| |

Configuring AutoFS to automount CIFS with UID/GID mapping

Byetzion

This article is about configuring auto.smb correctly, and setting per-UID/GID mount of CIFS.

For those who are not familiar with auto.net, this mount attempts to run inventory on remote NFS shares just by selecting the server. For example: when you enable /etc/auto.net is in /etc/auto.master, and activate autofs, you can see under /net/srv1 all the NFS shares it exposes.

CIFS (SMB) has a similar mechanism, and these are the steps that to run in order to make it work.

Install the required packages:

For RHEL/OEL/Rocky/Alma version 9 (or 9.x), install the following packages:

sudo dnf install -y autofs cifs-utils samba-client

Create a credentials file in /etc/creds/<name of server>

Replace <name of server> with the netbios name (or short DNS) name of the CIFS server. If needed – create the directory /etc/creds. The content of the file should look like this:

username=myuser
password=mypassword
domain=MYDOMAIN

Make sure that the file has rw for root only (600) permissions.

Add a matching line in /etc/auto.master

Add a line in /etc/auto.master as shown in the example below and restart to the autofs service: 

/cifs  /etc/auto.smb  --timeout=300

Listing files in /cifs/srv1 (if ‘srv1’ is the server’s name, and there is a credentials files for it in /etc/creds/srv1) would show the list of shares it exposes. Otherwise, the directory /cifs will be empty.

This configuration works well, but the mount is done as the root user. In theory, auto.smb should obtain the credentials (UID/GID) of the calling user, and map them. This would have worked if the script hadn’t a bug in it.

Mount CIFS shares mapped to the UID/GID of the first user to access them

To allow non-root mapped access, we should add two lines just under the shebang (just below ‘#!/bin/bash’ first line):

GID=${AUTOFS_GID}
UID=${AUTOFS_UID}

I recommend that you copy the file to auto.smb2 or else it may be erased by updates.

After the copy/rename, update the settings in /etc/auto.master to match (/etc/auto.smb2 instead of /etc/auto.smb) and restart the autofs service.

Conclusion

This specific fix permits access to the user to the share. This will not solve multiple users attempting to access the same share, but for a single service-oriented server with the need to have CIFS access to a remote share, and with the ever-surprising Windows reboot – autofs can be a good solution and work well.

Related posts:

  1. Preventing AutoFS from slowing down the system
  2. Easy Guide to Using AutoFS to Connect to Windows CIFS Shares
  3. Multiple users with the same UID/GID

Powered by YARPP.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.