samba, cifs, credential, and file permissions

From: Ben (none_at_none.com)
Date: 09/25/05 

Date: Sun, 25 Sep 2005 00:37:35 -0400

Hi,

I'm a somewhat new user to Samba so maybe someone can help me out or
point me in the right direction.

I have a FC4 box networked to a WinXP box. Both boxes can see each other
successfully using samba shares. My problem is when I try to mount the
windows box in linux as a user (root mounts fine). As a user, If i try:

mount -t cifs //winbox/share /mnt/foo

I get the error:

mount: only root can do that

Which doesn't surprise me terribly because I remember getting that in
FC3. A workaround I found was to give user permission on the sticky(?) bit:

chmod a+s /usr/bin/smbmnt /usr/bin/smbumount

This works here also. My first question is, is that the best way to do
that or is there a more "proper" way to do that? I was doing that on the
command line, if that IS what I should be doing would it be the same (or
easier) to put a line is /etc/sudoers ?

Now, my REAL question is thus, I want to put a line in fstab for root
and user mount. Currently the following works only if I'm root (tabs
replaced with spaces to fit on one line):

//winbox/share /mnt/foo cifs credentials=/etc/goo,user 0 0

where the file /etc/goo has my username and password. Now, the problem
is I want to protect goo so that no one can read it since it has my
password in it. However, if I set permissions on goo to 600 (or 400)
then I get the following error attempting to mount:

error 13 opening credential file /etc/goo

If I set permissions so that others can read then the mount works but
obviously this is bad. I was trying to avoid creating a special group
for just root and me and setting goo to that group as a workaround. So
what's the proper way to set this up?, i.e get the entry in fstab
(without putting my password in fstab directly) and be able to mount as
a user?

Thanks.

Ben

Relevant Pages

  • [Trouble Ticket #190335] AutoReply: freebsd-questions Digest, Vol 246, Issue 26
    ... please edit your Subject line so it is more specific ... you need to open a root xterm or even a root shell, ... boot manager is installed for this mirror and I would like to remove it ... was that NFS mount managwed ...
    (freebsd-questions)
  • Re: write/read to windows drives
    ... I went to the web site about samba previously posted and I took a piece ... root can access and write to it but I need to have everyone else to atleast ... for users,groups,permissions in vfat, just a few flags like archive,hidden,system,,, ... Thats why you use this as mount arguments. ...
    (alt.os.linux.suse)
  • Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03
    ... They can simply mount a filesystem with any number of SUID ... root binaries on it and have their way with the box. ... They have physical access to the machine. ...
    (FreeBSD-Security)
  • 2.6 kernel NFS root mount problem
    ... I'm tying to run 2.6.18 kernel on ARM AT91RM9200DK board with NFS mount ... usb usb1: Product: AT91 OHCI ... Unable to mount root fs via NFS, ...
    (Linux-Kernel)
  • NFS root mount problem
    ... I'm tying to run 2.6.18 kernel on ARM AT91RM9200DK board with NFS mount ... usb usb1: Product: AT91 OHCI ... Unable to mount root fs via NFS, ...
    (Linux-Kernel)