[linux-cifs-client] Improving auto.smb for user mounts
simo
idra at samba.org
Mon Jan 28 22:29:37 GMT 2008
On Mon, 2008-01-28 at 16:47 -0500, Joe Krahn wrote:
> Linux support for krb5 is good. I didn't know about the new sec= feature
> in mount.cifs. I'll experiment with using krb5.
>
> The complication of transparent authentication is that file permissions
> can't just be mapped to POSIX user+group.
We have id mapping.
> If one user accesses a share,
> how do you manage another user accessing the same share?
New session setup, the server enforces access.
> Do they also
> need a password to access the already-mounted directory?
They will need cached kerberos credentials, or a password, they get
retrieved via an upcall mechnism.
> It sort of
> needs something like PAM for file access control.
I don't get what this means exactly.
> Maybe some of the
> NFSv4 features will make this possible?
Dunno, but afaik we don't need anything fancy but find time to write
code we already planned to write.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>
More information about the linux-cifs-client
mailing list