //SERVER/C/Catalogue /mnt/catalogueimages cifs user,username=Administrator,password=,uid=apache,gid=apache 0 0 My Windows 2000 server have no password.
After that I made the symbolic link: ln -s /mnt/catalogueimages /var/www/html/mysite/catimages All it's OK.
The problem is that I can't see the images via browser. I have tried also to put some images in the directory /mnt/catalogueimages, deleting the mount point, in order to see if the problem was in apache: the images are visible via browser. Why I don't reach to see the images mounted with samba?
We recently moved to a new home and I am trying to get my home file/print server set up again. Thanks to swerdna's excellent website, I got my server box (just upgraded from 11.0 to 11.2) running Samba and serving my shares over the network, and my "client" machines can access them without a problem.However, I'm not having much luck setting up CIFS mounts on my Linux desktop. I have my all-purpose user added to the Samba auth list (via smbpasswd), and configured my client as swerdna's howto's specify, and I can access the files just find. However, when I try to mount the shares with this command:
Code: mount -t cifs -o username=klein,password=klein //192.168.1.70/sharedmedia /home/zak/SharedMedia/ I get the following error:
Code: //192.168.0.242/websites /mnt/supercube cifs rw,user=XXX,pass=XXX,iocharset=utf8,file_mode=0777,file_mode=0777,dir_mode=0777,uid=XXX 0 0 But it doesn't auto mount with everything and disconnects whenever I suspend my computer. The only way to get it to mount is with Code: sudo mount -a and it mounts fine with no error.
Did lucid change the way it uses fstab or something? Obviously writing mount -a isn't a huge concern, but it kind of destroys the point of putting it in my fstab.
I'm trying to mount some CIFS shares (NetApp) to my Ubuntu 11.04 desktop (64-bit).I am mounting it as a domain user with admin rights and full control over the share.ter mounting it as root, all the files are owned by root and I can't modify them from my non-root user.Here is how I am mounting the share:
mount -t cifs -o domain=example,username=example-user,password=mypassword //myfiler.example.com/myshare$/mydir /mnt/myshare/
This share is a qtree under a volume with security type set to NTFS. (Although I have also tried security type = Mixed) We don't configure user-level access to shares on the filer, we create directories and lay down permissions on those from the Windows side. (Although I have tried explicitly adding my domain user to the access list for the share)
I've been trying for a while mounting a EMC NAS share on linux. As far as I know the NAS share behaves just like a regular windows share, so the mount process should be very similar. On the NAS server, the disc "Disc1" is shared, and I need to mount a sub-subfolder of that share. This is my line in /etc/fstab:
I've successfully mounted a network share with mount.cifs for the past 2 years using fstab with credfile.
Yesterday I moved this system to a new datacenter, but did not alter fstab or the credfile. The //server/share directory has IP rules in place, but this was updated with the new system IP while we moved the system. Now, I am mysteriously unable to automount //server/share. The local error is 13 (permission denied). The Windows server we are mounting returned a code that is defined as "username is valid but password is incorrect" Again - no changes (content or permissions) were made to my credfile or fstab entry. I've restarted netfs a few times, including rebooting the system twice. What is baffling is I can successfully mount //server/share via command line: Code: mount -t cifs //server/share /mnt/mycooldir -o username=foobar,password=1234
The username and passwords are identical in credfile and the mount options - I copied & pasted username / password from the credfile itself.
Am in the process of upgrading from an ancient OpenSuSE release (7.2) to 11.2. One thing I have been unable to do that worked fine under 7.2 is remotely mounting a compact flash drive from an XP machine. Worked fine for many moons on 7.2:
# mount -t cifs -o rw //xpbox/'cf (H)' /cf0 I get: mount error(12): Cannot allocate memory Other cifs mounts of hard disks work fine.
I found a posting that says this means the memory allocation error is from the XP side. It says to fiddle with the XP registry, specifically IRPStackSize. I was not confident this fix would work since there should not be anything significantly more consuming with 11.2 compared to 7.2, and indeed, I got the same error after changing the parameter to 18 and rebooting the XP machine. Any ideas? I have some suspicion that the space and parenthesis in the share name might be fouling up someone. XP forces the share name to this for some reason.
if lets say 'someuser' sftp's into the box what is he actually able to do?Looking at my tests he can browse any directory to which he has read permissions but is only able to delete files in /home/someuser, even if they are owned by root. On the other hand in any folder above /home/someuser he would NOT be unable to delete a file even if its chmoded 777. Can anyone please confirm these findings.
