Ownership problem using a CIFS-mounted volume Post: 302217794

Sponsored Content

Top Forums UNIX for Advanced & Expert Users Ownership problem using a CIFS-mounted volume Post 302217794 by same1290 on Wednesday 23rd of July 2008 02:46:05 PM

07-23-2008

Registered User

Ownership problem using a CIFS-mounted volume

Hello,

I am trying to use a storage service for backing large amounts
(terabytes) of data. The service uses Linux machines and allows
mounting of their disks using the CIFS/SMB protocol.

I do have the option of using rsync directly over the network
without mounting. But in order to automate this process, I do
want to have the remote disk mounted and be able to use cp or
rsync transparently.

The data that needs to be backed up is also on Linux systems. I had
our sys admin set things up on our system so that I can use mount.cifs
command to mount the remote disk like so:

$ mkdir -p /tmp/sam_test3
$ mount.cifs //brick.orgname.org/test3 /tmp/sam_test3 -o
user=test3, uid=sam, gid=swdevelopers, file_mode=0775,
dir_mode=0775

where the remote username (on brick) is 'test3' and my local username
is on our system is 'sam'. By the way, 'test3' is also a member of a
group with the same name 'test3'. That group has w/x permissions on
/tmp/sam_test3.

The mounting command above works fine: After entering my remote user
password, the disk is successfully mounted, but it changes owner and
gid to 'test3'.

The problem is to write to that mounted dir from my local machine on
which I'm logged in as 'sam'. Since I'm not the owner of
/tmp/sam_test3 and I don't belong to the group 'test3', I can't
write to it.

It would seem that the way to solve this would be to add my local
username, 'sam' to the group 'test3' on the remote machine. But this
is what the admin for the remote machine brick told me.

> I think that is going to be UID based, and not name based so adding
> the name will likely not help as the UID between machines is going to
> be different.

Is there anyone with in-depth knowledge of CIFS and the mount.cifs
command who can suggest a way around the ownership permissions
problems.

He also suggested that smbmount doesn't have the same problem.
(If that's true, why not?)

Thank you in advance to whomever can give me some suggestions,

Sam

same1290

View Public Profile for same1290

Find all posts by same1290

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Stubborn file ownership problem! Argh!

Hi, I have Apache running well on a Linux server, with Samba installed. I do must of my work in Notepad2 on a Windows box using Samba shares on which I am logged in as a user on the box (non-root). I recently decided to expand into cgi-perl. My /htdocs/cgi-bin directory is already part of a...

2. Linux

files ownership/permission problem

all the files and directories in my system are owned by root only.i try to(from root loggin) change the permission on the file but not permitted.can any one help to fix my problem .also while installing any software always error occur like no makefile available

3. AIX

CIFS Mount Problem in AIX 5.3 TL12 SP-01-1016

Hi all, We are experiencing below mentioned error on mounting windows Share on AIX 5.3 when we migrate our TL from 8 to TL12-SP01, we also checked the allowed password length for mounting CIFS which is fine(10 characters in our case). On IBM fix central site there is a fix IZ63140 for...

4. AIX

I/O speed to CIFS mounted Windows Share

I have an AIX box that mounts a Windows share across subnets. When I try to copy a 100 MB file to it, it copies around 2 MB/s. If I copy to another Windows share on the same subnet it copies around 12 MB/s. All I have is gigabit networks so I would expect it to go well over 12 MB/s, which is the...

5. Shell Programming and Scripting

Directory / File changes on CIFS share mounted on Red Hat Linux

I have a requirement to copy the changed file on CIFS share mounted on Red Hat Linux to a remote FTP/SFTP server. I tried inotify-tools, but this didn't track the modified files. Has anyone tried incron or any other suggestion?

6. Red Hat

Permissions problem with cifs.mount

hi, I have the following permission problems with cifs.mount : a share on a VNXe (EMC NAS) is accessed by two RHEL 5.9 accounts (authenticated by Active Directory); One account has read+wite permission to the share , the second one has only read permission. Both accounts uses the following...

7. Solaris

In Solaries 10 how to mount multiple volume on same mounted point

Hi , I am completely stuck and not getting any clue to come out this . So looking for help Q : I have salaries 10 in server with that Dell Equallogic storage connected. in dell Equlalogic in i have 70 TB storage . I created 7 volumes 10 TB each . In Solaries 10 i have syslog server i...

