Permissions of mounted cifs share (Shared from FreeNAS)
Solution 1
write the mount (/etc/fstab in this case) with noperm parameter to instruct local client ignore permission checks. It look like this (works for me,o nce i had ignored local permission rights)
//remote-ip/share /local-path/dir/ cifs credentials=/your-credential-file,iocharset=utf8,uid=local-user-uid,gid=local-group-id,**noperm** 0 0
Solution 2
You need to add options to force the uid and gid to the values you want on your client machine instead of the values of the server. This can be done by adding the options
uid=xxxx forceuid gid=xxxx forceguid
to your mount command.
Related videos on Youtube
John Dibling
Here's a little joke that cracks me up: So, a guy walks up to me and says, "I'm a tepee. I'm a wigwam. I'm a tepee! I'm a wigwam!" I said to him, "Relax, man. You're two tents!"
Updated on September 18, 2022Comments
-
John Dibling over 1 year
I have a FreeNAS installation running under VirtualBox. When I try to mount one of my FreeNAS shares in Ubuntu 12.10, permissions on the share prevent me from entering the directory, listing or creating files.
My intention was to provide a share where the FreeNAS
john
account has full authority, and thebarbara
andmark
accounts have read-only access. However the permissions of the mounted share pevent me from even listing the directory, let alone create or read any files there.Am I doing something wrong when mounting the share?
I will try to provide more information below.
I set up my FreeNAS according to the instructions found here. The resulting storage has permisssions as shown here:
(I know I need to tweak the write-permissions for the group.)
Under Windows7, I have no problems mounting the share:
C:\Users\John>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : Orion Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : dibnatri.net Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : dibnatri.net Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 1030 Physical Address. . . . . . . . . : [redacted] DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Tuesday, May 14, 2013 6:47:24 AM Lease Expires . . . . . . . . . . : Friday, June 20, 2149 1:24:02 PM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : dibnatri.net Description . . . . . . . . . . . : Realtek PCIe FE Family Controller Physical Address. . . . . . . . . : [redacted] DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes [snip] C:\Users\John>net use New connections will be remembered. There are no entries in the list. C:\Users\John>net use y: /user:john \\192.168.1.20\Tunes The password is invalid for \\192.168.1.20\Tunes. Enter the password for 'john' to connect to '192.168.1.20': The command completed successfully. Y:\>net use New connections will be remembered. Status Local Remote Network ------------------------------------------------------------------------------- OK Y: \\192.168.1.20\Tunes Microsoft Windows Network The command completed successfully. C:\Users\John>y: Y:\>dir Volume in drive Y is Tunes Volume Serial Number is 1D20-98EC Directory of Y:\ 05/14/2013 06:54 AM <DIR> . 05/13/2013 02:58 PM <DIR> .. 0 File(s) 0 bytes 2 Dir(s) 6,131,715,282,944 bytes free Y:\>copy con test1 sss ^Z 1 file(s) copied. Y:\>dir Volume in drive Y is Tunes Volume Serial Number is 1D20-98EC Directory of Y:\ 05/14/2013 06:56 AM <DIR> . 05/13/2013 02:58 PM <DIR> .. 05/14/2013 06:56 AM 5 test1 1 File(s) 5 bytes 2 Dir(s) 6,131,715,447,808 bytes free Y:\>type test1 sss
However, attempting to do the same under Ubuntu doesn't work as well:
[johnd:~] $ ifconfig eth0 Link encap:Ethernet HWaddr [redacted] UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:215 errors:0 dropped:0 overruns:0 frame:0 TX packets:215 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:20073 (20.0 KB) TX bytes:20073 (20.0 KB) wlan0 Link encap:Ethernet HWaddr [redacted] inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::4e80:93ff:fe0c:f3a0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2287 errors:0 dropped:0 overruns:0 frame:0 TX packets:1980 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1669164 (1.6 MB) TX bytes:761260 (761.2 KB) [johnd:~] $ sudo mount -l [sudo] password for johnd: /dev/sda5 on / type ext4 (rw,errors=remount-ro) proc on /proc type proc (rw,noexec,nosuid,nodev) sysfs on /sys type sysfs (rw,noexec,nosuid,nodev) none on /sys/fs/cgroup type tmpfs (rw) none on /sys/fs/fuse/connections type fusectl (rw) none on /sys/kernel/debug type debugfs (rw) none on /sys/kernel/security type securityfs (rw) udev on /dev type devtmpfs (rw,mode=0755) devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620) tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755) none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880) none on /run/shm type tmpfs (rw,nosuid,nodev) none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755) /dev/sda6 on /home type ext4 (rw) binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev) gvfsd-fuse on /run/user/johnd/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,user=johnd) [johnd:~] $ ls /mnt/ [johnd:~] $ sudo mkdir /mnt/tunes [johnd:~] $ ls -l /mnt/ total 4 drwxr-xr-x 2 root root 4096 May 14 07:04 tunes [johnd:~] $ ls -l /mnt/ total 4 drwxr-xr-x 2 root root 4096 May 14 07:04 tunes
Note the permissions & owner of
/mnt/tunes
above. It is about to change, though I don't know if that's expected/correct.[johnd:~] $ sudo mount -t cifs //192.168.1.20/Tunes /mnt/tunes -o rw,user=john Password: [johnd:~] $ ls -l /mnt/ total 0 drwxrwx--- 2 1001 1003 0 May 14 06:56 tunes
1001
is the uid forjohn
on my FreeNAS, and1003
is the gid forusers
there.john
should have full access.[johnd:~] 1 $ ll /mnt/tunes ls: cannot open directory /mnt/tunes: Permission denied [johnd:~] 1 $ cat>/mnt/tunes/test2 bash: /mnt/tunes/test2: Permission denied [johnd:~] 2 $
What am I doing wrong here?
-
John Dibling almost 11 yearsNote that I am comfortable in Linux, but I am by no means an expert. There is much I don't know about permissions, shares, etc.
-
rtmie almost 11 yearsYou may need to pass CIFS credentials in mount call (been a while since I worked with CIFS mounts) but check this link askubuntu.com/questions/72471/…
-
codeScriber over 10 yearsif you try as a super user can you list ? copy ? rm ?
-
BsdHelper over 10 years@John Dibling Why not create a CIFS share and NFS share on the same directory? Then you can set permissions for specific groups and add John to the writeable group and Barbara and Mark to the read-only group?
-
John Dibling over 10 years@BsdHelper: I suppose that would work for *nix clients, but Windows doesn't speak NFS and I would need read/write access from anywhere in the world. Since I posted this question I have completely abandoned FreeNAS, and taken a DIY approach. I now have a linux server running a 5 TB raid 5 array with the correct permissions set everywhere. Turns out I didn't need FreeNAS at all. Thanks for your suggestion.
-
-
John Dibling almost 11 yearsAre you sure about that? This is a CIFS share on the FreeNAS side, and is intended to be used by both Windows and Linux machines.
-
Bart.a almost 11 yearsAm I sure this will work? No, but you could try.. Yes, the freeNAS will work on windows as well.. But look at your own picture of the permissions tab, it gives you the choice between unix and windows. With unix selected why not use the standard mount protocol for unix
-
douggro over 10 yearsThis is what I experienced mounting a cifs share on my machine through
fstab
- the mount point locally has to have the accessing local user uid and gid assigned. The permissions on the NAS are secondary as long as the correct user/pass combo for the share is presented when mounting. -
esmail about 10 yearsThis is not true. If it is a CIFS/Samba share, attempting to mount it as an NFS share won't do anything. Linux does indeed have clients for mounting this type of share.