[SOLVED] Disable forgegid when mounting cifs with pam_mount

Kernels & Hardware, configuring network, installing services

[SOLVED] Disable forgegid when mounting cifs with pam_mount

Postby IlikeBörek » 2020-07-21 11:35

Dear all,

i use pam_mount to mount a cifs share. As the share contains directories that are readable for different groups i need to be sure that new files/directories are created with different gid, depending on the default ACLs on the server. Problem is: cifs_mount mounts samba shares always with the forcegid-option, so all new files and dirs are created with the same group.


In greater detail:

Clients and server with Debian Stretch.

The clients mount cifs share via pam_mount, pam_mount.conf.xml says:

Code: Select all
<volume options="uid=%(USER)" user="*" mountpoint="/mnt/%(USER)/my_mountpoint" path="my_path" server="192.168.0.254" fstype="cifs" />


Mounting on login works:
Code: Select all
# mount   | grep my_mountpoint
//192.168.0.254/my_path on /mnt/user/my_mountpoint type cifs (rw,relatime,vers=1.0,cache=strict,username=user,domain=MY_DOMAIN,uid=1000,forceuid,gid=513,forcegid,addr=192.168.0.254,unix,posixpaths,serverino,mapposix,acl,rsize=1048576,wsize=65536,echo_interval=60,actimeo=1)


But: pam_mount always sets the option forcegid. As you can see in the output of "mount" above.

I tried both of the following:
Code: Select all
<volume options="uid=%(USER) noforcegid" user="*" mountpoint="/mnt/%(USER)/my_mountpoint" path="my_path" server="192.168.0.254" fstype="cifs" />


Code: Select all
<volume options="uid=%(USER)" user="*" mountpoint="/mnt/%(USER)/my_mountpoint" path="my_path" server="192.168.0.254" fstype="cifs" options="noforcegid" />


The first one refuses to mount without error code, the second one does not mount either and leads to the error message:
Code: Select all
/etc/security/pam_mount.conf.xml:18: parser error : Attribute options redefined
auf_samba" path="bwt" server="192.168.0.254" fstype="cifs" options="noforcegid"
                                                                               ^
(rdconf1.c:388): libxml detected a syntax error in /etc/security/pam_mount.conf.xml


I also tried
Code: Select all
mount -o remount,noforcegid /mnt/user/my_mountpoint

No error code, but still forcegid is set.

Any Idea how I can disable the forcegid-option when mounting a cifs-share with pam_mount?


Any Idea what I can do to disable forcegid?
Last edited by IlikeBörek on 2020-07-27 18:08, edited 1 time in total.
IlikeBörek
 
Posts: 8
Joined: 2017-09-29 20:42

Re: How can I disable forgegid when mounting cifs with pam_m

Postby IlikeBörek » 2020-07-27 18:07

Sometimes i act incredibly stupid.
It's options="noforcegid,uid=%(USER)", not "options="noforcegid uid=%(USER)"
IlikeBörek
 
Posts: 8
Joined: 2017-09-29 20:42


Return to System configuration

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable