Hi all,
I always 'forget' that in this list 'reply' doesn't mean 'reply to the
list'. So, here's some follow-up of my mail... And my additional
question...
Hi,
thanks... this works fine. I didn't use the 'mask'-things in the right
way. Anyway, major 'problem' solved. I still have one more question. I
would like to put some things in a (global) startup-script. I think if
I use /etc/profile and use a login manager (not everyone likes to log
on using a text console), it'll not work (since 'profile' is the
startup-script for bash. So, I should change 'Xsession'. I'm not very
sure where to put a lines like:
mount //labmetserver/common /mnt/labmet/common -o
uid=$USER,gid=staff,dmask=1740,fmask=1740,credentials=$HOME/.smbpasswd
mount //labmetserver/information /mnt/labmet/information -o
uid=root,gid=staff,dmask=1754,fmask=1754,credentials=$HOME/.smbpasswd
[...]
in the script. (I would like to have it this way, so the drives are
not mounted when nobody is using the computer; I actually don't know
why, it just gives me a 'safer' feeling. Now, I log onto the server
with administrator password. If I could put things in a login-script,
everyone can use their own login and password and put it in
'~/.smbpasswd'.)
tnx,
Kurt.
In Debian, Xsession looks like this:
-----
#!/bin/sh
#
# /etc/X11/Xsession
#
# global Xsession file -- used by display managers and xinit (startx)
set -e
message () {
# pretty-print messages of arbitrary length echo "$*" | fold -s -w
${COLUMNS:-80} >&2;
}
message_nonl () {
# pretty-print messages of arbitrary length (no trailing newline)
echo -n "$*" | fold -s -w ${COLUMNS:-80} >&2;
}
errormsg () {
# exit script with error message "$*" exit 1;
}
internal_errormsg () {
# exit script with error; essentially a "THIS SHOULD NEVER HAPPEN"
message message "$*" message "Please report the package name,
version, and the text of the" \
"above error message(s) to <[EMAIL PROTECTED]>.";
exit 1;
}
run_parts () {
# until run-parts --noexec is implemented if [ -z "$1" ]; then
internal_errormsg "internal run_parts called without an argument"
fi if [ ! -d "$1" ]; then
internal_errormsg "internal run_parts called, but $1 does not
exist or is not a directory." fi for F in $(ls $1); do
if expr "$F" : '[[:alnum:]_-]\+$' > /dev/null 2>&1; then
if [ -f "$1/$F" ]; then
echo "$1/$F" fi fi done;
}
# initialize variables for use by all session scripts
OPTIONFILE=/etc/X11/Xsession.options
SYSRESOURCES=/etc/X11/Xresources
USRRESOURCES=$HOME/.Xresources
SYSSESSIONDIR=/etc/X11/Xsession.d
STARTUP=$HOME/.xsession
ALTSTARTUP=$HOME/.Xsession
ERRFILE=$HOME/.xsession-errors
# attempt to create an error file; abort if we cannot
if touch $ERRFILE 2> /dev/null && [ -w $ERRFILE ]; then
chmod 600 "$ERRFILE"
elif ERRFILE=$(tempfile 2> /dev/null); then
if ! ln -sf "$ERRFILE" "${TMPDIR:=/tmp}/xsession-$USER"; then
message "Xsession: unable to symlink \"$TMPDIR/xsession-$USER\"
to" \
"\"$ERRFILE\"." fi
else
errormsg "Xsession: unable to create X session log/error file.
Aborting."
fi
exec > "$ERRFILE" 2>&1
# sanity check; is our session script directory present?
if [ ! -d "$SYSSESSIONDIR" ]; then
errormsg "Xsession: no $SYSSESSIONDIR directory found. Aborting."
