- Samba — mount — user permission [closed]
- 1 Answer 1
- Монтирование сетевой папки, настройка прав
- Версия cifs-utils
- Спасибо Вам, большое.
- Реанимирую тему
- Unable to mount CIFS share on Linux: mount error(13): Permission denied (cifs_mount failed w/return code = -13)
- Add a comment
- Comments (newest first)
- Blog Tags:
Samba — mount — user permission [closed]
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
- This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
- This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
I am having trouble allowing regular user access samba mount. I can access the mount point as a root, but regular user gets «permission denied» error.
- Server is running on android CM10.1.3, Samba v3.0.20a (Samba Fileshearing app, build: 140525)
- Client is running Fedora 20, Samba client v4.1.6
Here is the mount command:
sudo mount -t cifs -o credentials=/home/david/.sambacredentials,sec=ntlm,uid=david,gid=david,file_mode=0775,dir_mode=0775 //192.168.1.12/sdcard Documents/
$ ls Documents/ ls: cannot open directory Documents/: Permission denied
And here are the mount directory permissions:
d---rwxr-x. 14 filip filip 0 Jun 26 15:30 Documents/
[global] interfaces = wlan0 bind interfaces only = yes workgroup = WORKGROUP server string = Samba on Android netbios name = FILIPSMB remote announce = 255.255.255.255 encrypt passwords = yes security = USER restrict anonymous = 1 load printers = no printcap name = /dev/null disable spoolss = yes deadtime = 5 delete readonly = yes nt acl support = no inherit permissions = yes socket options = SO_SNDBUF=16384 SO_RCVBUF=16384 local master = no unix extensions = yes [sdcard] vfs objects = fake_perms comment = Android /storage/sdcard0 path = /storage/sdcard0 force user = root read only = no writable = yes guest ok = no
Please note that SO is for programming questions. There are other sx sites for admin questions like this. Look around.
1 Answer 1
You need to create a common group that contains filip and david. E.g, as root:
group add smbusers groupmod -A david smbusers groupmod -A filip smbusers chown filip:smbusers /path/to/Documents
The documents group should be:
d---rwxr-x. 14 filip smbusers 0 Jun 26 15:30 Documents/
I do NOT recommend permissions of 0075 for Documents, so why not
chmod 0775 /path/to/Documents
The documents group will now be:
drwxrwxr-x. 14 filip smbusers 0 Jun 26 15:30 Documents/
Now try reconnecting as user. (you can also add a list of valid users for the share in smb.conf , but for now, let’s get the directory and groups in a sane configuration.)
You must also have Documents be a valid samba share (sorry, I presumed you had already done this). In smb.conf , create a Documents share (the name can be anything you like). It will look similar to this based on your previous posting)
[Documents] comment = Documents Share path = /full/path/to/Documents valid users = smbusers # the group you created holding david & filip browseable = Yes writeable = Yes
After editing smb.conf, run testparm which will check for errors and provide a dump of your shares. Then restart samba (both smb and nmb daemons). Confirm that david has access to the Documents share with:
smbclient -Udavid -Llocalhost
Then try to reconnect to Documents. (if you experience any problems with the smbclient command, then substitute your actual hostname for localhost. (that will indicate a failure in wins resolution, to correct, add the following to the global section of smb.conf:
name resolve order = lmhosts wins host bcast
Монтирование сетевой папки, настройка прав
В локальной сети есть два сентоса 7. На обоих настроена samba.
Первый используется как файловый сервер с распределенным доступом. Настроено несколько папок, разные группы подключаются, в основном с виндовских машин по паролям, проблем не было.
Сейчас с другого сентоса 7 примонтировать сетевую папку с файлового сервера как обычную, родную папку. Доступы по паролям.
[global] workgroup = WORKGROUP security = user map to guest = bad password netbios name = FileServer server string = FileServer [pm] path = /mnt/pm browseable = no writable = yes read only = no guest ok = no valid users = @pm create mask = 0777 directory mask = 0777
2. Создана папка /mnt/pm с правами 777
3. Создан пользователь pm c паролем 111111, сделала его владельцем папки папка /mnt/pm, как пользователя самбы его тоже завела.
1. Создан пользователь pm c паролем 111111
2. pm — владелец папки files, в которую монтирую сетевую папку
drwxrwxr-x 3 pm pm 33 ноя 24 17:50 files
Подключаюсь с клиента к файловому серверу:
smbclient //192.168.1.101/pm -U pm Enter pm's password: Domain=[WORKGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10] smb: \>
mount.cifs //192.168.1.101/pm/ /opt/files -o user=pm -o password=111111 mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
1. Каких прав кому не хватает?
2. Как разрешить подключение только этой группе (pm)?
Нужно найти владельца твоей мамки, вендузятник
Скорее всего, оно ругается на множественные опции, перечисляйте их через запятую.
Сам-то давно с окошек слез, петушок?
Версия cifs-utils
yum info cifs-utils Загружены модули: fastestmirror Determining fastest mirrors * base: mirror.corbina.net * epel: mirror.yandex.ru * extras: mirror.corbina.net * updates: mirror.corbina.net Установленные пакеты Название: cifs-utils Архитектура: x86_64 Версия: 6.2 Выпуск: 7.el7 Объем: 174 k Источник: installed Из источника: base Аннотация: Utilities for mounting and managing CIFS mounts Ссылка: http://linux-cifs.samba.org/cifs-utils/ Лицензия: GPLv3
А на что влияет версия? Ставила из yum.
