5.4 smbfs

5.4 smbfs

On Linux, the smbfs filesystem can be used to mount SMB shares onto the Linux filesystem in a manner similar to mounting disk partitions on NFS filesystems. The result is so transparent that users on the Linux system might never be aware that they are accessing files through a Windows or Samba server. Files and directories appear as any other files or directories on the local Linux system, although there are a few differences in behavior relating to ownership and permissions. ^[2]

^[2] Samba Versions 2.2.4 and later have support for Unix CIFS extensions developed by Hewlett-Packard, which add full support for Unix ownership, group , and permissions in smbfs filesystems when shared between two Samba systems. You will also need a recent version of smbfs in your Linux kernel.

Although smbfs is based on the Samba code, it is not itself part of the Samba distribution. Instead, it is included with Linux as a standard part of the Linux filesystem support.

The smbmount and smbmnt programs are part of the Samba distribution and are needed on the client to mount smbfs filesystems. Samba must be compiled with the --with-smbmount configure option to make sure these programs are compiled. They refer to smb.conf for information they need regarding the local system and network configuration, so you will need a working smb.conf file on the system, even if it is not acting as a Samba server.

5.4.1 Mounting an smbfs Filesystem

The smbmount command is used to mount an smbfs filesystem into the Linux filesystem. The basic usage is:

 #  smbmount   Share-UNC mount-point   -o   options  

Replace Share-UNC with the UNC for the SMB share, and mount-point with the full path to the directory in the Linux filesystem to use as the mount point. The options argument is used to set the exact manner in which the share is mounted. Let's look at an example of a smbmount command:

 #  smbmount //maya/e /smb/e \   -o "credentials=/home/jay/.smbpw,uid=jay,gid=jay,fmask=664,dmask=775"  

Here we are mounting share \\maya\e from a Windows 98 system on the mount point /smb/e on the Linux system.

If your Linux kernel doesn't include smbfs support, you will get the error message: ERROR: smbfs filesystem not supported by the kernel In this case, you must configure and compile a new kernel to include support for smbfs. When smbfs is installed, and an SMB share is mounted, you can run the command: $ cat /proc/filesystems and see a line that looks like: nodev smbfs in the command's output.

The mount point must exist before smbmount is run and can be created using the mkdir command:

 #  mkdir /smb/e  

The argument to the -o option might look a little complex. It is a comma-separated list of key = value pairs. The credentials key is set to the name of the credentials file, which is used to give smbmount a valid username and password with which to authenticate while connecting to the share. The format is identical to that used by smbclient (as explained in the previous section), so you can use the same credentials file for both clients . If you want, you can use the key = value pair username = name % password to specify the username and password directly in the smbmount command, although this is considerably less secure.

The smbmount command accepts the same authentication methods as smbclient . The comments in the section on smbclient regarding supplying passwords on the command line ”and keeping passwords in files and environment variables ”also apply here.

The rest of the options tell smbmount how to translate between the SMB filesystem and the Unix filesystem, which differ in their handling of ownership and permissions. The uid and gid options specify the owner and group to be assigned to all directories and files in the mounted share.

The fmask and dmask options specify bitmasks for permissions of files and directories, respectively. These bitmasks are logically ANDed with whatever permissions are granted by the server to create the effective permissions on the client Unix system. On the server side, the permissions granted depend on the server's operating system. For a Windows 95/98/Me server using share-mode security, the MS-DOS read-only attribute can be set on individual files and directories and combined with the Full Access or Read Only permissions on the share as a whole. In user -level security mode, Windows 95/98/Me can have ACL-like permissions applied to the entire share, as discussed in Chapter 4. Windows NT/2000/XP support ACLs on individual files and directories, with Full Control, Change, or Read permissions that can be applied to the entire share. If the server is a Samba server, the permissions are whatever is defined by the Samba share and the local Unix system for the individual files and directories. In every case, the permissions applied to the share act to further limit access, beyond what is specified for the individual files and directories.

You might think that the fmask and dmask permission masks can be used only to reduce the effective permissions on files and directories, but this is not always the case. For example, suppose that a file is being shared by a Windows 95/98/Me server using share-mode security and that some number of users have been given the Full Access password for the share. If the share is mounted with smbmount using an fmask of 666, read/write permissions are granted on the Unix system not only for the owner, but for everyone else on the Unix system as well!

