[Samba] sharing an autofs nfs mount
Thibault Roulet
thibault.roulet at epfl.ch
Fri Apr 8 06:56:10 UTC 2022
In the end, why is that a bad idea to share NFS shares?
Our setup, users are only accessing their own data and I would say 99%
of the time they only read them.
In my list I have one machine running windows with a CIFS automount (and
local cifs account) and it's working fine too.
Best,
On 08.04.2022 05:00, Thomas Kamalakis via samba wrote:
> In our case we needed to mount the user home folders from the file server
> and we could never get it to work with cifs - we would get permission
> errors and a login loop in Gnome - autofs was complaining about not finding
> the kerberos ticket. That's why we also use NFSv4 for Linux clients and
> CIFS for Windows clients - it seems to work but there may be some issues
> (with file locking?) that we are unaware. Interestingly enough CIFS works
> in our nextcloud server.
>
> Before installing the fileserver, we had an old ZFS storage system from Sun
> which pretty much worked like this, it exported user home folders with both
> CIFS and NFS but used SMBv1 which is depreciated.
>
>
>
> On Thu, 7 Apr 2022, 13:34 L.P.H. van Belle via samba, <samba at lists.samba.org>
> wrote:
>
>> What "works for me"
>>
>> I have a webserver serving my SFTP service.
>>
>> I use SecureShell package for the SFTP/SCP service
>> Secure shell, makes it easy to set a chrooted homedir.
>> I set NIS (* not really needed but i use RSAT ADUC)
>> UID set
>> Homedir /srv/nfs/customers/SomeUsername/spool
>>
>> Primary gid to a linux/windows group, WITH GID assigned.
>> The login is an automounted folder in this case NFS.
>> *( unless you use cifs, then keep "domain users" )
>>
>> Now this works fine here with NFS and CIFS automounts for me.
>> Just keep in mind i "want/need" the chroot and nothing else.
>>
>>
>> The systemd file to mount the share.
>>
>> /etc/systemd/system/srv-remote-customers.mount
>> #------------
>> [Unit]
>> Description=Mount Remote Customers Homedirs
>>
>>
>> [Mount]
>> # NFS option.
>> What=FQ.DN:/exportnfs/customers
>> Where=/srv/remote/customers
>> Type=nfs
>>
>> # Cifs Option
>> What=//FQ.DN/customers
>> Where=/srv/remote/customers
>> Type=cifs
>> Options=credentials=/etc/samba/credentials-administrator,rw,vers=3.0
>> # content : /etc/samba/credentials-administrator
>> username=Administrator
>> password=XXXXX
>> domain=ADDOM
>>
>> [Install]
>> WantedBy=multi-user.target
>> #------------
>>
>> And the automount file.
>>
>> /etc/systemd/system/srv-nfs-customers.automount
>> #------------
>> [Unit]
>> Description=Automount Remote Customers Homedirs
>>
>> [Automount]
>> Where=/srv/remote/customers
>> TimeoutIdleSec=120
>>
>> [Install]
>> WantedBy=multi-user.target
>> #------------
>>
>> Make sure the needed packages are installed. *( like cifs-utils/nfs-common
>> on debian)
>> Make sure you have nfs/fq.dn and cifs/fq.dn in you keytab
>>
>> Place both files in /etc/systemd/system
>> systemctl daemon-reload
>> systemctl enable srv-remote-customers.automount
>>
>> And test.
>>
>> Greetz,
>>
>> Louis
>>
>>
>>
>>> -----Oorspronkelijk bericht-----
>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>>> Ralph Boehme via samba
>>> Verzonden: donderdag 7 april 2022 12:04
>>> Aan: Thibault Roulet; samba at lists.samba.org
>>> Onderwerp: Re: [Samba] sharing an autofs nfs mount
>>>
>>> On 4/7/22 10:47, Thibault Roulet via samba wrote:
>>>> A group of 15 Centos systems running tasks on instruments.
>>>> Experiments results are saved in a local folder on each machines.
>>>>
>>>> We need then to have a centralized place for our users
>>> where they can
>>>> get their files using a smb share and also via sftp.
>>> maybe DFS? Iow run SMB on the the 15 Centos boxes instead of NFS, but
>>> let users connect to one central DFS server that contains
>>> redirects to
>>> the 15 other servers.
>>>
>>> Cheers!
>>> -slow
>>>
>>> --
>>> Ralph Boehme, Samba Team https://samba.org/
>>> SerNet Samba Team Lead https://sernet.de/en/team-samba
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
More information about the samba
mailing list