lists@openenterprise.ca
2009-May-21 18:28 UTC
[Samba] Best Way to Securely Mount SMB/CIFS Shares
Although I am comfortable mounting smbf/cifs shares for myself, as root, I am trying to determine the optimal way to have users get specific mounts, without having to put in any user account details in fstab, and specific mounts for specific users. I know I can create a .credentials file in each users /home/user folder and point to that in fstab. But I dont want to have multiple lines in fstab for each user. Can a mount line be added to a users bash_profile and using a hidden/hashed credentials file? or something similar so that only those mounts needed for any particular user are mounted when they log in. Rather than in fstab and mounted for everyone? Or maybe there is another way to securely create different windows share mounts for different users without having them in fstab? CentOS 5.3, x86 Samba: 3.033375
On Thu, May 21, 2009 at 2:05 PM, <lists@openenterprise.ca> wrote:> Although I am comfortable mounting smbf/cifs shares for myself, as root, > I am trying to determine the optimal way to have users get specific > mounts, without having to put in any user account details in fstab, and > specific mounts for specific users. I know I can create a .credentials > file in each users /home/user folder and point to that in fstab. But I > dont want to have multiple lines in fstab for each user. > > Can a mount line be added to a users bash_profile and using a hidden/hashed > > credentials file? or something similar so that only those mounts needed > for any particular user are mounted when they log in. Rather than in > fstab and mounted for everyone? > > > Or maybe there is another way to securely create different windows share > mounts for different users without having them in fstab? > > CentOS 5.3, x86 > Samba: 3.033375http://pam-mount.sourceforge.net/ -- John M. Drescher
On Thu, May 21, 2009 at 12:05 PM, <lists@openenterprise.ca> wrote:> Although I am comfortable mounting smbf/cifs shares for myself, as root, > I am trying to determine the optimal way to have users get specific > mounts, without having to put in any user account details in fstab, and > specific mounts for specific users. I know I can create a .credentials > file in each users /home/user folder and point to that in fstab. But I > dont want to have multiple lines in fstab for each user. > > Can a mount line be added to a users bash_profile and using a hidden/hashed > > credentials file? or something similar so that only those mounts needed > for any particular user are mounted when they log in. Rather than in > fstab and mounted for everyone? > > > Or maybe there is another way to securely create different windows share > mounts for different users without having them in fstab? > > CentOS 5.3, x86 > Samba: 3.033375 > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >If you have a Kerberos realm set-up, you could leverage that so that no password is needed. Active Directory uses Kerberos if that is available. A user on Debian can call smbmount without having to be root. Robert LeBlanc