Попробуйте добавить параметр sec=ntlm
Команда в итоге должна выглядеть так:
mount -t cifs //192.168.1.101/pm/ /opt/files -o sec=ntlm,username=pm,password=111111
Спасибо Вам, большое.
Действительно, синтаксис не тот. Примонтировалось на ура! И в автозагрузку добавила с этим же параметром sec=ntlm.
Реанимирую тему
Решение работает, директория монтируется под рутом, тему отложила.
Теперь обнаружила, что не смотря на монтирование пользователем pm, залогинившись пользователем pm я не могу зайти в примонтированную директорию. Всё тот же permission deny.
Примонтировать сетевую директорию в /opt/files — монтирую командой
mount -t cifs //192.168.1.101/pm/ /opt/files -o sec=ntlm,username=pm,password=111111
. Директория монтируется без ошибок. На файловом сервере есть пользователь pm с паролем 111111, и с паролем от самбы, также 111111, он владелец директории /mnt/pm. В самбе прописаны valid users = @pm на /mnt/pm.
Смотрю на директорию files командой
ls -la /opt/ - drwxrwx---+ 4 1019 1023 0 ноя 25 11:47 files
т.е. владельцем директории система видит не пользователя pm, а uid пользователя pm на файловом сервере. Поменять владельца files — отказано в доступе даже для root. Залогинилась пользователем pm — не могу войти в директорию files, когда в нее примонтирована сетевая директория.
У локального и удалённого юзера идентификаторы могут отличаться.
Также надо учитывать, что у вас монтирование реализовано не юзером, а рутом.
Один из способов решения:
man mount.cifs | grep -A2 '^ *[ug]id='
Unable to mount CIFS share on Linux: mount error(13): Permission denied (cifs_mount failed w/return code = -13)
There are a couple of ways how to mount a CIFS/Samba share on a Linux client. However some tutorials are outdated and meanwhile completely wrong. I just ran into a (stupid) case of a wrong mount.cifs syntax:
root@focal:~# mount -t cifs //server/Share /mnt -o rw,user=domain\myuser,password=secret
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
Unfortunately, the additional output in dmesg is not helpful to figure out the problem:
root@focal:~# dmesg
[. ]
[16444886.307684] CIFS: Attempting to mount //server/Share
[16444886.307717] No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3 (or SMB2.1) specify vers=1.0 on mount.
[16444886.539770] Status code returned 0xc000006d STATUS_LOGON_FAILURE
[16444886.539795] CIFS VFS: \\server Send error in SessSetup = -13
[16444886.539901] CIFS VFS: cifs_mount failed w/return code = -13
After additional try and errors (and looking up a recent share mount from the history), the problem turned out to be the user=domain\myuser syntax. This way of combining the domain/workgroup and the username is not working (anymore).
Note: Both user= and username= are accepted in the options.
root@focal:~# mount -t cifs «//server/Share» /mnt -o «user=myuser,password=secret,workgroup=DOMAIN»
root@focal:~# ll /mnt/
total 0
drwxr-xr-x 2 root root 0 Sep 1 2020 _Archiv
drwxr-xr-x 2 root root 0 Aug 9 12:10 Client
[..]
Of course the password should not be used on the command line, so for the final (and automatic) mount of the share use the following entry in /etc/fstab:
root@focal:~# cat /etc/fstab
[. ]
# Mount CIFS share from server
//server/Share /mnt cifs rw,relatime,vers=3.1.1,credentials=/etc/samba/servershare.conf,uid=0 0 0
Where /etc/samba/servershare.conf contains the credentials:
root@focal:~# cat /etc/samba/servershare.conf
user=myuser
password=secret
domain=DOMAIN
Add a comment
Comments (newest first)
Edgardo Pannunzio (KERNEL Consultores) from Uruguay wrote on Feb 9th, 2023:
Thanks very much !!
Your post was really helpful.
Ed from wrote on Jan 27th, 2023:
In my case (mounting win 2019 share in RHEL9) when using double apostrophe: «user=myuser. » was outputing:
«bash: !,workgroup=$MY_DOMAIN: event not found»
Switching to single apostrophe ‘user=mysers. ‘ did the trick
ck from Switzerland wrote on Nov 29th, 2022:
Keith, make sure you have the cifs-utils and smbclient packages installed on your Ubuntu. Still an error? Try to connect to the share using the smbclient command. It could also be a SMB protocol mismatch. Check out this article, describing Samba protocol configuration on the client.
Keith from United States wrote on Nov 29th, 2022:
I’ve tried for the past 3 hours, 5AM in the morning now, and I’ve tried everything from every other website and this one and still get the exact same errors. Tried it with just sudo, then root. Same thing. Host OS is ubuntu server trying to mount a network share from my Synology NAS.
AJav from wrote on Sep 19th, 2022:
simonpunk2016 from wrote on Aug 1st, 2022:
Thank you sir, never know the mount option has changed, because I just successfully mounted the cifs last month, thought my Manjaro has come to an end.
simonpunk2016 from wrote on Jul 29th, 2022:
Thank you sir, never know the mount option has changed, because I just successfully mounted the cifs last month, thought my Manjaro has come to an end.
Jesko from wrote on Feb 10th, 2022:
I had exact the same error, but different reason. On a freshly installed (old) Ubuntu 16.04 LTS (last 32Bit version). My reason was: There was no cifs-utils installed! so «sudo apt install cifs-utils» was the solution. I just write here because I crawled through hundreds of comments.
Blog Tags:
© 2008 — 2023 by Claudio Kuenzler. Powered by .
This website uses own and third-party 🍪 cookies to improve your browsing experience. By continuing using our website you agree to the Cookie and Privacy Policy. I agree