Thursday 17 November 2022

Autofs with SMB

 "autofs" software for Ubuntu and other Linux systems mounts file systems and network shares on demand and there are a couple key benefits to using autofs compared to fstab and other methods and I've posted before about Autofs and a couple tricks with NFS shares

  • File share does not have to be available on boot so faster boot times and fewer failures after restart
  • File share is unmounted when not in use reducing system resources on client and server side
  • Consistent abstraction of mounts is easier to maintain across systems

Giant caveat that Linux does not segregate permissions once a share is mounted. This is fine for single-user systems and also fine where systems are un-attended (i.e. servers) but really a big problem on multi-user systems that user a and user b can both access share Z once it is mounted and it is as the connected user.


The Ubuntu standard "autofs" package includes an "auto.smb" which dynamically configures the shares in most cases so long as credentials are available and some basic pre-work is done. This should work for generic needs but for file share specific configurations use the auto.misc instead

Required packages to work with SMB shares (i.e. on Windows) and mounting with the stock CIFS driver (i.e. same old driver in Linux).

 

    apt install autofs smbclient cifs-utils

 

The auto.smb file itself doesn't have to be configured, if you look in the file it advises what configuration to add to "auto.master" and how to setup credentials.

 

    # edit /etc/auto.master and add this line

    /cifs  /etc/auto.smb --timeout=300

 

    # create /etc/creds with restricted permissions

    sudo mkdir -m 700 /etc/creds

    # edit a file with the server name like /etc/creds/MYNAS

    username=myuser

    password=reallygoodpassword

 

    # restart autofs

    sudo systemctl restart autofs

 

As any user you should be able to list shares and access contents of any available share the configured user has access to.


    # shows all shares on the server (not hidden ones)

    ls /cifs/MYNAS

    # access files as normal within a share

    ls /cifs/MYNAS/MyShare

 

If file shares or the contents do not appear, check "mount" and system logs for hints what may be wrong. Biggest caveat I had had was that cifs-utils really are required and I'm pretty sure smbutils as well - out of the box autofs with the stock system drivers and packages may have been able to do SMB1 but SMB1 should be disabled on any file servers so yeah, need to get "cifs-utils" package which includes tools to work with the newer SMB2 and SMB3 protocols. 


Posted by at

1 comment:

  1. Dom617b17 November 2022 at 11:40

    Moved from nibble blog, I posted on the wrong place. Oops! 🤦‍♂️

    ReplyDelete

Subscribe to: Post Comments (Atom)

Popular Posts

  • Processing Deferred Messages in Postfix
    For anyone who's had to cleanup some mail problems with Postfix configuration (or more often with other things, like anti-spam, tied in ...
  • Cache in Openfire
    In the course of troubleshooting the office Jabber server the other day, I came across some interesting info about the various caches that O...
  • Cron scheduling for first Sunday of the month
    For everyone who uses cron, you are familiar with the job schedule form: min hr day-of-month month day-of-week <command> A problem...