Back to #itlab main page

Migration to CIFS

As smbfs is unsupported and being removed from the Linux kernel (LKML: deprecate-smbfs-in-favor-of-cifs.patch) we should be migrating to using CIFS instead.

If you previously had smbfs mounts configured in fstab and you use local user database, i.e., administer your own workstation, the migration is not trivial. Most of the Samba servers here seem to support CIFS Unix extensions, meaning that mount options uid, gid, dmask, fmask, file_mode, dir_mode do not work. The UID, GID and file access permissions come from the server as is, and probably they are not the same you want to have on your workstation.

The solution is to forget fstab, and mount the shares as a normal user under your home directory using option noperms. Noperms disables local file access permissions checking, so the local UID, GID and permissions information can be whatever, they are ignored. You have to mount under your home directory to prevent other users on your workstation from using the shares you mounted. Otherwise they would have your identity and access rights on the share. So make sure only you can access the mount points.

Alternative Option

If you really want to have the same UID/GID semantics as in smbfs, do this:

echo 0 > /proc/fs/cifs/LinuxExtensionsEnabled

It disables the Unix extensions on client side.

How to Mount

The general form is:

mount.cifs //server/share mountpoint -o noperm,user=LUT/username

For umount you must use umount.cifs command. It seems to need the absolute path to mount point, otherwise it leaves a stale entry in /etc/mtab.

In Ubuntu, the command mount.cifs comes in the package smbfs (smb filesystem tools or such). Apparently it is not set-uid root by default, so you may need to use sudo with it. Using sudo makes the mounted files owned by root, so you need noperms options. It should be good to make it set-uid root, if you want to be able to mount as a regular user, or you do not want to use noperms.

The option noperms means, that the local file permissions are not used at all. The server will do permissions checking.

File permissions

If you need to check or change file permissions, use ssh to go to a machine, that has the share mounted via NFS. When you mount via CIFS on your workstation, the file permissions you see may have unknown user or group ids, or the permissions may be completely bogus (as with noperms option). Suitable servers are:

  • cursa.pc.lut.fi
  • laskenta1.it.lut.fi
  • laskenta2.it.lut.fi

The path there is /net/<server>/<share>/, so e.g.

ssh cursa.pc.lut.fi
cd /net/www2/projects
ls -l

Servers

Supporting Unix extensions

  • regulus.it.lut.fi
  • diso.it.lut.fi

No Unix extensions

For these servers you may want to set mount options dir_mode=00700,file_mode=00600.

  • kynnys.pc.lut.fi
  • files-tite.cc.lut.fi

Examples

pq's cmount script

cmount.doc (Download and rename to cmount and set execute permission.)

Note, that in the script www2.it.lut.fi is called just server, since it really is the server.

Put cmount to a directory, e.g. $HOME/net, and create the following directory structure under it:

.
|-- files-tite
|   |-- HOME
|   `-- tite
|-- server
|   |-- projects
|   |-- software
|   |-- temp
|   `-- www
`-- ti500433
    `-- install

Mounting works by ./cmount server/projects and umounting must be done by ./cmount -u server/projects or otherwise the mount may not be removed properly from mtab even though it is really unmounted. You can mount read-only with ./cmount -r server/projects.