Score:2

How do I check a remote file systems mount permissions?

us flag

I'm mounting a test server to a shared filesystem at work. It's a cifs mount so im looking at this reference page: https://linux.die.net/man/8/mount.cifs

I want to try and mount in a "know as little as possible" manner to keep people from fudging with the shared filesystem from a test server. So in the docs I see:

uid=arg sets the uid that will own all files or directories on the mounted filesystem when the server does not provide ownership information. It may be specified as either a username or a numeric uid. When not specified, the default is uid 0. The mount.cifs helper must be at version 1.10 or higher to support specifying the uid in non-numeric form. See the section on FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS below for more information.

Sounds good. But here's my question:

  • How do I check if the server provides ownership information, and if so, how do I found what it actually is?

Bonus question:

  • Whats the point of offering permissions when you can just override them to file_mode=0777,dir_mode=0777?
Score:0
kz flag

You are looking at CIFS, not NFS. I have never run across a method to extract ownership information from a windows cifs share with linux tools (If anybody knows how - prove me wrong!). This is how it works:

  • On the server, the credentials you provide determine your access. You cannot "overrule" a readonly access with file_mode=0777, you would get an access denied when trying to write a file in such a case.
  • Since a default CIFS share does not export any ownership information, the uid, gid, umask, file_mode, dir_mode options provide a way to put a linux file security on top of the mounted share. This way, you can say that only a specific local linux user / group is able to read from / write to your mounted share. If you do not provide these options during mount, default values are used (most likely uid=0, gid=0, umask=0 for all directories and files inside that share)
  • Looking at the official documentation, it can be read that there are "unix extensions for CIFS" which allows exporting uid / gid ownership information. But I do not know if there is a way to determine whether the server supports these extensions.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.