Login or Register to Ask a Question and Join Our Community


Red Hat

Permissions problem with cifs.mount

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Permissions problem with cifs.mount
# 1  
Old 01-18-2013
Permissions problem with cifs.mount
hi,

I have the following permission problems with cifs.mount : a share on a VNXe (EMC NAS) is accessed by two RHEL 5.9 accounts (authenticated by Active Directory); One account has read+wite permission to the share , the second one has only read permission. Both accounts uses the following mount command:

mount -t cifs --verbose -o sec=krb5,cifsacl,multiuser //NAS/share/mount_point

First, the multiuser option is rejected (but the mounting is done). Moreover both accounts can write to the share, ignoring the NTFS permissions. What is going on ?


Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Help with cifs/smbfs mount on Solaris

I have a Linux server with a cifsmount, the entry in /etc/fstab looks like this: //windows_server_name/xyz /opt/xyz cifs credentials=/etc/creds/xyz.creds,uid=abc,gid=abc,noserverino,directio,_netdev 0 0 The username and password are stored in /etc/creds/xyz.creds This works fine.:wall: How... (1 Reply)
Discussion started by: Joke Holmer
1 Replies

2. AIX

AIX available cifs mount options

Hi, I can't find any documentation of all available mount options of mount -v cifs Unfortunately you can specify any fantasy options, no complains, and the mount command shows this option In particular I want to know if there is a possibility to completely disable cifs caching in aix,... (3 Replies)
Discussion started by: funksen
3 Replies

3. AIX

Mount CIFS on AIX

Hello AIX gurus, I am trying to mount a CIFS share on AIX and I could use some help. Here are the environment details: AIX - 6100-05-01-1016 Domain Controller - WIN2K8R2 (authentication takes place here) CIFS share is stored on a NetApp storage array that is joined to the domain I have... (2 Replies)
Discussion started by: jhall
2 Replies

4. UNIX and Linux Applications

Slackware: mount cifs with kerberos

On Slackware14.0 Compiled cifs-utils with kerberos support on request-key.conf added create cifs.spnego * * /usr/sbin/cifs.upcall %k %d But when i try mount -o sec=krb5 -t cifs //SLACK64//Users /media/users mount error(38): Function not implemented Refer to the... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

5. Linux

new file group permission of CIFS mount

After switching from smbfs mount, the dmask/dir_mode and fmask/file_mode no longer have an effect on the newly created files. It seems to use the system umask instead. I need the group to have write permissions without changing the root umask on the system. Any ideas? example fstab: ... (0 Replies)
Discussion started by: gadgetx23
0 Replies

6. AIX

AIX cifs mount to Windows Server 2008 R2

Hi i have some problem to mount a Windows Server 2008 R2 share on AIX. I found the artikel 157701-aix-cifs-mount-windows-server-2008-share on the Forum (cant post the Link) witch decribe my situation but there is no solution. I can mount a share to a Windows 2003 SP2 Server but not to 2008 R2... (2 Replies)
Discussion started by: MrTee
2 Replies

7. AIX

CIFS Mount not mounting on my AIX server

Dear Experts, Im facing a unique situation. We got a windows server folder cifs mounted on my AIX server. Before restarting the win server I tried unmounting the cifs mount. It got hanged and win server was restarted however. Now Im trying to mount the same. It prompts for password... (3 Replies)
Discussion started by: jayadeava
3 Replies

8. AIX

CIFS Mount Problem in AIX 5.3 TL12 SP-01-1016

Hi all, We are experiencing below mentioned error on mounting windows Share on AIX 5.3 when we migrate our TL from 8 to TL12-SP01, we also checked the allowed password length for mounting CIFS which is fine(10 characters in our case). On IBM fix central site there is a fix IZ63140 for... (10 Replies)
Discussion started by: m_raheelahmed
10 Replies

9. UNIX for Advanced & Expert Users

mount -t cifs permission denied by mount -t smbfs works fine

I am having trouble mounting with cifs, but mounting the exact same command with smbfs works fine. The share is on another samba server and is set to full public guest access. # mount -t cifs //servername/sharename /mnt/temp -o password="" mount error 13 = Permission denied Refer to the... (3 Replies)
Discussion started by: humbletech99
3 Replies

10. HP-UX

mount with CIFS

hi everyone months ago i installed software on hp-ux box. So instead of going to the server room (which is far and cold :) ), I put the DVD in my windows xp box and mount it using CIFS, it was successful. Now I want to install another software on the same hp-ux box using the same windows... (3 Replies)
Discussion started by: neemoze
3 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

setcifsacl

SETCIFSACL(1)						  CIFS Access Control List Tools					     SETCIFSACL(1)

NAME

       setcifsacl - Userspace helper to alter an ACL in a security descriptor for Common Internet File System (CIFS)

SYNOPSIS

       setcifsacl [-v|-a|-D|-M|-S] "{one or more ACEs}" {file system object}

DESCRIPTION

       This tool is part of the cifs-utils suite.

       setcifsacl is a userspace helper program for the Linux CIFS client file system.	It is intended to alter an ACL of a security descriptor
       for a file system object.  It is best utilized when an option of cifsacl is specified when mounting a cifs share in conjunction with
       winbind facility of Samba suite.  Whether a security descriptor to be set is applied or not is determined by the CIFS/SMB server.

OPTIONS

       -v
	   Print version number and exit.
       -a
	   Add one or more ACEs to an ACL of a security descriptor.  An ACE is added even if the same ACE exists in the ACL.
       -D
	   Delete one or more ACEs from an ACL of a security descriptor.  Entire ACE has to match in an existing ACL for the listed ACEs to be
	   deleted.
       -M
	   Modify one or more ACEs from an ACL of a security descriptor.  SID and type are used to match for existing ACEs to be modified with the
	   list of ACEs specified.
       -S
	   Set an ACL of security descriptor with the list of ACEs Existing ACL is replaced entirely with the specified ACEs.

       Every ACE entry starts with "ACL:" One or more ACEs are specified within double quotes.	Multiple ACEs are separated by a comma.

       Following fields of an ACE can be modified with possible values:

       SID: Either a name or a raw SID value.

       type: ALLOWED (0x0), DENIED (0x1), OBJECT_ALLOWED (0x5), OBJECT_DENIED (0x6)

       flags: OBJECT_INHERIT_FLAG (OI or 0x1), CONTAINER_INHERIT_FLAG (CI or 0x2), NO_PROPAGATE_INHERIT_FLAG (NI or 0x4), INHERIT_ONLY_FLAG (IO or
       0x8), INHERITED_ACE_FLAG (IA or 0x10) or a combination/OR of these values.

       mask: Either one of FULL, CHANGE, READ, a combination of R W X D P O, or a hex value

EXAMPLES

       Add an ACE
       setcifsacl -a "ACL:CIFSTESTDOMuser2:DENIED/0x1/D" <file_name> setcifsacl -a "ACL:CIFSTESTDOMuser1:ALLOWED/OI|CI|NI/D" <file_name>

       Delete an ACE
       setcifsacl -D "ACL:S-1-1-0:0x1/OI/0x1201ff" <file_name>

       Modify an ACE
       setcifsacl -M "ACL:CIFSTESTDOMuser1:ALLOWED/0x1f/CHANGE" <file_name>

       Set an ACL
       setcifsacl -S "ACL:CIFSTESTDOMAdministrator:0x0/0x0/FULL,
       ACL:CIFSTESTDOMuser2:0x0/0x0/FULL," <file_name>

NOTES

       Kernel support for getcifsacl/setcifsacl utilities was initially introduced in the 2.6.37 kernel.

SEE ALSO

       mount.cifs(8), winbindd(8), getcifsacl(1)

AUTHOR

       Shirish Pargaonkar wrote the setcifsacl program.

       The Linux CIFS Mailing list is the preferred place to ask questions regarding these programs.

cifs-utils							    08/19/2011							     SETCIFSACL(1)