>&2
fi
# use run-parts to source every file in the session directory; we
# source instead of executing so that the variables and functions
# defined above are available to the scripts, and so that they can
# pass variables to each other
SESSIONFILES=$(run_parts $SYSSESSIONDIR)
if [ -n "$SESSIONFILES" ]; then
for SESSIONFILE in $SESSIONFILES; do
. $SESSIONFILE done
fi
exit 0
# vim:ai:et:sts=2:sw=2:tw=80:
-----
and '$SYSSESSIONDIR' (/etc/X11/Xsession.d) contains:
-----
$ ls -l
total 20
-rw-r--r-- 1 root root 1361 Mar 19 2003 20xfree86-common_process-args
-rw-r--r-- 1 root root 329 Mar 19 2003 30xfree86-common_xresources
-rw-r--r-- 1 root root 933 Mar 19 2003
50xfree86-common_determine-startup
-rw-r--r-- 1 root root 449 Mar 19 2003 90xfree86-common_ssh-agent
-rw-r--r-- 1 root root 18 Mar 19 2003 99xfree86-common_start
$
-----
--
Mail from [EMAIL PROTECTED]
sent on Wednesday October 22 2003 at 01:43 (GMTGMT):
Try with fmask=1777,dmask=1777 - 0000 gives me the same as you see
below, 1777 gives everyone all permissions.
If that doesn't work, you should be able to put your mount command
(w/ -o uid=xxx) into a login script. There are several login
scripts you can choose from, depending on what shell you use etc.
Some standard ones are "/etc/profile" (global for all users; this
is where path & stuff is set); "~/.profile", "~/.bash_profile" and
"~/.bashrc" for personal/individual logins.
But I think there are a number of problems with doing the mount in
a login script. You would need to set either the login script or
smbmount setuid root; you would need seperate mount points for each
user; only the user who's script mounted the smb share would have
access; etc. Some of these may not be problems, depending on what
you want, but if I'm understanding your goal correctly, it would be
much simpler to get the permissions in fstab working right.
Wish you luck, Conway S. Smith
-- Kurt Sys <[EMAIL PROTECTED]> wrote: Hi,
thanks for your reply. However, this doesn't work (I remember I
used to try it, but for one reason or another, it wouldn't work,
I'm guessing, but it might be some 'Debian-security' thing?) I
tried again...
-----
# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/hda5 / ext2 errors=remount-ro 0 1 /dev/hda3 none swap sw 0 0
proc /proc proc defaults 0 0 /dev/fd0 /floppy auto users,noauto 0 0
/dev/cdrom /cdrom iso9660 ro,users,noauto 0 0 /dev/hda6 /usr ext2
defaults 0 2 /dev/hda7 /var ext2 defaults 0 2 /dev/hda8 /tmp ext2
defaults 0 2 /dev/hda9 /boot ext2 defaults 0 2 /dev/hda10 /root
ext2 defaults 0 2 /dev/hda11 /home ext2 defaults 0 2 /dev/hda2
/mnt/winxp ntfs umask=0022 0 0 /dev/sda4 /mnt/zip vfat users,noauto
0 0
//labmetserver/common /mnt/labmet/common smbfs
dmask=0000,fmask=0000,noauto,credentials=/etc/samba/smbpasswd 0 0
//labmetserver/information /mnt/labmet/information smbfs
dmask=0000,fmask=0000,noauto,credentials=/etc/samba/smbpasswd 0 0
//labmetserver/students /mnt/labmet/students smbfs
dmask=0000,fmask=0000,noauto,credentials=/etc/samba/smbpasswd 0 0
//labmetserver/researchers /mnt/labmet/researchers smbfs
dmask=0000,fmask=0000,noauto,credentials=/etc/samba/smbpasswd 0 0
-----
I log on (as root) and 'mount /mnt/labmet/common'. The drive is
mounted:
-----
kurtpjoeter:/mnt/labmet# mount common Unknown parameter
encountered: "passdb backend" Ignoring unknown parameter "passdb
backend" 1639: session request to LABMETSERVER failed (Called name
not present) kurtpjoeter:/mnt/labmet# ls -al total 24 drwxr-xr-x 6
root root 4096 Mar 19 2003 . drwxr-xr-x 6 root root 4096 Sep 4
00:23 .. drwxr-xr-x 1 root root 4096 Oct 17 16:36 common
drwxrwxrwx 2 root root 4096 Mar 19 2003 information drwxrwxrwx 2
root root 4096 Mar 19 2003 researchers drwxrwxrwx 2 root root 4096
Mar 19 2003 students kurtpjoeter:/mnt/labmet#
-----
but no file/directory in 'common' has write permissions for
'groups' or 'other users'. However:
-----
kurtpjoeter:/mnt/labmet# umount common/ kurtpjoeter:/mnt/labmet#
mount common -o uid=kurt Unknown parameter encountered: "passdb
backend" Ignoring unknown parameter "passdb backend" 2209: session
request to LABMETSERVER failed (Called name not present)
