Loginscript to mount SMB shares [SOLVED]

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
Post Reply
Thomsus
Level 1
Level 1
Posts: 4
Joined: Mon Mar 13, 2017 5:26 pm

Loginscript to mount SMB shares [SOLVED]

Post by Thomsus » Thu Jan 03, 2019 5:13 am

I have a bash script with commands to mount a number of SMB shares from a Samba server.

The script works fine when executed in terminal this way:

Code: Select all

/home/thomsus/Documents/mapmydrives.sh
...as I have made it executable via chmod +x

This script file contains a number of mount lines like this:

Code: Select all

#!/bin/bash
sudo mount -t cifs //192.168.0.10/Share1 /home/thomsus/MyMountfolders/Share1here/ -o credentials=/etc/cifspwd,uid=thomsus
Now I manually have to execute this script upon every logon. In order to automate this, I have tried adding it to Mint's Startup Applications with no effect. So I created a soft link in profile.d like this:

Code: Select all

sudo ln -s /home/thomsus/Documents/mapmydrives.sh /etc/profile.d/mapmydriveslink.sh
...but this screws up the logon process (prompts me for logon over and over, for ever. The fix is to restart the computer, boot via media, and remove the sumbolic link in terminal, and finally reboot normally).
Besides, this profile.d, similar to editing the fstab file, both share the fact, that all local users get affected. I'm looking for a single-user solution.

Any ideas?
Last edited by Thomsus on Sat Jan 12, 2019 3:40 pm, edited 1 time in total.

ugly
Level 3
Level 3
Posts: 192
Joined: Thu Nov 24, 2016 9:17 pm

Re: Loginscript to mount SMB shares

Post by ugly » Thu Jan 03, 2019 7:33 pm

My initial guess would be that you're running a command with sudo so you would need to enter your password. So, the script is attempting to run at startup and then fails when it would ask for a password. When you run your mapmydrives.sh script do you need to enter your password?

sgtor
Level 4
Level 4
Posts: 213
Joined: Sat May 13, 2017 9:39 pm

Re: Loginscript to mount SMB shares

Post by sgtor » Thu Jan 03, 2019 9:59 pm

You should add the mounts to your fstab file.

Try this, add it to /etc/fstab

Code: Select all

//192.168.0.10/Share1/ /home/thomsus/MyMountfolders/Share1here/ cifs nofail,vers=1.0,uid=thomsus,gid=thomsus,iocharset=utf8,file_mode=0644,dir_mode=0777,perm,credentials=/etc/cifspwd 0 0
Extra drives mounted from fstab usually go under the /mnt directory so you could change

Code: Select all

/home/thomsus/MyMountfolders/Share1here/ 
to something like

Code: Select all

/mnt/Share1here/ 

Thomsus
Level 1
Level 1
Posts: 4
Joined: Mon Mar 13, 2017 5:26 pm

Re: Loginscript to mount SMB shares

Post by Thomsus » Fri Jan 04, 2019 3:46 am

Hi guys.

I'm using Sudo because I'm forced to, as mount does not work without sudo :(
Credentials to access the Samba shares are in a separate file, thus not typed in this file, but by a link to the credentials file. Not highly secure, but a bit more secure than having them in /etc/fstab. An additional benefit is not having to type credentials in each mount line.

Using /etc/fstab works, expect it affects all users on the workstation. I was looking for a per-user way to do this. It has been possible in Windows since Win NT, not possible in Linux?

sgtor
Level 4
Level 4
Posts: 213
Joined: Sat May 13, 2017 9:39 pm

Re: Loginscript to mount SMB shares

Post by sgtor » Fri Jan 04, 2019 6:37 am

Hi Thomsus

fstab is the way to do it and from there you need to use permissions to protect what you need to protect.

for sure you need to protect the password file.

Code: Select all

chmod 600 /etc/cifspwd
chown root /etc/cifspwd
chgrp root /etc/cifspwd
And then change these in the line that goes into fstab.

Code: Select all

uid=thomsus,gid=thomsus
file_mode=0600,dir_mode=0700
That gives your username(owner) rw permission on the files and rwx permission on the directories and everyone else no permission, except root of course which has access to all files on the system.

IMHO using fstab is the "correct" way to do this.

User avatar
AndyMH
Level 6
Level 6
Posts: 1459
Joined: Fri Mar 04, 2016 5:23 pm
Location: Wiltshire

Re: Loginscript to mount SMB shares

Post by AndyMH » Fri Jan 04, 2019 6:43 am

IMHO using fstab is the "correct" way to do this.
Agreed, it's what I've done. Additionally, I've mounted my NAS in /media - it is 'removable' and has the advantage of showing up in the removable drives icon in the panel - so easy to get at.
Homebrew i5-8400+GTX1080 Cinnamon 19.0, Thinkpad T430 i7-3632 Cinnamon 19.0, Thinkpad T420 Cinnamon 18.3, Thinkpad T410 Cinnamon 17.3, Thinkpad T60 19.0 Mate

sgtor
Level 4
Level 4
Posts: 213
Joined: Sat May 13, 2017 9:39 pm

Re: Loginscript to mount SMB shares

Post by sgtor » Fri Jan 04, 2019 7:01 am

AndyMH wrote:
Fri Jan 04, 2019 6:43 am
IMHO using fstab is the "correct" way to do this.
Agreed, it's what I've done. Additionally, I've mounted my NAS in /media - it is 'removable' and has the advantage of showing up in the removable drives icon in the panel - so easy to get at.
Nice tip, I didn't think of that but I just tried it and it's nice to have those directories show up there. I think I'll keep it setup that way. :)

Edit:
I just did a bit of research and it turns out you can mount it under /mnt and use this in your fstab line to have it show up under Devices in caja.

Code: Select all

x-gvfs-show,x-gvfs-name=Sharetest
That should work for any directory at all plus you can name it anything you want separately from what the mount directory name is.
ps I don't advise using /home/username/whatever to mount drives in though.

User avatar
AndyMH
Level 6
Level 6
Posts: 1459
Joined: Fri Mar 04, 2016 5:23 pm
Location: Wiltshire

Re: Loginscript to mount SMB shares

Post by AndyMH » Fri Jan 04, 2019 7:56 am

Thanks for your tip :D
Homebrew i5-8400+GTX1080 Cinnamon 19.0, Thinkpad T430 i7-3632 Cinnamon 19.0, Thinkpad T420 Cinnamon 18.3, Thinkpad T410 Cinnamon 17.3, Thinkpad T60 19.0 Mate

altair4
Level 19
Level 19
Posts: 9500
Joined: Tue Feb 03, 2009 10:27 am

Re: Loginscript to mount SMB shares

Post by altair4 » Fri Jan 04, 2019 8:13 am

I'm using Sudo because I'm forced to, as mount does not work without sudo :(
You can mount without being sudo but not the way you are doing it. If you put your line in fstab with the user and noauto options:
//192.168.0.10/Share1 /home/thomsus/MyMountfolders/Share1here/ cifs credentials=/etc/cifspwd,uid=thomsus,user,noauto 0 0
To mount it all you have to issue is: mount /home/thomsus/MyMountfolders/Share1here
Using /etc/fstab works, expect it affects all users on the workstation. I was looking for a per-user way to do this.
This part I don't quite understand. Your credentials file is in /etc/cifspwd so all users would be using the same credentials. Am I missing something?

