MountWindowsSharesPermanently

Revision 40 as of 2012-04-28 10:44:57

Clear message

This document describes how to mount smbfs shares permanently. The shares can be on a Windows computer or on a Linux/UNIX server running Samba.

15 oct. 2009: The libpam_mount section is no longer up to date with current releases. Can anyone please update this section?

Is it true that smbfs is deprecated? According to a blog post by Joey Stanford we need to use CIFS instead of smbfs!

It appears to be true. I just fought through several strange problems after following this guide, only to have everything solved by using CIFS instead.

I can confirm the above as well. I have changed "smbfs" to "cifs" where appropriate in this guide.

Prerequisites

We're assuming that:

  • Network connections have been configured properly.

  • Your local (Ubuntu) username is ubuntuusername.

  • Share username on Windows computer is msusername.

  • Share password on Windows computer is mspassword.

  • The Windows computer's name is servername (this can be either an IP address or an assigned name).

  • The name of the share is sharename.

  • You want to mount the share in /media/windowsshare.

Samba File System installation

sudo apt-get install smbfs

Mounting unprotected (guest) network folders

First, let's create the mount directory. You will need a separate directory for each mount. 

sudo mkdir /media/windowsshare

Then edit your /etc/fstab file (with root privileges) to add this line: 

//servername/sharename  /media/windowsshare  cifs  guest,uid=1000,iocharset=utf8,codepage=unicode,unicode  0  0

Where

  • guest indicates you don't need a password to access the share,

  • uid=1000 makes the Linux user specified by the id the owner of the mounted share, allowing them to rename files,

  • the combination iocharset=utf8,codepage=unicode,unicode allows access to files with names in non-English languages. This doesn't work with shares of devices like the Buffalo Tera Station, or Windows machines that export their shares using ISO8895-15. With those you need to use codepage=cp850, otherwise characters like the German 'Umlaute' are displayed as garbage.

After you add the entry to /etc/fstab type: 

sudo mount -a

This will (re)mount all entries listed in /etc/fstab.

Mount password protected network folders

The quickest way to auto-mounting a password-protected share is to edit /etc/fstab (with root privileges), to add this line: 

//servername/sharename  /media/windowsshare  cifs  username=msusername,password=mspassword  0  0

This is not a good idea however: /etc/fstab is readable by everyone and so is your Windows password in it. The way around this is to use a credentials file. This is a file that contains just the username and password.

Using a text editor, create a file for your remote servers logon credential: 

gedit ~/.smbcredentials

Enter your Windows username and password in the file: 

username=msusername
password=mspassword

Save the file, exit the editor.

Change the permissions of the file to prevent unwanted access to your credentials: 

chmod 600 ~/.smbcredentials

Then edit your /etc/fstab file (with root privileges) to add this line (replacing the insecure line in the example above, if you added it): 

//servername/sharename /media/windowsshare cifs credentials=/home/ubuntuusername/.smbcredentials,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0

Save the file, exit the editor.

Finally, test the fstab entry by issuing: 

sudo mount -a

If there are no errors, you should test how it works after a reboot. Your remote share should mount automatically.

Other Approaches

If for some reason (networking problems for example) the automatic mounting during boot doesn't work, you can add the "noauto" parameter to your smbfs fstab entry and then have the share mounted at login.

In /etc/fstab: 

//servername/sharename  /media/windowsshare  cifs  noauto,credentials=/home/ubuntuusername/.smbpasswd  0  0

In /etc/rc.local: 

mount /media/windowsshare
exit 0

Special permissions

If you need special permission (like chmod etc.), you'll need to add a uid (short for 'user id') or gid (for 'group id') parameter to the share's mount options. 

//servername/sharename  /media/windowsshare  cifs   uid=ubuntuuser,credentials=~/.smbcredentials,dmask=777,fmask=777   0       0

Fixing a CIFS bug with network manager

If you use network manager, and are getting really slow shutdowns. It's probably because the network manager shuts down before unmounting the network shares. That will cause CIFS to hang, and wait for 60 seconds or so. Here's what you do to fix it: 

sudo ln -s /etc/init.d/umountnfs.sh /etc/rc0.d/K14umountnfs.sh
sudo ln -s /etc/init.d/umountnfs.sh /etc/rc6.d/K14umountnfs.sh

Mounting a Share with Read/Write rights with a regular User (Without Prompt)

Open a Terminal and type: 

id

This should output something similar to: 

uid=1000(craize) gid=1000(craize) groups=...

So for my user (craize) the User ID is 1000 and the Group ID is 1000 too.

Add the following to /etc/fstab: 

//servername/sharename  /media/windowsshare  cifs  defaults,uid=1000,gid=1000,credentials=~/.smbpasswd,umask=777  0  0

(If the tilde "~" doesn't work in fstab, see the note below under Troubleshooting.)

Mount password protected network folders without credentials file using libpam_mount

Assumed that:

  • Your username and password are the same on the Ubuntu machine and on the network drive.

  • Network connections have been configured properly.

  • The Windows computer name is servername, this can be either an IP address or an assigned name.

