Nico Kadel-Garcia wrote:
On Thu, Apr 8, 2010 at 2:08 PM, Gary Dale <garyd...@rogers.com> wrote:
Christian PERRIER wrote:
Quoting Gary Dale (garyd...@rogers.com):
Now perhaps I'm missing something, but I have no trouble with users
mounting nfs shares. The idea that users can't mount cifs shares
strikes me as odd and an unnecessary impediment.
How about turning the binary we provide in Debian to setuid on the
systems where you want it to be this way, by using
dpkg-statoverride(8)?
Actually, I was just responding to Nico's assertion that disabling setuid is
a seatbelt. The idea that mounting shares should be restricted to root is,
imho, a cure that is worse than the disease. :)
It's safer *default* behavior. If you want non-root users to be able
to mount, you can create a table of mounting options in auto.master or
in another auto.cifs file that will translate the mounting options
into something available to users, with wildcards to allow access to
alternative servers or shares.
I've been trying without success to get even a basic auto.cifs working
following the howto at
http://www.howtoforge.com/accessing_windows_or_samba_shares_using_autofs.
I installed autofs v5.0.4 from the Debian/Squeeze repository and created
the /etc/auto.cifs file. I made it executable and changed the mountopts
line to:
mountopts="-fstype=cifs,file_mode=0644,dir_mode=0755,uid=garydale,gid=users".
I created a /etc/auto.smb.<filesever> file and gave it my credentials.
Then I added the auto.cifs line to the auto.master file and restarted
the autofs system.
I then fixed a few errors I was getting re. my domain name by adding an
automount: nis files line to /etc/nsswitch.conf and also running
domainname <mydomain>.
At this point I can run ls -als /cifs/<fileserver> and see all the
exported shares, etc. from that server. However the shares are not
mounted. Checking syslog I now find an error "Status code returned
0xc000005e NT_STATUS_NO_LOGON_SERVERS".
Google only finds two hits on this message, neither of which was
helpful. I know my Windows desktops are logging in to the domain as
their profiles are updated when they do.
Anyway, this leaves me with some questions.
1) do you have any idea on how to fix the error?
2) even if I do, I think I need more information on how auto.cifs can
help. If I replace the uid=garydale with something like uid=$USER, won't
that just pick up the uid as root, the context in which the mount is
running?
3) the credentials file for autofs seems to only allow a single
username+password combo for each mount. Is there a way around this?
4) can the credentials be updated automatically when the user changes
their password?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
