Solved

smbfs on Ubuntu issue

Posted on 2014-03-13
9
320 Views
Last Modified: 2014-03-14
We have a simple web app that was written to basically automate a folder structure on a Windows file server. The application will authenticate A.D. users then prompt them to enter a project name (folder name). The script then  makes a copy of a "template" folder structure on the file server and renames it to the project name. Within the last couple days, nothing has changed in the script or the Apache server, the application will authenticate users and can create the root folder (project folder) but errors when trying to create the sub-folders. The error is a permissions error.

The Apache server mounts a share on the Windows server with smbfs.

On the windows file server the permissions are set to everyone and domain users {read/write} recursively from the share root down.

On the Apache server the permissions are set to {777} recursively from /mnt down.

This Apache server and Windows file server are LAN facing only, no firewalls to deal with.

Any input would be greatly appreciated.
0
Comment
Question by:Brocklv6
  • 5
  • 4
9 Comments
 
LVL 61

Expert Comment

by:gheist
ID: 39928847
you can specify permissions on mount command line and fstab

1.1.1.1:/c$/mnt smbfs default,mode=0750,uid=root,gid=httpd
0
 

Author Comment

by:Brocklv6
ID: 39929580
//nv-nas01/shared on /mnt/SambaProjects type cifs (rw,mand)
2014-03-14-8-39-18.png
0
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
ID: 39929614
mount -o remount,uid=root,gid=apache,mode=0750  /mnt/SambaProjects

that should do the trick right away, then enter respective parameters into /etc/fstab
0
 

Author Comment

by:Brocklv6
ID: 39929657
@gheist,

when I run:
mount -o remount,uid=root,gid=apache,mode=0750  /mnt/SambaProjects

I get an error of:
bad group name "apache"
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 61

Expert Comment

by:gheist
ID: 39929677
it should be what your webserver group is, so that it can read files.
0
 

Author Closing Comment

by:Brocklv6
ID: 39930183
I changed the following and it works correctly now:
uid=www-data gid=www-data

Thank you gheist for your help!
0
 
LVL 61

Expert Comment

by:gheist
ID: 39930601
Just .01c on security:

No you should not let apache change it's content AT ALL (heard of defacements or sites spreading viruses?)
UID=anything but www-data
0
 

Author Comment

by:Brocklv6
ID: 39930608
I do understand. However this server does not touch the internet at all nor can client machines access anything other port 80.
0
 
LVL 61

Expert Comment

by:gheist
ID: 39930703
Does anything on the website need to write anything ever in content directories?
I'd say no unless proven otherwise.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now