[Samba] sharing an autofs nfs mount
Robert Marcano
robert at marcanoonline.com
Fri Apr 8 13:16:16 UTC 2022
On 4/7/22 11:00 PM, Thomas Kamalakis via samba wrote:
> In our case we needed to mount the user home folders from the file server
> and we could never get it to work with cifs - we would get permission
> errors and a login loop in Gnome - autofs was complaining about not finding
> the kerberos ticket. That's why we also use NFSv4 for Linux clients and
> CIFS for Windows clients - it seems to work but there may be some issues
> (with file locking?) that we are unaware. Interestingly enough CIFS works
> in our nextcloud server.
>
> Before installing the fileserver, we had an old ZFS storage system from Sun
> which pretty much worked like this, it exported user home folders with both
> CIFS and NFS but used SMBv1 which is depreciated.
We don't mount entire home directories via nfs, but we mount the user
Documents folder via NFS (really a link to some mounted NFS path on
/nfs/..../user)
For Windows clients the same directory that is shared via NFS is shared
via Samba and via policies redirected from My Documents.
In this entire setup there is no Samba over NFS, the server that has the
documents folders share the local filesystems via NFS and Samba.
For this we use Samba Posix ACLS only, and this doens't limit features
or anything because as these share are to be used by a single user, so
no complex ACLs are required.
>
>
>
> On Thu, 7 Apr 2022, 13:34 L.P.H. van Belle via samba, <samba at lists.samba.org>
> wrote:
>
>> What "works for me"
>>
>> I have a webserver serving my SFTP service.
>>
>> I use SecureShell package for the SFTP/SCP service
>> Secure shell, makes it easy to set a chrooted homedir.
>> I set NIS (* not really needed but i use RSAT ADUC)
>> UID set
>> Homedir /srv/nfs/customers/SomeUsername/spool
>>
>> Primary gid to a linux/windows group, WITH GID assigned.
>> The login is an automounted folder in this case NFS.
>> *( unless you use cifs, then keep "domain users" )
>>
>> Now this works fine here with NFS and CIFS automounts for me.
>> Just keep in mind i "want/need" the chroot and nothing else.
>>
>>
>> The systemd file to mount the share.
>>
>> /etc/systemd/system/srv-remote-customers.mount
>> #------------
>> [Unit]
>> Description=Mount Remote Customers Homedirs
>>
>>
>> [Mount]
>> # NFS option.
>> What=FQ.DN:/exportnfs/customers
>> Where=/srv/remote/customers
>> Type=nfs
>>
>> # Cifs Option
>> What=//FQ.DN/customers
>> Where=/srv/remote/customers
>> Type=cifs
>> Options=credentials=/etc/samba/credentials-administrator,rw,vers=3.0
>> # content : /etc/samba/credentials-administrator
>> username=Administrator
>> password=XXXXX
>> domain=ADDOM
>>
>> [Install]
>> WantedBy=multi-user.target
>> #------------
>>
>> And the automount file.
>>
>> /etc/systemd/system/srv-nfs-customers.automount
>> #------------
>> [Unit]
>> Description=Automount Remote Customers Homedirs
>>
>> [Automount]
>> Where=/srv/remote/customers
>> TimeoutIdleSec=120
>>
>> [Install]
>> WantedBy=multi-user.target
>> #------------
>>
>> Make sure the needed packages are installed. *( like cifs-utils/nfs-common
>> on debian)
>> Make sure you have nfs/fq.dn and cifs/fq.dn in you keytab
>>
>> Place both files in /etc/systemd/system
>> systemctl daemon-reload
>> systemctl enable srv-remote-customers.automount
>>
>> And test.
>>
>> Greetz,
>>
>> Louis
>>
>>
>>
>>> -----Oorspronkelijk bericht-----
>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>>> Ralph Boehme via samba
>>> Verzonden: donderdag 7 april 2022 12:04
>>> Aan: Thibault Roulet; samba at lists.samba.org
>>> Onderwerp: Re: [Samba] sharing an autofs nfs mount
>>>
>>> On 4/7/22 10:47, Thibault Roulet via samba wrote:
>>>> A group of 15 Centos systems running tasks on instruments.
>>>> Experiments results are saved in a local folder on each machines.
>>>>
>>>> We need then to have a centralized place for our users
>>> where they can
>>>> get their files using a smb share and also via sftp.
>>>
>>> maybe DFS? Iow run SMB on the the 15 Centos boxes instead of NFS, but
>>> let users connect to one central DFS server that contains
>>> redirects to
>>> the 15 other servers.
>>>
>>> Cheers!
>>> -slow
>>>
>>> --
>>> Ralph Boehme, Samba Team https://samba.org/
>>> SerNet Samba Team Lead https://sernet.de/en/team-samba
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
More information about the samba
mailing list