/etc/fstab entry to allow users to mount samba shares

Urban Widmark urban at teststation.com
Tue Apr 23 13:40:02 GMT 2002

On Tue, 23 Apr 2002, Lars Heineken wrote:

> I tried to make an entry in /etc/fstab to enable users to mount a
> specific samba-share (here: //Heineken/CD-ROM)
> //Heineken/CD-ROM /mnt/HeinekenCDROM smbfs user,auto,username="x",
password"x"0 0
> the only way to make this work is that the mount-destination is owned
> by the user who want's to mount. So "lars" for example can do the
> mount if /mnt/HeinekenCDROM is owned by "lars". As I don't want a
> speparate mountpoint for each user, how can I solve this the "right"
> way. Just like a CD-ROM mount ?

The right way is to throw away smbmount and use smbconnect. The problem 
you are seeing is that mount reads the fstab but doesn't do anything with 
the entries and just passes them to smbmount.

smbmount then does the mount syscall that mounts smbfs, but it doesn't
(want to) understand the options mount has and interprets them differently
(eg user).

smbconnect would mean that mount does the mount syscall, and also all the
user/auto/noexec parsing so it would be identical to all other fs'. smbfs
then calls smbconnect to get the connection.

The only problem with this is that smbconnect only exists on one of my
machines and is not very well tested.

There are a few other options that may be seen as less experimental:

* automount

Use autofs or some other automounter. Judging from the mount options you
don't care if a user can access the cd some other user mounted.

With autofs the following:

/mnt/heineken	/etc/auto.heineken	--timeout=60

cdrom	-fstype=smbfs,username=x,password=x	://Heineken/CD-ROM

would mount the cdrom when someone tried to access /mnt/heineken/cdrom.
A potential problem might be what happens when the cd is ejected on the
other end. I know I have never tested that ...

* setuid root mount_heineken_cdrom

Another way to do this is to make a small setuid root program to do this
mount. For safety all options should hardcoded into the program.

* modify smbmnt

The rule that only the user may mount on dirs he owns is implemented in
smbmnt. You have the code, change it. Do note that it is a security risk
to let users mount things wherever they want ...


More information about the samba-technical mailing list