Join Log in
Score:0
Minus63 avatar Ubuntu

Can't automount shared directory from Synology NAS to Ubuntu 20.04LTS

de flag
Minus63

Until now the NAS users were locally registered in the NAS, the users had for simple login their identifier in the form «User», the mounting of the volume via pam_mount worked perfectly with the line:

<volume fstype="cifs" server="172.16.0.50" path="data" mountpoint="/home/%(USER)/Reseau" user="*" sgrp="utilisa. du domaine" options="nodev,nosuid,dir_mode=0700,vers=2.1" />

Linux PCs are in an Active Directory domain, and for users, the AD session and local password in the NAS were the same. It forces users to change a default password in the nas to put the same one they use in the active directory domain

And even if I wanted to force the mounting of a network disk with my rights to use sudo the following command worked wonderfully:

sudo mount.cifs //172.16.0.50/data /home/mon_login_user/Reseau -o username=mon_login_user,vers=2.1,file_mode=0666,dir_mode=0700

Now I want to make things cleaner so the NAS is in the active directory domain, and so for it users have for login «domain/user» and no more «user»

I have a new Synology NAS with DSM7.

Writing as root this command works perfectly and as root, I can go read my network disk. So the editing is done well as root with this command.

mount.cifs //172.16.0.50/data /home/mon_login_admin/Reseau -o domain=mondomaine.lan,username=mon_login_user,vers=3,file_mode=0666,dir_mode=0700

But now as User with sudo rights if I type this same command I no longer have access to the mount point, while I do have read/write rights on this directory and that, with the same user, on windows 10 pro, there is no problem:

sudo mount.cifs //172.16.0.50/data /home/monloginuser/DisquesReseaux -o domain=mondomaine.lan,username=mon_login_user,vers=3,file_mode=0666,dir_mode=0700

Network mount is unreadable for my user:

monloginuser@Test:~$ cd Reseau/
-bash: cd: Reseau/: Permission non accordée
serrec@Test:~$ ls -l
total 32
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Bureau
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Documents
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Images
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Modèles
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Musique
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Public
drwx------ 2 root   root                   0 sept. 20 10:57 Reseau
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Téléchargements
drwxr-xr-x 2 monloginuser utilisa. du domaine 4096 sept. 27 08:56 Vidéos

While the rights to the "Reseau" directory should be: monloginuser utilisa. du domaine

And of course, with pam_mount level with the line:

<volume fstype="cifs" server="172.16.0.50" path="data" mountpoint="/home/%(USER)/Reseau" user="*" domain="mondomaine.lan" sgrp="utilisa. du domaine" options="nodev,nosuid,dir_mode=0700,vers=3" />

I have no mounting and error feedback of this type in /var/log/auth.log

Sep 27 09:45:21 Test sshd[2172]: pam_unix(sshd:session): session opened for user monloginuser by (uid=0)
Sep 27 09:45:23 Test sshd[2172]: (mount.c:72): Messages from underlying mount program:
Sep 27 09:45:23 Test sshd[2172]: (mount.c:76): mount error(13): Permission denied
Sep 27 09:45:23 Test sshd[2172]: (mount.c:76): Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
Sep 27 09:45:23 Test sshd[2172]: (pam_mount.c:522): mount of data failed

I don’t see what the problem is with permission, there’s something that’s not going right, but I can’t find what

I have another line in my pam_mount.conf.xml file that points to my old NAS, with the user being registered locally (and not in the domain) and on its side no worries, the automount of the network share directory always done without problems.

On the other hand, my windows machines have absolutely no problem connecting to this NAS, despite the fact that the NAS is now in the domain.

So I conclude for my part that the concern does not come from the configuration of the NAS but from the configuration of Ubuntu.

This is what I find as a trace of error in syslog when I want to open a AD user session

Sep 27 11:03:33 Test kernel: [ 5942.432006] CIFS: Attempting to mount \\172.16.0.50\data
Sep 27 11:03:33 Test kernel: [ 5942.445924] CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE
Sep 27 11:03:33 Test kernel: [ 5942.445939] CIFS: VFS: \\172.16.0.50 Send error in SessSetup = -13
Sep 27 11:03:33 Test kernel: [ 5942.445956] CIFS: VFS: cifs_mount failed w/return code = -13
Sep 27 11:03:33 Ubuntu2004 kernel: [ 5942.474864] audit: type=1400 audit(1632733413.753:774): apparmor="ALLOWED" operation="open" profile="/usr/sbin/sssd" name="/proc/601/cmdline" pid=690 comm="sssd_nss" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Sep 27 11:03:33 Test systemd[1]: Created slice User Slice of UID 236606829.

I’m out of ideas

Thank you for your help.

201
0 + 0
nas
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.