Avatar of Brocklv6
Brocklv6 asked on

smbfs on Ubuntu issue

We have a simple web app that was written to basically automate a folder structure on a Windows file server. The application will authenticate A.D. users then prompt them to enter a project name (folder name). The script then  makes a copy of a "template" folder structure on the file server and renames it to the project name. Within the last couple days, nothing has changed in the script or the Apache server, the application will authenticate users and can create the root folder (project folder) but errors when trying to create the sub-folders. The error is a permissions error.

The Apache server mounts a share on the Windows server with smbfs.

On the windows file server the permissions are set to everyone and domain users {read/write} recursively from the share root down.

On the Apache server the permissions are set to {777} recursively from /mnt down.

This Apache server and Windows file server are LAN facing only, no firewalls to deal with.

Any input would be greatly appreciated.
Apache Web ServerPHPWeb Servers

Avatar of undefined
Last Comment

8/22/2022 - Mon

you can specify permissions on mount command line and fstab$/mnt smbfs default,mode=0750,uid=root,gid=httpd

//nv-nas01/shared on /mnt/SambaProjects type cifs (rw,mand)

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question


when I run:
mount -o remount,uid=root,gid=apache,mode=0750  /mnt/SambaProjects

I get an error of:
bad group name "apache"
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.

it should be what your webserver group is, so that it can read files.

I changed the following and it works correctly now:
uid=www-data gid=www-data

Thank you gheist for your help!

Just .01c on security:

No you should not let apache change it's content AT ALL (heard of defacements or sites spreading viruses?)
UID=anything but www-data
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.

I do understand. However this server does not touch the internet at all nor can client machines access anything other port 80.

Does anything on the website need to write anything ever in content directories?
I'd say no unless proven otherwise.