Mount Samba Shares on Linux
I’m always very proud how incredibly easily my Linux systems cooperate with the external world, including Windows machines.
For instance, just now, after one day of searching, sweating and swearing, I was able to mount some Windows shares onto a Debian virtual server.
For those of you who boast that one can do this with two clicks in Windows, let me tell you that
- it’s actually 6 clicks
- I also could have used Nautilus and just connect to a server
But that would have been too easy and, at the same time, too difficult to use. Have you ever seen such a Gnome gvfs mount point?
~/.gvfs/My bloody space-separated sharename on Foo
Brrrr. One wants something nice like
~/Foo
One also wants to be able to mount and unmount it as a normal user. And to have write access. And not having to enter a password, but also not to reveal it to others. One is very picky.
Before all, don’t forget to create the mount point directory manually. It shall be world-executable as well.
$ mkdir ~/Foo $ chmod 775 ~/Foo
Now let’s see the /etc/fstab entry. We’ll explain every option later.
//srv/share /home/foo/Foo cifs rw,user,credentials=/home/foo/.foo,uid=1000,gid=1000 0 0
The entries are share UNC path, mount point, file system type, options, etc.
If you miss anything from the dreaded options, you’ll get the following highly informative error message when trying the mount:
mount error(13): Permission denied
Option “rw” means read-write. Easy.
Option “user” means not only root is allowed to mount or unmount the share.
Server “srv” is in domain “bar” and shares “share” for user “baz” whose password is “spam”. We could add these options directly to fstab (username=bar,password=spam,domain=baz), but that would make it world readable. Instead the info is stored in a credentials file in Linux user foo’s home. Make sure this file is readable by foo only. Let’s see its contents too:
$ chmod 600 ~/.foo $ ls -l ~/.foo -rw------- 1 foo foo size date .foo $ cat ~/.foo username=bar domain=baz password=spam
Don’t put any whitespace around the “=” signs. There is a school of thought that there should not be any character after the end of the password, not even a newline.
And last but not least, the Linux user’s user and group IDs should be specified as well. In our case “foo” is the first normal user on this machine, that’s why it’s 1000.
Now user foo should be able to mount and unmount the above share:
$ mount ~/Foo $ umount ~/Foo