kurtpjoeter:/mnt/labmet# ls -al total 24 drwxr-xr-x 6 root root
4096 Mar 19 2003 . drwxr-xr-x 6 root root 4096 Sep 4 00:23 ..
drwxr-xr-x 1 kurt root 4096 Oct 17 16:36 common drwxrwxrwx 2 root
root 4096 Mar 19 2003 information drwxrwxrwx 2 root root 4096 Mar
19 2003 researchers drwxrwxrwx 2 root root 4096 Mar 19 2003
students kurtpjoeter:/mnt/labmet#
-----
In this case, 'kurt' has write access to the drive. It would be
great if I can put such thing in a login-script. This would also
allow me to give other permissions to the drives, depending on
which user logs on.
Actually, I don't really want other users to be able to smbmount,
but they should be able to access the 'shared' drives on the
server. Some have more permissions than other ones, but this is not
the main problem now... I should simply be able to give a user
write permissions to a drive when he/she logs on.
Oh yeah, the 'session request to LABMETSERVER failed'-thing... I
already posted that to the list (I guess this one) and the
conclusion seemed to be 'do not bother as long as it works'.
tnx, Kurt.
--
Mail from [EMAIL PROTECTED] sent on Tuesday October 21 2003 at 04:16
(GMTGMT):
You should be able to set it up in the fstab to give all users
rw permissions. You will probably just need to set the fmask
and dmask to values you want (see the mount(8) & smbmount(8) man
pages).
<qoute>
fmask=<arg>
sets the file mask. This determines the permissions that
remote files have in the local filesystem. The default is
based on the current umask.
dmask=<arg>
sets the directory mask. This determines the permissions
that remote directories have in the local filesystem. The
default is based on the current umask.
</qoute>
Also, you may need to chmod smbmount setuid root; IIRC smbmount
has to be run as root, regardless of fstab & other config files.
But this should only be done if you want/need nonroot users to
be able to mount/umount the remote smb filesystem(s).
Hope this helps, Conway S. Smith
-- Kurt Sys <[EMAIL PROTECTED]> wrote:
>Hi all,
>
>I'm having the following situation here: There is a windowsNT
>network available. I can connect to the network. However, only
>'root' can write to the NT-disk. So, I have to connect as
>'another user':
>
>smbmount //labmetserver/common /mnt/labmet/common -o
>>credentials=/home/kurt/.smbmountcred,uid=kurt
>
>In this way, I connect to the server, with 'kurt' as the user,
>so 'kurt' can write to the NT-disk. So all this works, what's
>my problem? That it only works if I am root. I would like all
>users to be able to connect to the server and read and write. I
>thinking of something like, if someone logs in on linux, the
>connection is made automatically. Can I put something like:
>
>smbmount //labmetserver/common /mnt/labmet/common -o
>>credentials=$HOME/.smbmountcred,uid=$USER
>
>in some script (which runs with 'root'-permissions). Or even
>better, if '$HOME/.smbmountcred exists, it should use it,
>otherwhise, it should use a general 'smbmountcred'-file
>(somewhere in /etc/smbmount)? I'm using Debian sarge,
>linux-kernel 2.4.20, smbmount version
>2.2.3a-14.
>
>Untill now, I did put it in fstab, but in that case, I logged
>in onto the windowsNT-server as root, so no user had any write
>permission.
>
>
>tnx, Kurt.
________________________________________________________________
The best thing to hit the internet in years - Juno SpeedBand! Surf
the web up to FIVE TIMES FASTER! Only $14.95/ month - visit
www.juno.com to sign up today!
--
To live a creative life, we must lose our fear of being wrong.
-- Joseph Chilton Pearce
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs
