[TriLUG] SMB, fstab, php/apache user access?

David McDowell turnpike420 at gmail.com
Tue Mar 1 15:11:47 EST 2005 

oops, forgot to add this, for future reference:
http://www.turnpike420.net/linux/smbmount.txt

thanks again joel.
David McD



On Tue, 1 Mar 2005 14:55:30 -0500, David McDowell <turnpike420 at gmail.com> wrote:
> Joel, awesome!
> 
> //SERVER/ShareName /mnt/webbackup smbfs
> uid=apache,credentials=/path/to/.credfile 0 0
> 
> which results in:
> drwxr-xr-x 1 apache root 26645 Feb 28 19:54 webbackup
> 
> Worked like a charm!  :)
> 
> Thank you!
> David McD
> 
> 
> On Tue, 01 Mar 2005 14:38:55 -0500, Joel Ebel <jbebel at ncsu.edu> wrote:
> > Try adding uid=apache to your fstab line.  A similar gid= options exists
> > if you so choose.  That will make all the files appear as owned by the
> > apache user, and should allow that user to write to it.  man smbmount
> > should show you lots of other options that might be useful too.
> >
> > Joel
> >
> > David McDowell wrote:
> > > In my current setup, I have a RH flavored linux distro.  I have the
> > > following line in my /etc/fstab which mounts a share folder on a
> > > windows network to the mnt point so that an rsync cron.d job will run.
> > >  The job successfully rsync's my complete web directory to the share
> > > location where the backup tapes in the Microsoft environment can grab
> > > the files.  The .credfile has the Microsoft share's username and
> > > password for auth by the Microsoft machine to the share.  Everything
> > > here works great.  Root has the mount, root runs the cron.d, mount
> > > works, script works, all is happy.
> > >
> > > //SERVER/ShareName /mnt/webbackup smbfs credentials=/path/to/.credfile 0 0
> > >
> > > Now is where I'm a bit confused, maybe just syntax related.  The
> > > /etc/fstab line above connects to the Microsoft share as user foo,
> > > password bar, just as the .credfile states it should.  As the root
> > > user on the linux box, I can make directories, cp files, mv files,
> > > delete files, basically everything works perfectly as I said.  So this
> > > does not appear to be a permissions issue with the Microsoft share.  I
> > > believe where I'm going is bumping into problems with the way other
> > > users on the linux box talk to the share.  Here's what I mean.
> > >
> > > I am creating a web app using PHP 4.x on Apache 2.x on this linux box.
> > >  The PHP is accepting uploaded files, and the PHP path for placement
> > > of those uploaded files is /mnt/webbackup/ and any folders and files
> > > structure that I create with the app should be able to be placed
> > > there.  As many of you know, httpd doesn't run as root.  It runs as
> > > apache by default.  So it would seem that the local apache user on
> > > this linux box is unable to use the share created in the /etc/fstab.
> > >
> > > With the share umounted, I tried changing ownership and perms of the
> > > /mnt/webbackup mount point.  But, whenever I run mount -a to test the
> > > line from /etc/fstab, it never fails to change back to:
> > > drwxr-xr-x 1 root root 24567 Feb 28 18:38 webbackup
> > > No amount of chmod, chown seem to change the mount point once the
> > > mount is established either.
> > >
> > > So, how do I make this mount point usable by a regular user such as
> > > apache, yet still allow it to be in /etc/fstab (for automation
> > > purposes in case of reboot due to new kernel, UPS failure, etc.)
> > >
> > > After the smbfs, do I need rw,apache,credentials=/path/to/.credfile to
> > > give the apache user read/write access?  This is what I'm getting out
> > > of the first few google hits.  Something else I'm reading says:
> > > To enable non root user to mount smb shares you must set smbmnt setuid
> > > Here's how
> > > # cd /usr/lib/samba/classic
> > > # chmod +s smbmnt
> > >
> > > which I think is from Solaris?  I find this equiv in samba 3.x:
> > > chmod +s /usr/bin/smbmnt
> > > I think... so can the share still be connected using my current
> > > /etc/fstab and then used by the apache user after that from the PHP
> > > web app?
> > >
> > > Thanks,
> > > David McD
> > --
> > TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG Organizational FAQ  : http://trilug.org/faq/
> > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> > TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
> >
>

More information about the TriLUG mailing list