After mounting the \\maya\d share to /smb/e , here is what the contents of /smb/e look like:

 $  cd /smb/e ; ls -l  total 47 drwxrwxr-x    1 jay      jay           512 Jan  8 20:21 CD-images drwxrwxr-x    1 jay      jay           512 Jan  6 21:50 lectures -rw-rw-r--    1 jay      jay           131 Dec 18 09:12 ms-ProfPol-wp.doc -rw-rw-r--    1 jay      jay            59 Dec 18 09:12 profile-map -rw-rw-r--    1 jay      jay           131 Jan 15 05:01 readme.txt drwxrwxr-x    1 jay      jay           512 Feb  4  2002 RECYCLED -rw-rw-r--    1 jay      jay         33969 Dec 10 20:22 smbclient.doc -rw-rw-r--    1 jay      jay          7759 Dec 10 20:20 smbmount.doc -rw-rw-r--    1 jay      jay          1914 Dec 10 20:17 smbsh.txt drwxrwxr-x    1 jay      jay           512 Jan 10 03:54 trans 

For the most part, the files and directories contained in the mounted smbfs filesystem will work just like any others, except for limitations imposed by the nature of SMB networking. For example, not even the superuser can perform the operation:

 #  chown root lectures  chown: changing ownership of 'lectures': Operation not permitted 

because SMB shares do not intrinsically support the idea of ownership. Some odd behaviors can result from this. For example, the command:

 #  chmod 777 readme.txt  

does not produce an error message, although nothing has been changed. The file readme.txt still has permissions set to 664:

 #  ls -l readme.txt  -rw-rw-r--    1 jay      jay           131 Jan 15 05:01 readme.txt 

Aside from little things such as these, the mounted smbfs filesystem can be used in conjunction with virtually any application, and you might be pleasantly surprised at how nicely it integrates with your Linux-based computing environment. You can even create symbolic links in the Unix filesystem, pointing to files and directories inside SMB shares. However, unless the server is a Samba server that supports Unix CIFS extensions, you will not be able to create a symbolic link inside the mounted smbfs filesystem.

5.4.2 Mounting smbfs Filesystems Automatically

As with other types of filesystems, an smbfs filesystem can be mounted automatically during system bootup by creating an entry for it in /etc/fstab . The format for the entry is as follows :

   Share-UNC mount-point   smbfs   options   0 0 

Replace Share-UNC with the UNC of the share (using the forward slash format), and replace mount-point with the name of the directory in the Linux filesystem on which the share will be mounted. In place of options , simply use the string that you used with the -o flag in the smbmount command.

Once you have found the arguments to use with the smbmount command to mount the share the way you like it, it is a very simple matter to create the entry for /etc/fstab . The smbmount command we used to mount the share \\maya\e on /smb/e would translate to this /etc/fstab entry:

 //maya/e /smb/e  smbfs   credentials=/home/jay/.smbpw,uid=jay,gid=jay,fmask=664,dmask=775 0 0  (Please note that this should all go on one line.)  

If you make a mistake in modifying /etc/fstab , your system might not reboot properly, and you might be forced to boot into single-user mode to fix the problem. Before you edit /etc/fstab , be sure to make a backup copy of it, and be prepared to recover your system if anything goes wrong.

Once the entry has been added, the system will automatically mount the share when booting. Or, the system administrator can manually mount or unmount the share with commands such as these:

 #  mount /smb/e  #  umount /smb/e  

It is possible to use mount and umount by giving them the UNC for the share using forward slashes , as in our /etc/fstab entry. However, be careful about this. A share might be listed more than once in /etc/fstab so that it can be mounted at more than one place in the Linux filesystem. If you use the UNC to specify the share you wish to mount or unmount, you might cause it to be mounted or unmounted at another mount point from the one you intended.

5.4.3 Common smbmount Options

Table 5-1 lists key = value pairs that can be used with the -o option of smbmount or in the options field of the /etc/fstab entry for the smbfs filesystem. See the smbmount manual page for a complete list of options.

Table 5-1. smbmount options