If you want multiple users to access shares using their own credentals you have two options - um ... - you have at least two options depending on why you are doing this:

The easy way: Using Gigolo GUI to Mount Remote Samba Shares
This will automatically mount the share at login if the server is present or wait until the server is present and then mount. Each user will supply his own credentials which can be remembered "forever" in an encrypted file. The downside is you have no control of the mount point. It will mount under the gvfs mountpoint: /run/user/$UID/gvfs

The hard way: Using AutoFS to Mount Remote Samba Shares

Click on the For more templates link at the bottom of the first page to see how you can create a cifs mount that will use each users own credentials to mount a share.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.

altair4
Level 19
Level 19
Posts: 9500
Joined: Tue Feb 03, 2009 10:27 am

Re: Loginscript to mount SMB shares

Post by altair4 » Fri Jan 04, 2019 8:35 am

A note on the use of x-gvfs-show together with user / noauto:

If you create a generic fstab statement of the form:
//server/share /mountpoint cifs username=xxx,password=yyy,uid=1000,user,noauto 0 0

If the mountpoint is under /media or your home directory a link is created on the side panel of your file manager automatically. It's true that using x-gvfs-show with a mountpoint anywhere else will have the same affect but there is one big difference.

When the mount point is under /media OR $HOME the link is actionable. Clicking on the link induces a udisks response and the system will go to fstab to find out how to mount it.

When the mount point is under /mnt but using x-gvfs-show there is a link on the side panel but it does not induce a udsks response under these conditions.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.

ugly
Level 3
Level 3
Posts: 192
Joined: Thu Nov 24, 2016 9:17 pm

Re: Loginscript to mount SMB shares

Post by ugly » Fri Jan 04, 2019 8:31 pm

Thomsus wrote:
Fri Jan 04, 2019 3:46 am
I'm using Sudo because I'm forced to, as mount does not work without sudo :(
And I think that is your issue. Your script is being executed at startup. And because no password is being supplied, it fails.

One way to work around this is to allow a user to execute a command without the password. Although, I'm not sure if this method is the smartest way to do this.

You can try:

Code: Select all

sudo visudo
At the end of the file there is a section that reads
#includedir /etc/sudoers.d
Below that line you can add which users you want to enable to run a command without the password. So you should be able to add:

Code: Select all

thomsus ALL = NOPASSWD: /sbin/mount.cifs
This should allow the thomsus user to run mount cifs without entering a password.

Thomsus
Level 1
Level 1
Posts: 4
Joined: Mon Mar 13, 2017 5:26 pm

Re: Loginscript to mount SMB shares

Post by Thomsus » Sat Jan 12, 2019 3:39 pm

altair4 wrote:
Fri Jan 04, 2019 8:13 am
This part I don't quite understand. Your credentials file is in /etc/cifspwd so all users would be using the same credentials. Am I missing something?
No wonder that location of the password file attracts your attention. Since /etc/fstab is not user specific, logically any user's password file should not be in any user's home directory, therefore I put it in /etc/. However, since it contains a specific user's credentials, maybe it should be in that specific users /home dir anyway, where it can be encrypted (if encryption was enabled during install). What a dilemma :-)
I have tried placing it in the user's home dir, in which case the drives are not mapped/mounted automatically during boot. So we're back to using the noauto option, perhaps with the password file in the users home dir, but since the user has to execute a mount command upon every logon, then the only thing achieved is not having to use SUDO.

I have tried something else. In /etc/fstab, I just tried adding:
uid=/home/$USER/uid.txt,gid=/home/$USER/uid.txt
...hoping it would provide a way for a per-user uid file, specifying a username, but I get an error, ie the $USER does not resolve to the username of the user attemting "mount -a". It also seems fstab only accepts a username, not a file to look up the username in. So this was a dead end. Besides, if the crendentialsfile is encrypted, it may not work anyway.

This leaves me with autofs.
I have set it up and it works perfect.
I found several different web sites with their own description of how to configure autofs, but the one you linked to, worked like a charm. Thumbs up!
The only thing that cheated me, was not having RW access to the files, despite having had that, when mounting with fstab or via a mount command in terminal. I realized that uid=1234 and gid=1234 in autofs are for the local users, not for users on the samba server.

Post Reply

Return to “Other networking topics”