[Samba] Cannnot create chroot on a cifs-mounted linux homedir -- missing dev/exec

webman at manfbraun.de webman at manfbraun.de
Tue Jan 10 07:37:47 UTC 2023 

Hallo!

I try to use a cifs/samba share (hosted on debian, samba 4.17) as
a homedir for a user in a vm (kvm) runnig debian with X (with xfce4).
In the beginning, I was not able to save settings, although
permissions look right (can read/write/modify) and the GTK-Warning
(which claims missing permissons, not telling, which) went away.

I found the biggest crux: degrade the connection
to use "vers=1.0", which solves the first problem,
solved the GtK-WARNINGs and saved setting.

There is a remaining problem: Cannot create a chroot
on this filesystem using debootstrap.

What I see is, that there are no "dev" and
"exec" mount properties, but on this profile (the users
home) chroot's should be created and if one issues
debootstrap there is an error message (using root):
---
$ debootstrap --arch amd64 chimaera chr/ http://deb.devuan.org/merged
mknod: /home/ncu9/work/chr/test-dev-null: Permission denied
E: Cannot install into target '/home/ncu9/work/chr' mounted with noexec or nodev
---
Indeed, the mount options reflect this, requested are:

//192.168.26.1/kvmabc-homes--ncu2  /home/ncu9  cifs mfsymlinks,rw,exec,dev,suid,user_xattr,vers=1.0,username=mbu1-smb1,password=918273,iocharset=utf8,uid=2009,gid=2009,dir_mode=0755,file_mode=0755  0 0

The resulting mount option are:

vers=1.0,addr=192.168.26.1,gid=2009,uid=2009,acl,username=mbu1-smb1,relatime\
soft,rw,mfsymlinks,cache=strict,unix,actimeo=1,wsize=65536,rsize=1048576\
forcegid,forceuid,mapposix,posixpaths,echo_interval=60,bsize=1048576
 
To note is, I tried this on debian and devuan and even with gid=100.

MISSING: DEV, EXEC.

How can this be solved?

smb.conf:

[kvmabc-homes--ncu2]
        path = /pools/users/homes/kvmabc--ncu2
        browsable = yes
        read only = no
        locking = no
        create mask = 0777
        directory mask = 0777
        force directory mode = 0777

        root preexec = /ops/services/smb-mount-notify preexec %S c:%M ip:%I r:%P
        root postexec = /ops/services/smb-mount-notify postexec %S c:%M ip:%I r:%P

        force user = abc
        force group = abc

        inherit acls = yes
        inherit permissions = yes
        inherit owner = yes

        guest ok = no

        valid users = root,mbu-smb1
        write list  = root,mbu-smb1
---
Thanks,
Manfred

More information about the samba mailing list