Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am sure my problem is quite easy to solve, but i have a blackout, and can't find right answer. I have Linux machine with big/secure storage, lets call it server, and other machine, lets call it client.
I need some kind of configuration in which i mount this disk persistent(via fstab) and let users use it as regular mounted partition. I tried with samba and nfs, but problem is users permissions. I am not able to set actual user as owner (it sets as uid who mounted share). Lets say on client mashine i am logged as user Bob, but when i use
Code:
touch /mnt/share
the owner is not being set as Bob.
Is it possible to make such configuration it via samba? If no, how can i achive this(mount network share like regular disk partition)
If you use Samba (advisable if you have Windows machines in your network), Samba is the way to go.
Please provide some more information: Do you want the share to accessible to all users, or only to one ("Bob"?)? What distro/version are you using?
The overview is this:
1. Include the partition in /etc/fstab, ideally by label or UUID, so it always mounts to the same location location in /media or /mnt.
2. Share the partition via /etc/samba/smb.conf file.
3. Create a password for the user(s) in /etc/samba/smbpasswd file.
4. In the directory configuration, mark the partition as shared. (This step is separate from the Samba configuration), as well as configure whether it's read only, read/write, etc.
Some distros include an item in their control centers that provides GUI tools for sharing a partition, so I'm holding off on going into a lot of command line details.
A search for "configure Samba [distroname]" should lead you to to some tutorials for your distro.
Also, sshfs does work very nicely to do what it does. I use Samba in my home network, because we have Linux, Windows, and the occasional Mac access various shares.
I will take a look on sshfs, but its additional software to install, and would like to find other solution first for security reasons.
I would prefer samba, as already used and implemented solution. Answers to questions:
1)Do you want the share to accessible to all users?
Yes, each user logged on client should be able to access such "device", but mounting should be password protected in samba(each client linux should have own samba account for mounting such a device)
I have disk array mounted on server and shared via samba, here conf
And now the problem is, when i mount this disk on client machine, the owner of each created file is: share_test. I would like to use real uid and gid. Lets say if file was created by user Bob(if Bob is already logged user on client), lets the owner of the file be Bob, not share_test.
Quote:
4. In the directory configuration, mark the partition as shared. (This step is separate from the Samba configuration)
Sorry, i don`t know what do you mean by mark partition as shared
Well, i made some research. Sshfs uses fuse library, which makes it quite vunerable to attacks, so it's hard to say if it is just wrapper around ssh. It is production enviroment, and i can't install any untested kernel modules due to security and stability reasons.
Did you see my post early in the thread? As I noted you can mount the SMB (Samba) share as a cifs mount on each client specifying the UID of the user on that client as owner for that client.
Sshfs uses fuse library, which makes it quite vunerable to attacks, so it's hard to say if it is just wrapper around ssh.
that's a strong statement; can you back it up?
anyhow, the sshfs man page clearly states:
Quote:
SSHFS (Secure SHell FileSystem) is a file system capable of operating on files on a
remote computer using just a secure shell login on the remote computer. On the local com‐
puter where the SSHFS is mounted, the implementation makes use of the FUSE (Filesystem in
Userspace) kernel module. The practical effect of this is that the end user can seamlessly
interact with remote files being securely served over SSH just as if they were local files
on his/her computer. On the remote computer the SFTP subsystem of SSH is used
so the remote connection is done with sftp, and fuse is used only locally.
i don't see any problem there.
Well, FUSE library lets the regular user to mount filesystem, what in standard linux is allowed only for root. Furthermore it is additional kernel module which allows to mount filesystem, in fact ommiting the implemented security policies.
Quote:
Did you see my post early in the thread? As I noted you can mount the SMB (Samba) share as a cifs mount on each client specifying the UID of the user on that client as owner for that client.
Well, thats not exactly what i am looking for(in this idea i have fixed username as owner of directory). Lets say i have two client Linux. We have users Alice and Bob, both authenticating via LDAP, and apache user serving www. I would like to mount shared /var/www directory from remote site(server). Then when Alice create file let the owner of file be Alice, and when Bob creates file let Bob be owner(Both uses same mountpoint defined in fstab). Furthermore, as Alice and Bob are members of group apache, let the webserver be able to read/modify this files. I would also like to know if file was created by Bob or Alice, due to security reasons.
is this remote server running windows or linux/unix? Is this filesystem ntfs or ???
You do not need to specify valid users if any user allowed to use its own user id.
is this remote server running windows or linux/unix? Is this filesystem ntfs or ???
You do not need to specify valid users if any user allowed to use its own user id.
Hi, server is Linux, connected to disk array, it is xfs partition. I would like to share this partition to remote clients(also linux), but it has to be mounted once on system startup (lets say its /var/www directory, so i cant mount it independently for each user). Each user can use it(like regular filesystem). But when i mount filesystem viasamba as let say smb_user, then each file is owned by smb_user, not as Bob, who actualy created this file.
samba should only be used in case of ntfs/windows, otherwise it is not the right tool. I would recommend you yo use nfs instead.
From the other hand you need to configure samba to allow users to use their own ids, you need to remove forcing that smb_user.
From the other hand you need to configure samba to allow users to use their own ids, you need to remove forcing that smb_user.
Thats exactly what i am looking for! But i am not able to force samba to use actual users id, i can't find this option in samba configuration(i have already read samba man page many times), can you give me a clue. In fact it is mixed linux/windows enviroment, but to make it clear i haven't mentioned about windows clients.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.