Always permission 777 on mount shared cifs

G

5

12

I have a little problem when I mount a SMB shared folder from a Synology NAS. I want to mount a shared folder with permissions: git:root 700

But the mounted folder always have permission set to 777 ( even after a chmod 700 without error)

In my /etc/fstab I used this line:

#uid=999 ---> git user
//server/folder /mnt/artifacts cifs username=windowsUser,password=xxxxx,gid=0,uid=999,file_mode=0700,dir_mode=0700,iocharset=utf8 0 0

Do you know why I cannot set my rights to 700 ? I did a mistake ? Something stupid ?

Thanks in advance for your help ;)

Gimbals answered 7/11, 2016 at 14:53 Comment(1)

you should consider to mark the answer of @Docnovak the correct one – Greatgranduncle 20/9, 2020 at 17:2

I

-3

Your problem is a very common one. You are using incorrect tags to be able to change the file permissions of the mounted folder.

You need to add 'umask=', instead of 'file_mode=700' and 'dir_mode=700' as it is using system mount options not CIFS's options.

To do this you can use:

//address/location /mount/location cifs credentials=/location,uid=id,gid=id,umask=700 0 0

This will mount the file share under the set file permissions.

For security I would recommend using a credentials file, which contains the username and password, and must be set as read only.

Inedited answered 10/11, 2016 at 12:7 Comment(5)

Hi @MrEditor97, I have tried with umask but that produce an Invalid argument error. //server/folder /mnt/artifacts cifs credentials=/root/.smbcredentials,gid=0,uid=999,iocharset=utf8,umask=700 0 0 It seems umask cannot be used with cifs. – Gimbals 15/11, 2016 at 16:28

Hi @David, Sorry that you are still having a problem. I have just referenced with my setup, and to mount the CIFS share with the permissions you are wanting you must use file_mode=0600,dir_mode=0700. I was using a Samba share therefore (which forces the correct file permissions) so I did not have to do it like you are. Is it possible for you to force the correct file permissions on your share? The only thing I can say, is try to use the file_mode= and dir_mode= with the addition of a 0 infront of the mount? – Inedited 15/11, 2016 at 18:37

Hi @MrEditor97, first , thanks for your answer ;) unfortunately I still have the problem with the addition of 0. But I found a solution in my NAS, so now it's working :D thanks to everybody ;) – Gimbals 16/11, 2016 at 16:11

@David, thanks for letting me know that you are all sorted. I am sorry that I couldn't help with your actual problem though. – Inedited 16/11, 2016 at 16:28

mount.cifs has no support for umask [mount error(22): Invalid argument], however supports file_mode and dir_mode. nevertheless the correct answer is given below. if remote and local user/gid not matching it defaults to 0777 anyway. – Greatgranduncle 20/9, 2020 at 16:59

D

11

If the remote machine user ID and the local machine user ID do not match, the permissions will default to 777. Mount.cifs doesn't support umask, so instead "noperm" option can be used. This way even if the permissions of the users on the local and remote machines don't match, the user will still be allowed to read and write to the folder, the equivalent of umask=000.

//address/location /mount/location cifs username=username,password=password,noperm,vers=2.0 0 0

Donative answered 22/8, 2018 at 5:35 Comment(0)

L

9

a good start is to check out the manpage for CIFS:

$ man mount.cifs
[...]
   file_mode=arg
       If the server does not support the CIFS Unix extensions this overrides the default file mode.

   dir_mode=arg
       If the server does not support the CIFS Unix extensions this overrides the default mode for directories.
[...]
   nounix
       Disable the CIFS Unix Extensions for this mount. 
[...]

So since the file_mode (and dir_mode) seem to only work if the server does not support the CIFS Unix extensions, i would start by disabling them (via the nounix option)

League answered 7/11, 2016 at 22:48 Comment(2)

Thanks for your anwser ;) I have already trying to add nounix option (and remove file/dir_mode ) but this produce a no such file or directory error. – Gimbals 8/11, 2016 at 8:9

Thanks ! That worked just fine. See my answer below for more details. – Emporium 16/11, 2020 at 21:8

E

2

Adding nounix worked just fine. For information, the line I have in /etc/fstab is :

//server/share /mnt/folder cifs credentials=/home/yannick/.smbcredentials,iocharset=utf8,sec=ntlm,vers=1.0,uid=1000,gid=1000,file_mode=0644,dir_mode=0755,nounix 0 0

with 1000 being my user id and group id.

Inside .smbcredentials, I have this :

username=<distant login>
password=<distant password>

Emporium answered 16/11, 2020 at 21:11 Comment(0)

E

0

I try to mount a CIFS share with permissions only for root. Other users should not be able to even list any files.

Therefore I used the following fstab entry:

//192.168.0.100/DRV   /mnt/DRV   cifs   user=user,pass=pass,uid=0,gid=0,nounix,file_mode=0007,dir_mode=0007   0   0

I also tried the noperm parameter.

In detail I created the folder with this permissions:

drwxrwx--- 2 root root 4096 Mai 14 09:09 DRV

After mounting the network share, the folder have:

d------rwx 2 root root 4096 Mai 14 04:50 W

Equivalence answered 14/5, 2020 at 7:48 Comment(1)

I've recognized my mistake: The permissions file_mode=0007,dir_mode=0007 are wrong! Correct ist 0770. I'm wondering because I often have read to invert the permission flags!? – Equivalence 14/5, 2020 at 19:8

I

-3

Your problem is a very common one. You are using incorrect tags to be able to change the file permissions of the mounted folder.

You need to add 'umask=', instead of 'file_mode=700' and 'dir_mode=700' as it is using system mount options not CIFS's options.

To do this you can use:

//address/location /mount/location cifs credentials=/location,uid=id,gid=id,umask=700 0 0

This will mount the file share under the set file permissions.

For security I would recommend using a credentials file, which contains the username and password, and must be set as read only.

Inedited answered 10/11, 2016 at 12:7 Comment(5)

Hi @MrEditor97, I have tried with umask but that produce an Invalid argument error. //server/folder /mnt/artifacts cifs credentials=/root/.smbcredentials,gid=0,uid=999,iocharset=utf8,umask=700 0 0 It seems umask cannot be used with cifs. – Gimbals 15/11, 2016 at 16:28

Hi @David, Sorry that you are still having a problem. I have just referenced with my setup, and to mount the CIFS share with the permissions you are wanting you must use file_mode=0600,dir_mode=0700. I was using a Samba share therefore (which forces the correct file permissions) so I did not have to do it like you are. Is it possible for you to force the correct file permissions on your share? The only thing I can say, is try to use the file_mode= and dir_mode= with the addition of a 0 infront of the mount? – Inedited 15/11, 2016 at 18:37

Hi @MrEditor97, first , thanks for your answer ;) unfortunately I still have the problem with the addition of 0. But I found a solution in my NAS, so now it's working :D thanks to everybody ;) – Gimbals 16/11, 2016 at 16:11

@David, thanks for letting me know that you are all sorted. I am sorry that I couldn't help with your actual problem though. – Inedited 16/11, 2016 at 16:28

mount.cifs has no support for umask [mount error(22): Invalid argument], however supports file_mode and dir_mode. nevertheless the correct answer is given below. if remote and local user/gid not matching it defaults to 0777 anyway. – Greatgranduncle 20/9, 2020 at 16:59

Recommended topics

Hot tags