[Samba] autofs + cifs + kerberos

steve steve at steve-ss.com
Fri Sep 5 23:23:52 MDT 2014

On Sat, 2014-09-06 at 03:56 +0800, Sketch wrote:
> On Fri, 5 Sep 2014, steve wrote:
> > It depends how you mount the share. If you are still relying on user
> > caches with user=, I doubt whether they will be owned by root. Have you
> > tried the keytab method? That way they will be owned by root and the
> > automounter will use them.
> I assumed that using user=cifs, and having the keytab for user cifs in 
> /etc/krb5.keytab would make it use the keytab entry.  In fact, I just 
> tested it and it doesn't matter whether I put user=cifs in the autofs map, 
> I don't see a user= in /proc/mounts.
> # cat /proc/mounts |grep cifs
> //fileserver/public/ /share/public cifs rw,relatime,sec=krb5,cache=loose,unc=\\fscluster\public,multiuser,uid=0,noforceuid,gid=0,noforcegid,addr=,unix,posixpaths,serverino,acl,noperm,rsize=1048576,wsize=65536,actimeo=1 0 0
> and the autofs map:
>    public | -fstype=cifs,sec=krb5,multiuser ://fileserver/public

mmm. No, that won't work because you haven't specified the user. Try
creating or nominating a user with rfc2307 attributes to mount the
share. Add that user to the keytab:


More information about the samba mailing list