Solved

Ubuntu CIFS mount permission issue

Posted on 2013-06-18
28
751 Views
Last Modified: 2013-07-05
Ubuntu 12.04, mapping a cifs mount in fstab;

//10.2.1.72/MIS /media/mis cifs username=blahblah,password=blahblah,iocharset=utf8,sec=ntlm  0   0

It successfully mounts the folder, however I have nothing more than Read-Only access.  The user I am using the map this has Full Control on this CIFS share off my Netapp.  Share permissions on this is Everyone-Full Control.  I'm unsure of where to look next.
0
Comment
Question by:Ben Hart
  • 16
  • 12
28 Comments
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39257938
Have you try the username with net use?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39257969
Not specifically with 'net use', but I use the credentials logging into the windows vm on this ubuntu host.  All of my drives including these map in the vm.
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39258155
What about NTFS permission on the share? net use is a windows commands. You can use it to verify rw access on the windows box, logging in with vm do not necessary means it has access to the share.

1. Check permission on the windows machine -
net use * //10.2.1.72/MIS /user:username

Open in new window

2.Check permission on the linux box -
ls -lah /media/mis  

Open in new window

0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39259184
The VM is a P2V of my old workstation here at work, and yes it can access the shares without an issue.. read and write access.  Much of what I use supporting the 150 users here resides in that VM so I use and access those shares multiple times daily.

I followed the advice here on setting these mounts up: https://wiki.ubuntu.com/MountWindowsSharesPermanently

Would it be better to use NFS?
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39260456
Can you provide the output for the following -

ls -lah /media/mis 
mount

Open in new window

0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39260518
ls -lah /media/mis
total 44K
drwxr-xr-x 2 root root    0 Jun 14 09:42 .
drwxr-xr-x 9 root root 4.0K Jun 19 14:17 ..
drwxr-xr-x 0 root root 8.0K May 29 16:18 documents
drwxr-xr-x 0 root root 4.0K May 28 11:42 Drivers
drwxr-xr-x 0 root root 4.0K Mar 20 09:36 pull
drwxr-xr-x 0 root root  16K Jun 18 15:45 Software
drwxr-xr-x 0 root root 4.0K Jun 13 10:20 Transfer


 mount
/dev/sda1 on / type ext4 (rw,errors=remount-ro)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/shm type tmpfs (rw,nosuid,nodev)
rpc_pipefs on /run/rpc_pipefs type rpc_pipefs (rw)
//10.2.1.72/MIS on /media/mis type cifs (rw)
//10.2.1.53/Departments on /media/Departments type cifs (rw)
//10.2.1.95/users on /media/bhart$ type cifs (rw)
//10.1.1.202/mis$ on /media/mss-mis$ type cifs (rw)
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39260520
Also just for giggles I changed the NTFS permissions to include everyone modify.  Share permissions are still everyone Full Control.
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39260526
Does the user doing the mount have permission writing to /media/mis ?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39260536
If it didnt then I couldnt mount right?  Since mounting writes to the folder?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39260561
Actually /media was root owned.  I changed that to myself, then each subfolder was root owned.  I umounted then deleted all of those since initially I did create them using 'sudo mkdir'.  I remounted everything and now in Nautilus all of the subfolders of mis, or Departments or mss-mis$ are showing locked.

Would it be best to forget the cifs stuff and re-do them all using NFS?
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39263054
It depends. Do you have any Windows clients using the CIFS share?
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39263064
Try to do the mount with root. It sounds like a permission issue within the linux box.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39263108
I am forced to sudo mount every time...
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39263172
Doesn't look like these directories are writable except for root -

ls -lah /media/mis
total 44K
drwxr-xr-x 2 root root    0 Jun 14 09:42 .
drwxr-xr-x 9 root root 4.0K Jun 19 14:17 ..
drwxr-xr-x 0 root root 8.0K May 29 16:18 documents
drwxr-xr-x 0 root root 4.0K May 28 11:42 Drivers
drwxr-xr-x 0 root root 4.0K Mar 20 09:36 pull
drwxr-xr-x 0 root root  16K Jun 18 15:45 Software
drwxr-xr-x 0 root root 4.0K Jun 13 10:20 Transfer

Open in new window

0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 14

Author Comment

by:Ben Hart
ID: 39263574
part of my issue.  I manually created each one of those folders.  But I guess after the mount is changed the permissions.  I don't know enough about Linux to take an educated guess.

Would thing be better if I forgo CIFS and use NFS?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39263589
As a test I altered the credentials used in fstab from my domain account to the domain administrator's.  Before hand doing a sudo umount -a then after editing and saving fstab a sudo mount -a and I still do not have write/modify permissions to any subfolder of the MIS mapping.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39264097
i moved the mount point from /media to /home/username/mounts and created all new folders so they'd all have my user with RW rights.  remounted from fstab and still no RW access.
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39264200
>>Would thing be better if I forgo CIFS and use NFS?
Do you have any Windows clients using the CIFS share?

Can you post the output for mount and ls -lah  /home/username/mounts?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39265734
There's a few windows clients using these share specifically.  Including my windows 7 virtual machine :)

Mount:
mount
/dev/sda1 on / type ext4 (rw,errors=remount-ro)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/shm type tmpfs (rw,nosuid,nodev)
rpc_pipefs on /run/rpc_pipefs type rpc_pipefs (rw)
//10.1.1.202/mis$ on /home/bhart/mounts/mss-mis$ type cifs (rw)
//10.2.1.72/MIS on /home/bhart/mounts/mis type cifs (rw)
//10.2.1.53/Departments on /home/bhart/mounts/Departments type cifs (rw)
//10.2.1.95/users on /home/bhart/mounts/bhart$ type cifs (rw)

 ls -lah
total 16K
drwxrwxr-x  7 bhart bhart 4.0K Jun 20 16:02 .
drwx------ 54 bhart bhart 4.0K Jun 21 08:51 ..
drwxr-xr-x  2 root  root     0 Mar 26 20:37 bhart$
drwxr-xr-x  2 root  root     0 Jan 17 08:41 Departments
drwxr-xr-x  2 root  root     0 Jun 14 09:42 mis
drwxr-xr-x  2 root  root     0 Jun 20 09:31 mss-mis$
drwxrwxr-x  2 bhart bhart 4.0K Jun 20 16:01 Shared


I hand crafted each folder, then after the first mount the ownership changed.
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39269994
The directories have permission of 755 and only root can write to it. This appears to be the problem why you are unable to write to it.

You can migrate them to NFS , if you have more Linux clients than Windows users, but you  would need to install NFS services on Windows clients.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39271155
I probably didn't explain it well enough, the source data is on a Netapp SAN.  This MIS folder for example has always been a CIFS share, however in testing my mount issues I created an NFS export of it.

I'm able to mount it via CIFS but cannot write to it.  I created the /mounts folder myself and had full control on them until I ran the mount command.  The permissions changed at that moment for whatever reason.

I've asked if it'd be better to use NFS but didn't get a response, I went ahead and tried and cannot mount them via NFS.  I get an access denied even though R/W is open to All hosts and Root permissions has the current ip address of my system.

I was getting the Special Device error for a few days before this.
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39272011
The default mask for the directory is 022, can you ask whoever has root permission to change them? Or ask them to check if they can write to the CIFS share.

Please open a new question if you want to setup NFS, it is beyond the scope of this question.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39282325
Thanks Maz, I'll stick to CIFS.

Anyway like I've said above the same credentials (username/password) on a windows machine and I can both access and write to those shares.  Everything I can see all points to a linux difference of some sort.
0
 
LVL 21

Accepted Solution

by:
Mazdajai earned 500 total points
ID: 39286081
So, have you ever tried to  mount it as root?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39301760
I've always had to sudo mount them if that's what you're asking.  SU them mounting?  No.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 39301765
I would up formatting this drive and moving back to windows.  Too many little issues that makes using Linux at work as a primary machine impossible.

Thanks for you're help Maz.. I will award you the points for helping me.
0
 
LVL 14

Author Closing Comment

by:Ben Hart
ID: 39301767
Max did not resolve my issue but he spent alot of time on it.
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39301866
ubadmin, I think we are close to solving this issue as this appears to me that it is a rights issue.

I understand setting samba can be a daunting task, take a look of SWAT - Samba Web Administration Tool if you have a chance. It is one of the GUI I recommend to use.

Good luck.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

The purpose of this article is to demonstrate how we can use conditional statements using Python.
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now