8. Linux

Volume is mounted on two ServiceGuard nodes

Hey! I'm running a HP ServiceGuard cluster with three nodes. One of the packages was moved (not by me) from one node to another a few weeks ago. I just noticed that one of the volume groups is still mounted on the old node. Oops! When I run df, less space is used on the old node than the new. ...

9. AIX

AIX 6.1 : Problem with cifs and win2012.

i want to connect a shared folder on a server w2k12 by cifs "mkcifsmnt", but without sucess, i tried to do the same on w2k3, it works, but both on win7 and w2k12 doesn't work, is there any suggestions about this problem, thks in advance. My aix version is 6.1

LEARN ABOUT LINUX

cifs.upcall

CIFS.UPCALL(8)						    System Administration tools 					    CIFS.UPCALL(8)

NAME

       cifs.upcall - Userspace upcall helper for Common Internet File System (CIFS)

SYNOPSIS

       cifs.upcall [--trust-dns|-t] [--version|-v] [--legacy-uid|-l] [--krb5conf=/path/to/krb5.conf|-k /path/to/...] {keyid}

DESCRIPTION

       This tool is part of the cifs-utils suite.

       cifs.upcall is a userspace helper program for the linux CIFS client filesystem. There are a number of activities that the kernel cannot
       easily do itself. This program is a callout program that does these things for the kernel and then returns the result.

       cifs.upcall is generally intended to be run when the kernel calls request-key(8) for a particular key type. While it can be run directly
       from the command-line, it's not generally intended to be run that way.

OPTIONS

       -c
	   This option is deprecated and is currently ignored.

       --krb5conf=/path/to/krb5.conf|-k /path/to/krb5.conf
	   This option allows administrators to set an alternate location for the krb5.conf file that cifs.upcall will use.

       --trust-dns|-t
	   With krb5 upcalls, the name used as the host portion of the service principal defaults to the hostname portion of the UNC. This option
	   allows the upcall program to reverse resolve the network address of the server in order to get the hostname.

	   This is less secure than not trusting DNS. When using this option, it's possible that an attacker could get control of DNS and trick
	   the client into mounting a different server altogether. It's preferable to instead add server principals to the KDC for every possible
	   hostname, but this option exists for cases where that isn't possible. The default is to not trust reverse hostname lookups in this
	   fashion.

       --legacy-uid|-l
	   Traditionally, the kernel has sent only a single uid= parameter to the upcall for the SPNEGO upcall that's used to determine what
	   user's credential cache to use. This parameter is affected by the uid= mount option, which also governs the ownership of files on the
	   mount.

	   Newer kernels send a creduid= option as well, which contains what uid it thinks actually owns the credentials that it's looking for. At
	   mount time, this is generally set to the real uid of the user doing the mount. For multisession mounts, it's set to the fsuid of the
	   mount user. Set this option if you want cifs.upcall to use the older uid= parameter instead of the creduid= parameter.

       --version|-v
	   Print version number and exit.

CONFIGURATION FOR KEYCTL

       cifs.upcall is designed to be called from the kernel via the request-key callout program. This requires that request-key be told where and
       how to call this program. The current cifs.upcall program handles two different key types:

       cifs.spnego
	   This keytype is for retrieving kerberos session keys

       dns_resolver
	   This key type is for resolving hostnames into IP addresses. Support for this key type may eventually be deprecated (see below).

       To make this program useful for CIFS, you'll need to set up entries for them in request-key.conf(5). Here's an example of an entry for each
       key type:

	   #OPERATION  TYPE	      D C PROGRAM ARG1 ARG2...
	   #=========  =============  = = ================================
	   create      cifs.spnego    * * /usr/sbin/cifs.upcall %k
	   create      dns_resolver   * * /usr/sbin/cifs.upcall %k

       See request-key.conf(5) for more info on each field.

       The keyutils package has also started including a dns_resolver handling program as well that is preferred over the one in cifs.upcall. If
       you are using a keyutils version equal to or greater than 1.5, you should use key.dns_resolver to handle the dns_resolver keytype instead
       of cifs.upcall. See key.dns_resolver(8) for more info.

SEE ALSO

       request-key.conf(5), mount.cifs(8), key.dns_resolver(8)

AUTHOR

       Igor Mammedov wrote the cifs.upcall program.

       Jeff Layton authored this manpage.

       The maintainer of the Linux CIFS VFS is Steve French.

       The Linux CIFS Mailing list is the preferred place to ask questions regarding these programs.

cifs-utils							    02/07/2010							    CIFS.UPCALL(8)