mount smbfs and permissions

The place to post if you need help or advice

Moderators: ChrisThornett, LXF moderators

mount smbfs and permissions

Postby M0PHP » Fri Apr 29, 2005 11:31 am

Hello :)

I'm trying to create and FTP mirror for some domain users to access their folders from home, ie a quick and dirty remote access.

I've got a bash script that mounts Windows 2000 domain's users to the linux machine which is working fine as far as that goes - it mounts fine with 2K admin accounts which have full read/write access to each username's folders.

Here is a 'ls -l' of /home/winnt before I run the mount script:

Code: Select all
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 00test
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 01test
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 02test
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 03test
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 04test
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 admin1
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 guest1
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 guest2
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 guest3
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 guest7
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 guest9
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 test.one
drwxrwxrwx    2 root     root         4096 Apr 29 12:16 test.two


And after mounting with the command below:

Code: Select all
mount -t smbfs -o username=administrator,password=password,uid="$i",gid="Domain Users",dmask=777,fmask=777,umask=000 //bbs-svr-001/$i$ /home/winnt/$i


(`$i` is the username)

'ls -l' produces this:

Code: Select all
dr-xr-xr-x    1 00test   Domain Users     4096 Apr 29 10:59 00test
drwxrwxrwx    1 01test   Domain Users     4096 Apr 29 10:32 01test
drwxrwxrwx    1 02test   Domain Users     4096 Apr 25 15:58 02test
dr-xr-xr-x    1 03test   Domain Users     4096 Mar  7 12:52 03test
dr-xr-xr-x    1 04test   Domain Users     4096 Apr 26 14:28 04test
dr-xr-xr-x    1 admin1   Domain Users     4096 Apr 28 16:02 admin1
drwxrwxrwx    1 guest1   Domain Users     4096 Apr 29 10:43 guest1
drwxrwxrwx    1 guest2   Domain Users     4096 Sep 23  2004 guest2
drwxrwxrwx    1 guest3   Domain Users     4096 Sep 23  2004 guest3
drwxrwxrwx    1 guest7   Domain Users     4096 Apr 29 10:44 guest7
drwxrwxrwx    1 guest9   Domain Users     4096 Sep 23  2004 guest9
dr-xr-xr-x    1 test.one Domain Users     4096 Mar  3 11:37 test.one
dr-xr-xr-x    1 test.two Domain Users     4096 Mar 24 15:27 test.two


I have no idea why certain users are getting 555 permissions (dr-xr-xr-x) on their root folder. Every user's files & folders underneath the root is 777 as expected. This causes the problem that test.two (as an example) can modify any file that already exists - but creating a new one or a new folder under their root directory is impossible as they don't have write access.

Would anyone happen to know why this is happening?

Many thanks 8)
User avatar
M0PHP
LXF regular
 
Posts: 737
Joined: Wed Apr 06, 2005 7:40 am
Location: Bishop Auckland, County Durham, UK

RE: mount smbfs and permissions

Postby Nigel » Fri Apr 29, 2005 5:31 pm

I think the answer may lie with Windows 2000... it doesn't let normal users write to the top level of any share. No idea why not - all the other versions of WIndows do.
Hope this helps,

Nigel.
User avatar
Nigel
LXF regular
 
Posts: 1141
Joined: Fri Apr 08, 2005 8:03 pm
Location: Gloucestershire, UK

Postby M0PHP » Mon May 02, 2005 8:05 pm

Nigel, I think if that was the case then none of the users would be able to save their work to their home directories anyway.

After playing about with the script, I noticed that immediately after the mount command has finished, the directory that is mounted gets write permissions but 1 to 2 seconds afterwards it gets write permissions removed. Also, when I alter the umask paremeter - the permission mode that is applied is slightly different (can't remember what now).

But what isn't clear is why some users are given full permissions and some aren't - I've even tried other users in the same Windows group and one would get write where the other wouldn't :evil:
User avatar
M0PHP
LXF regular
 
Posts: 737
Joined: Wed Apr 06, 2005 7:40 am
Location: Bishop Auckland, County Durham, UK

Postby Guest » Wed May 04, 2005 10:32 am

Hi MOPHP,
Check the users area and see if they have files in there root area. They will have folders but if they do not have files in the area it can cause this problem.

PS Nigel is right, sometime the root file are not writable. I.e. I mount all the Linux computers using NovelClient and if I am not careful about my mount path and what files the user has they will mount with only read access for the root file but all subdirectories are wriatable.

I would not belive his myself if I had not done it myself

Giz
GBDesign - ERP for the SME - Creating datadrive solutions
Guest
 

Postby Nigel » Wed May 04, 2005 3:07 pm

Our Windows client/server systems are usually set up to export a directory tree from the server & access it from the clients. The directory that is at the top of the tree does need to be writeable by the client PCs. This always worked fine using WIndows NT servers. As soon as customers started updating to Win2000 servers we started getting calls about the program failing, which was traced to a lack of write permission to the top of our directory tree. I tried everything I could think of, but couldn't get any version of Windows to write to the top level of tree shared out by Windows 2000. The easy answer was to move the share level up, ie share out the directory above the top of our tree instead.
But not all customers had the problem... and I never did conclusively find out what was different about the ones that didn't.

Let me make sure I have understood what you are doing... I think you are saying that you are exporting user's home directories from Windows 2000 and mounting them on Linux using smbfs - correct ?
Now I don't see anything wrong at the Linux end. So time to look at the Win2000 end.
Are all of the user's home directories shared out as individual shares ?
Do they all physically exist on the same filesystem ?
Is the directory one level above the home directories for some users also shared out ? If so, does the set of users whose home directories are writeable on Linux correspond to the set of users where the directory one level above their home directory is also shared out ? I think you can see where I'm going with this... ;)
Hope this helps,

Nigel.
User avatar
Nigel
LXF regular
 
Posts: 1141
Joined: Fri Apr 08, 2005 8:03 pm
Location: Gloucestershire, UK


Return to Help!

Who is online

Users browsing this forum: Google [Bot] and 3 guests