  • The name of the share is sharename.

  • You want to mount the share in a folder /media/windowsshare inside a user's home folder.

First, let's create the mount folder. You will need a separate folder for each mount. 

$ sudo mkdir /home/username/media/windowsshare

Then, install the required package. 

$ sudo apt-get install libpam-mount

Then edit the file /etc/security/pam_mount.conf using gedit or your preferred text editor (in Kubuntu, the default is Kate). Since Ubuntu Hardy this file is named /etc/security/pam_mount.conf.xml. 

$ sudo gedit /etc/security/pam_mount.conf

Find the session: 

# Volumes that will be mounted when user triggers the pam_mount module

NOTE: In 9.04 this entry does not exist in file /etc/security/pam_mount.conf.xml. Now what? Please see my experimental setup (work in progress) below.

And add this line at the end of this session (bellow the provided examples): 

volume username cifs servername sharename /home/&/media/windowsshare uid=&,iocharset=utf8,fmask=0770,dmask=0770 - -

Where

  • username is the user that, when logged, pam_mount will mount the volume. It is possible to use * to all users or @groupname to all users that have groupname as their primary group

  • cifs is the filesystem. It can be any of the filesystems listed on the session # Commands to mount/unmount volumes, such as cifs (preferred) or "smbfs" (deprecated).

  • servername can be the ip address or the assigned name (don't use // before them).

  • sharename is the name of the share on the network folder. If the name of the share is your username (like a home folder) you can use the & character.

  • /home/&/media/windowsshare means /home/username/media/windowsshare. The & character means the username in this file.

  • uid=& makes the Linux-user with specified uid or username owner of the mounted share, thereby allowing that user to rename files. You can specify a username instead of using the & character

  • fmask=0770,dmask=0770 will set rwx permissions on files and directories for the user and the group specified with uid and gid.

Back up the pam gdm file: 

$ sudo cp /etc/pam.d/gdm /etc/pam.d/gdm_backup

Then configure PAM to mount the external drive every time you login using gdm (change to kdm or xdm if you use Kubuntu or Xubuntu). 

$ echo "@include common-pammount" | sudo tee -a /etc/pam.d/gdm

Next time you reboot and login, the volume should be mounted without the need to enter your login password twice or to write it down on a file.

Setup on Ubuntu 9.04

WORK IN PROGRESS - THE FOLLOWING HAS NOT BEEN TESTED YET

As mentioned above, the required section doesn't exist in /etc/security/pam_mount.conf.xml. So with the help of the following resource(s), I'm working towards a solution: http://blogs.techrepublic.com.com/opensource/?p=307

First, we're moving the user specific config bits to a file which users can actually edit themselves. 

$ sudo gedit /etc/security/pam_mount.conf.xml

Remove the comments (<!-- and -->) from the section called <luserconf name=".pam_mount.conf.xml" />. Save the file when done. With this in place, users can create their own ~/.pam_mount.conf.xml.

Next we'll create the ~/.pam_mount.conf.xml file for our example user 'joe'. 

$ touch /home/joe/.pam_mount.conf.xml

Edit your freshly created config file and add the following: 

<?xml version="1.0" encoding="utf-8" ?>

<pam_mount>

    <volume user="username" fstype="cifs" server="servername" path="sharename" mountpoint="~/media/windowsshare" />

</pam_mount>

(If the tilde "~" doesn't work, see the note below under Troubleshooting.)

Still to 'translate' into XML format: 

 uid=&,iocharset=utf8,fmask=0770,dmask=0770 - -

[TBC]

I have tested it on 9.10.

Just added to /etc/security/pam_mount.conf.xml the following: 

<volume options="uid=%(USER),gid=100,dmask=0700" user="*" mountpoint="/home/%(USER)/media/windowsshare" path="sharename" server="servername" fstype="cifs" />

Troubleshooting

Unprotected network folder won't automount

I've had a situation where an unprotected network folder wouldn't automount during bootup, but after manually entering "sudo mount -a" was mounted correctly. I solved this by replacing the "guest" option by "username=guest,password=". If anyone has an explanation for this, please leave a comment. 

//servername/sharename  /media/windowsshare  smbfs  username=guest,password=,uid=1000,iocharset=utf8,codepage=unicode,unicode  0  0

CIFS Options Deprecated

20 Feb 2008 TW

Using dmask or fmask in the fstab file produces the following warnings: WARNING: CIFS mount option 'dmask' is deprecated. Use 'dir_mode' instead. WARNING: CIFS mount option 'fmask' is deprecated. Use 'file_mode' instead.

Instead use this format: file_mode=0777,dir_mode=0777

Use of tilde in pathnames such as "credentials=~/.smbcredentials"

20 Feb 2008 TW

Curiously, using credentials=~/.smbcredentials in fstab didn't work. I had to use the full path, i.e. /home/username/.smbcredentials

(This is likely because the tilde "~" is only a shell short-hand alias for "$HOME"; it isn't something recognized system-wide by all programs, especially not in a system file table where the concept of "HOME" doesn't really exist. -Ian!)

CategoryDocumentation