Project88.Mount Shares


Project 88. Mount Shares

"How do I access files shared from another Mac or a Unix Machine?"

This project shows you how to mount a share exported from another machine. It gives examples of mounting an AFP (Apple Filing Protocol) share exported by Apple's AppleShare, which is the default method of sharing files between Mac OS machines. Then the project shows you how to mount an NFS (Network File System) share. NFS is the industry-standard method of sharing files between Unix machines and is supported by Mac OS X's Unix core.

Switch on File Sharing

Before we mount a share on a client, we must enable file sharing on the server. To enable AppleShare, simply switch on file sharing by checking Personal File Sharing in System Preferences, pane Sharing, and tab Services. Mac OS X does not naturally export NFS shares the way it does AFP shares, but Project 89 shows you how to configure your Mac to be an NFS server.

Mount an AFP Share

You're probably familiar with mounting an AppleShare share from the Finder. Shares are shown by the Network icon in the top-left pane; you can also mount them by choosing Go > Connect to Server.

Naturally, a share can be mounted from the command line, too, via the mount command. To illustrate this, we'll mount an AppleShare share, choosing the home directory of user jan from the host (server) saruman.local. The syntax to mount an AppleShare share is

mount -t afp afp://user:password@host/share mount-point


By default, the share takes on the name of the user account.

Here's our first attempt at mounting the share:

$ mount -t afp afp://jan:pass@saruman.local/jan ~/jan mount: realpath /Users/saruman/jan: No such file or dire...


That failed because we did not create the mount point at which the share was to be mounted~/jan, in this example. The mount point is a directory that will contain all the files and directories of the share. (The files won't be physically copied, of course, but they will appear to be in that directory on the local machine.) You may create the directory at any point in the file system. We choose to mount jan (no sniggering, please) in the directory jan in our home directory. We type

$ mkdir ~/jan $ mount -t afp afp://jan:pass@saruman.local/jan ~/jan mount_afp: the mount flags are 0000 the altflags are 0020


Tip

The command mount_afp is equivalent to mount -t afp. Read its man page by typing

$ man mount_afp



Let's check that the mount was successful by listing the mount-point directory, which should show the files from the mounted share.

$ ls ~/jan Desktop      Library    Music      Public Documents    Movies     Pictures   Sites


Use the mount command with no arguments to list all currently mounted file systems. We see our recently mounted share at the end of the list.

$ mount ... afp_3vZVCw00srIR1Tstev72sQ5-1.2d000015 on /Users/saruman/jan  (nodev, nosuid, mounted by saruman)


Tip

The mount command reports that options such as nodev and nosuid are disabled; that's a security measure. Mount a volume as the root user to have those options enabled, and check the man page for mount to learn more about them. The SUID bit is explained by "The s-bit" in Project 8.


Access Shares Mounted by the Finder

When we mount a share with the mount command, we specify the directory at which the share is to be mounted. We have no such control of a share mounted by the Finder: It will always appear in a directory named /Volumes/name-of-share.

Unmount a Share

To unmount a share, use the umount command naming the mount point.

$ umount ~/jan


There's no harm in leaving the mount-point directory for use the next time you mount the volume, but you may want to get rid of it. Depending on your version of Mac OS X, you may find that the Finder has already, and rather presumptuously, removed it for you.

Learn More

"Hide History" in Project 48 shows you how to prevent sensitive commands, such as those that include passwords, from being recorded in the command-line history.


Mount an NFS Share

As with AFP shares, you mount NFS shares from the Network icon in the top-left pane of the Finder or by choosing Go > Connect to Server.

Learn More

Project 66 discusses file systems, and Project 68 shows you how to mount and unmount a local volume.


From the command line, we mount NFS shares in much the same way as we mount AFP shares. One crucial difference is the method of authentication employed to ascertain file permissions. AFP requires a username and password just like a standard login. NFS compares user and group IDs (UIDs and GIDs), and assumes consistent UID and GID allocation across the server and all client machines. (In other words, your user account on all machines must be assigned identical UID and primary GIDs.)

Learn More

Project 7 explains users, groups, UIDs, and GIDs.


This assumption holds true in a well-controlled network where a central server performs authentication, but not necessarily in an ad-hoc network. If your user accounts on the client and server machines are each assigned different UIDs (or GIDs), you'll not gain access to your own files on the server. Even worse, another user whose client credentials happen to match those of your account on the server will have access to your files. NFS is not designed for use in ad-hoc or hostile environments.

Assuming compatible IDs, let's mount an NFS share from the host sauron (IP address 10.0.2.3). The sauron host exports the directory /Users as a share called Users. We'll mount the share at the mount point /sauron on the client. The syntax for mounting an NFS share is

mount -t nfs host:/share mount-point


In this example, we choose to mount the share as the root user because we are mounting a system-level share (The directory /Users is owned by the system.)

$ sudo -s Password: # mkdir /sauron # mount -t nfs -o nosuid 10.0.2.3:/Users /sauron


Learn More

Refer to "How to Become the Root User" in Project 2 for more information on the sudo command.


Warning

Mounting a share as the root user has security implications. Malicious users can take advantage of executables with the SUID or GUID bits set (called suid executables and explained in "The s-bit" in Project 8) to escalate their permissions. It's advisable to specify the option -o nosuid to the mount command to disable the effect of the s-bit, especially when you're mounting the user account space or any directory to which nonprivileged users can write. If you are mounting shares that have legitimate suid programs, such as those in /bin, /sbin, and /usr, don't specify the option.


Once mounted, the share is accessible from the directory /sauron. List this directory, and you'll see all the user directories that reside on the host sauron.

$ cd /sauron $ ls -l total 24 drwxrwxrwt  5  root     wheel    170  Jul 16  11:54  Shared drwxr-xr-x 16  loraine  loraine  544  Jul  3  17:35  loraine drwxr-xr-x 26  saruman  saruman  884  Sep  6  11:19  saruman drwxr-xr-x 14  505      505      476  Aug 26  15:49  sharing


You'll notice that the directory sharing is shown with numeric user and group IDs of 505. This is because the server sauron has a user and group called sharing with a UID and GID of 505, but the client does not. Therefore, the client cannot map IDs to names. However, both client and server have the two user accounts saruman and loraine with consistent ID-to-name mappings.

Learn More

Project 8 covers file permissions and the s-bit.


Warning

NFS does not support HFS+ resource forks. When you copy files using NFS, all such metadata is lost.


Learn More

Refer to the projects in Chapter 4 if you are not familiar with using any of the Unix text editors.


Unmount a Share

To unmount an NFS share, use the umount command.

# umount /sauron


If the umount command reports the device as busy, check that no files are open and that your current working directory is not in the mounted share.

Automount Shares

By adding an appropriate entry to the file /etc/fstab, we cause the client to mount an NFS share automatically when it boots. You must edit the file as the root user, creating it if it does not already exist. To automount the share /Users, we would add the entry

sauron.local:/Users /sauron nfs -b,-i,-P 0 0


We used a hostname instead of an IP address in this example.

Show in the Finder

Mounting an NFS volume with the Unix mount command does so behind the Finder's back. To get the mounted volume to show up in the Finder, refresh the list of mounted volumes by typing

$ disktool -r





Mac OS X UNIX 101 Byte-Sized Projects
Mac OS X Unix 101 Byte-Sized Projects
ISBN: 0321374118
EAN: 2147483647
Year: 2003
Pages: 153
Authors: Adrian Mayo

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net