I have a Samba server running on a box where I login to admin as user: FRED The Samba users are SUE JOE - Read only for specified paths (media playback access only user) SUE can read/write to any directory under the share: Media
So all that is working fine. As long as I do file operations remotely as SUE everything works remotely. How can I make it to where everything SUE does over Samba FRED automatically has permissions to edit when logged in locally (or SSH)? Also, remember, Joe needs to be able to read where specified.
Using Dolphin in Super-User mode, I can copy files and directories from the share to itself with no errors. Using Dolphin in Normal-user mode. I get the failure "Could not change permissions for...". The file is copied, but its owner,timestamp and permissions are wrong. If a subdirectory is involved, the copy aborts.
Using Windows XP I can copy files and directories from the share to itself with no errors.
Testing: If I mount with uid and gid, then my normal user can not access the share. mount.cifs //10.x.x.x/Data /home/stevej/Synology/Data/ --verbose -o user=stevej uid=stevej gid=users
Synology DS211 - There are 2 users on it. One of which is stevej and the other is julie. Rights RWX are applied to the users and the group called users. All files have stevej as the owner and users as the group with RWX Opensuse 11.4 - There are 2 pc's. One is run as stevej. The other pc runs as julie Windows 2000 - Runs as stevej and maps to the share as stevej.
Works as expected Windows XP - Runs as julie and maps the the share as julie. Works as expected Ultimately, I want the shares to automount at boot, or login and give the user full access. I have been to Swerdna's page and done as much as I can, but still no luck.
I hope I won't get bashed too much on my first post here. The problem I'm experiencing seems to be well known, yet I haven't come across a definite solution to it while searching the forums. I've got an external drive connected to my laptop via eSATA. When I want to mount it as a normal user from GUI level, I'm required to supply the root password since apparently the system's policy doesn't allow external drives partitions to be mounted.
The closest solution to what I would like to achieve is given by giulix in this post. Yet, with the polkit-gnome-authorization utility removed from Fedora 12 (at least so I've heard on mailing lists), it's difficult to find out where to start in terms of policy editing. What I would like to have is being able to mount this volume as a normal user from GUI level. I know I could just add an entry to /etc/fstab, but it just seems so old-fashioned and tacky, and besides, it's not, um, "dynamic" and wouldn't utilize hal and dbus, so I wouldn't have an icon on the desktop. (it's not really the reason, I'd just like to have things done the way they should be right now).
Code: I'm continuing on a quest to sync my iOS4 iPhone in xubuntu lucid, and the above is what I get after mounting it with iFuse. Unsurprisingly, I can't actually use it after being mounted with permissions like that. With the iPhone unmounted, an ls -al looks like this
Code: drwxrwxrwx 2 root root 4096 2010-09-25 15:51 iPhone Has anyone even seen '?' permissions before?
When I mount an external usb drive on linux (CentOs4), the permissions are by default set to read-only. Since there are multiple users on the computer who need to use the external drive, I want everybody to have rw permission for the entire drive. I also want them to be able to mount the drive if the computer has accidentially been shut down. They can use sudo mount to mount the drive, but this will only give them read permission, and I obviously don't want to allow sudo chmod.
Is there a default setting that I can change so that every new external usb disk automatically gets rw permissions?
I'm having a hard time figuring out how to set permissions on my samba server and on mounting the share. I would appreciate help figuring things out. What I need to achieve is have a server share mounted on a computer and give read write access to the users of that client computer. Also permissions should be respected is a user limits access to a directory or file he creates.
What I did was replicate the users on both server and client computers and create an extra user on the server that has full access to the share both in linux and in samba, and I'm mounting the share on the client computer using that extra user from fstab. (Is this the best way to set things up or is there a better way?)
Now the issues I'm having; Whenever a user A creates a directory or file it's listed as created by user B. It turns out that the UID does not match on both computers. How do I fix that short or deleting and recreating the users in the proper order.
- Backup scripts running as root get lot permission denied errors writing to the share especially when using chown and chgroup. Could someone explain, or point me to an explanation of the logic behind permissions and mounting?
can't add the options uid=500,gid=500 to the ext2 volume because it says "bad option" I have 1 question. If you have a volume listed in /etc/fstab, and you try to mount it with different options than the ones listed in fstab, will it mount with the new options, or the fstab options?(e.x. if I try to mount /dev/sda6 with: mount-o auto,user,exec,rw,async. Will it mount with async or sync?)