Home / ubuntu / Questions / 67405
Accepted
Kent Boogaart
Asked: 2011-10-17 01:43:56 +0800 CST

Auto-mounting network shares per user

  • 772

I have a server that has a number of CIFS shares that need to be accessed on a per-user basis. For example, I have a Music share which I have full access to, but my wife has read-only access.

When either myself or my wife log into our Ubuntu 11.04 laptop I would like these shares to be automatically mounted per user. Now I understand that if I mount as -t cifs without specifying a user then it will use the USER environment variable. However, I also need to specify a password, so how can I do that when each user has a different password?

I think my questions are:

  1. Is there a way for me to have a per-user /etc/fstab?
  2. If not, is there a way to specify that a mount is only applicable to a certain user?
  3. Also, the share password is always the same as the local password. Is there a way to specify that this password should just pass through from the client to server rather than having to specify it in a credentials file somewhere?

Or maybe I'm missing something and there's a completely different solution. Can anyone help?

11.04

2 Answers

  1. Best Answer

    There are probably several solutions possible; here's is how I would do it. (Disclaimer: untested!)

    The mount.cifs command can read the username and password from the USER and PASSWD environmental variables, but it can also read them from a "credentials" file, that you specify on the command line with the -o cred=/path/to/credentials/file option.

    The credentials-file approach is IMHO simpler to implement.

    1. Create a text file $HOME/.Music.cred to store the credentials; the file should have this format:

      user=your-username-on-cifs-server
password=the-password
domain=leave-this-blank-unless-really-using-windows-domains

    2. Protect the $HOME/.Music.cred file; run this command in a terminal:

      chmod go-rw $HOME/.Music.cred

    3. Now you should be able to mount the CIFS share //server/music on directory MyMusicFolder using this command:

      sudo mount -t cifs -o cred=$HOME/.Music.cred //server/music $HOME/MyMusicFolder

      You can enable each user to run this through passwordless sudo by adding a line to /etc/sudoers: (one line per user)

      # replace every occurence of `user` with the actual account name
user ALL= NOPASSWD: /bin/mount -t cifs -o cred=/home/user/.Music.cred //server/music /home/user/MyMusicFolder

    4. If the command from step 3. worked correctly, you can make it automatic in several ways:

      • save it into a shell script into your home directory and make that script an auto-started application (you have to do this for every user that needs to mount CIFS shares);
      • save it into a shell script /etc/X11/Xsession.d/30mount-cifs-shares so that it will work for any user.

    Alternatively, you can replace steps 3. and 4. above with the use of pam-mount:

    1. install package libpam-mount

    2. configure /etc/security/pam_mount.conf.xml with:

      <debug enable="1" />
<volume server="server" path="music" mountpoint="~/MyMusicFolder" options="cred=/home/%(USER)/.Music.cred" />

    References:

    • 3

  2. As a note to myself and to others, the reason libpam-mount was failing with:

    CIFS VFS: Error connecting to socket. Aborting operation
CIFS VFS: cifs_mount failed w/return code = -101

    was due to the fact that my wireless network had not yet started when libpam was attempting the mounts. To rectify this, I had to set the wireless connection as "Available to all users" in the wireless connection settings. This allows the connection to activate prior to a user logging in.

    Once I had set that property, libpam-mount worked fine.

    • 0