Mounting a workgroup or machine
Peter J. Holzer
hjp at wsr.ac.at
Wed Apr 19 13:36:29 GMT 2000
On 2000-04-19 15:51:23 +1000, Peter Samuelson wrote:
>
> [catlee at canada.com]
> > Is it possible to allocate a portion of your file system to act like
> > Network Neighbourhood on Windows? For example, I'd like to mount my
> > work group on /mnt/samba so that I can access files by going to
> > /mnt/samba/<host>/<share>/foo/bar.txt
>
> What you want *might* be possible, if you can find the winning
> combination of autofs and smbfs. I don't have much experience with
> autofs, however, so that's all I can tell you.
>
> The Network Neighborhood is a very un-Unixy entity, though. It works
> on Windows boxes because Microsoft is able to make some simplifying
> assumptions that aren't too appropriate on Unix. Two that I can think
> of: (a) There is only one possible shell, EXPLORER.EXE, and incest with
> kernel filesystem internals is not considerd a problem; (b) There is
> only one user logged on, so there's never any difficulty determining
> which set of credentials to use.
Both doesn't seem too much of a problem to me.
The shell (or other program) is irrelevant if there is a
"workgroup-filesystem", which can be mounted. Each Host and Share should
look just like a directory.
The second is a bit more complicated, and not really well implemented in
smbfs. However, I think this could be done better:
* I understand that the SMB protocol allows multiplexing of sessions for
several users over the same connection. Even if this is problematic,
you could just open several connections (one for each user). There
are also Unix extensions for the SMB protocol.
* The kernel knows which uid a process has, and can use the correct
session for this user, if it is already established.
* Now comes the hard part: To establish a session, the kernel needs to
know the user's username and password on the server. There isn't any
standard mechanism for this in the Unix kernel API, but there are a
few "open-ended" interfaces like special devices, /proc or fcntl which
could be (ab)used for this purpose. I understand that HP's CIFS/9000
client does something like this.
The most difficult thing to get right is IMHO how long the kernel
should cache these credentials and how it can ask the user to
reprovide them when they expire. However, Kerberos has similar
problems, so one could look how they have solved them.
hp
--
_ | Peter J. Holzer | The best way to make sure something is
|_|_) | Sysadmin WSR / LUGA | "standard" today is to get an O'Reilly
| | | hjp at wsr.ac.at | book written on the topic.
__/ | http://www.hjp.at/ | -- Casey Schaufler <casey at sgi.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 371 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20000419/c6793ee8/attachment.bin
More information about the samba
mailing list