Smbmount password interfaces

W. Michael Petullo mike at
Mon Nov 11 17:06:08 GMT 2002

I'm the new maintainer of pam_mount, a PAM module that allows SMB (and
other types of) volumes to be mounted for a user when he logs in using
his system password.  In the past, pam_mount has passed a volume password
to smbmount using the -P parameter or PASSWD environment variable.

This is not acceptable, as any user can learn other's passwords with
some creative ps usage.  However, smbmount does not currently allow a
more secure means to enter passwords.

Using a credentials file is not really appropriate for pam_mount either.
Pam_mount needs to be able to get the system password from PAM and ship
it off to smbmount somehow.  A static password file does not really
work nicely.

When patched with the GNU/Linux CryptoAPI patch, mount allows
passwords to be read from stdin if the -p parameter is used:

mount -p0 ...

The number is the file descriptor to read the password from.

Could you implement a similar option in smbmount?  When the current
version of smbmount prompts for a password, it tries to read it from
/dev/tty.  Allowing a user to tell smbmount to read its password from
stdin would make smbmount more flexible in pipelines.



More information about the samba-technical mailing list