Gentoo server with samba and lots of shares. some images though, and i apparently have to be root if i wanna mount them no matter what the permissions are set to. how can i bypass this lock? atleast for the things that require -o loop

Granting passwordless sudo to "mount -o loop imagename" could do perhaps..though you do want to check out the possible security issues of that, I haven't thought about them. You're better off if you can come up with something group-permissions related, for example.

well, if someone use a windows with daemon tools, it's no problem. but mount insists on being root. damnit!

how can i grant passwd free access to "sudo mount -o loop"?

sounds a bit scary. i don't like the idea that the idiots on my network can sudo anything frankly

Are you trying to mount the image locally or remotely. If locally, you could create an entry in /etc/fstab similar to:
/home/jschiwal/testimage.img /home/jschiwal/test ext3 loop,defaults,users,rw 0 0

This will allow me to mount it with the command: "mount testimage.img" or "mount test".
It is the "users" command that does the trick. You can control who can mount it by controlling who can read it.

If it is an ext3 or other native linux image, you can use chown and chmod on the mounted mount point to change the permissions on the mounted filesystem. Another user will be able to mount it with the "user" or "users" option if the image were in /tmp/ for example and, for example, it was mounted on /tmp/test, but they wouldn't be able to enter the directory if you used:
sudo chown <yourusername> /tmp/test
chmod go-rwx

If the mount point in /etc/fstab can't be reached by another user, they won't be able to mount it.

For some filesystems, you can't use chmod. You can explicitly control the user with a boot option. Look in "man mount" for the options for particular filesystems.

----
ps. I forgot about the "noauto" option which would defer mounting during boot up. That is an option you might want to use.

i should have specified more on the current setup.

bad user is mapped to nobody and nobody is member of smbshare which is the group of all the current samba shares. smbshare has r and x access to the files

i cannot use the fstab option, but thanks for the effort put into the post ;D

the shares that currently hold image files are updated pretty often and it's not like i do mount -a or reboot often.

how can i do that?

You edit the /etc/sudoers file using the "visudo" program. The file has a commented line with an example for mounting a cdrom. You can base your entry on that one. If you are on a remote location, you will need to ssh into it before you mount the image. I don't know how well it would work to mount an image that is accessed on a samba share.

One other option is to include /etc/fstab entries on the server and mount them on the server. You could offer the directory used as the mount point as a samba share. It would be as if you were sharing the cdrom itself, only it's just an image. I keep my install dvd image on my laptop.

There is an /etc/fstab entry for it:
/suse/openSUSE-10.3-GM-DVD-x86_64.iso /suse/suse iso9660 ro,loop,defaults 0 0

I have this offered as a guest share:
This share could be used as an installation source on any other OpenSuSE10.3 64 bit distro on the lan, meaning that a disc isn't necessary if I want to install another package for my desktop.

Being an iso9660 image, it is a readonly filesystem so it isn't possible to change its contents. If the directory on the server share contains just images, you could offer the mount points as services instead of the images themselves.

Doing this, you would need to mount them manually the first time, but afterwards they would be mounted if you rebooted and you wouldn't have to bother. From another computer on the LAN, you would just need to browse the service to access the contents of the image you wanted.

thanks for the post. but the fstab solution has a big problem for me. that is that i will have to update fstab manually or with a script whenever i put on new files or delete files. and then do mount -a

edit: it works with two images, but not when there's 500 of them

Mounting an iso9660 image existing on a samba share locally will work. I don't know if that would be the best solution however. Doing it this way, root or sudo access could be limited to the users machine rather than the server.

I just tried it out to make sure.

I'm at my laptop and opened my home directory on the desktop.
On the desktop is an iso CD image file: openSUSE-10.3-GM-Addon-NonOss-BiArch.iso
I am a member of the wheel group on the laptop, however I could have had an /etc/sudoers line like:
%users ALL=/sbin/mount -t iso9660 -o loop NOPASSWD:
I haven't tested this. It should allow running the mount command as a normal user without a password. I haven't tested if it would enforce only mounting with these particular options to prevent abuse. Since, like you said you have something like 500 image files on the share, an entry like:
%users ALL=/sbin/mount -t iso9660 -o loop /mnt/image1.iso /mnt/image1 NOPASSWD:
wouldn't be practical.

On some systems like Fedora Core, sudo is configured so that the user enters their own password. This allows using sudo without needing to share the root password.

Check in the documentation how your systems support sudo and the %wheel group and be sure to test it.