cifs pam mount 禁用 nounix 选项

tag-icon tag-icon mount pam cifs
cifs pam mount 禁用 nounix 选项

尝试通过安装远程 samba 共享来为用户设置漫游配置文件pam_mount。然而,名词选项会自动添加到已安装的文件夹上,因为无法在共享文件夹上创建符号链接,也无法使用 csync 程序进行同步。

相关文件和输出:

$ cat /etc/security/pam_mount.conf.xml

<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<!--
    See pam_mount.conf(5) for a description.
-->

<pam_mount>

        <!-- debug should come before everything else,
        since this file is still processed in a single pass
        from top-to-bottom -->

<debug enable="1" />

        <!-- Volume definitions -->


        <!-- pam_mount parameters: General tunables -->

<!--
<luserconf name=".pam_mount.conf.xml" />
-->

<!-- Note that commenting out mntoptions will give you the defaults.
     You will need to explicitly initialize it with the empty string
     to reset the defaults to nothing. -->
<mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
<!--
<mntoptions deny="suid,dev" />
<mntoptions allow="*" />
<mntoptions deny="*" />
-->
<mntoptions require="nosuid,nodev" />

<logout wait="0" hup="0" term="0" kill="0" />


        <!-- pam_mount parameters: Volume-related -->
<!-- LINE BELOW WAS ADDED! -->
<volume fstype="cifs" server="server.lan" path="%(DOMAIN_USER)" mountpoint="/home/roaming/%(DOMAIN_NAME)/%(DOMAIN_USER)" options="vers=2.1,uid=%(USER)" />

<mkmountpoint enable="1" remove="true" />


</pam_mount>

$ 安装

sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=1935432k,nr_inodes=483858,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=391560k,mode=755)
/dev/sda1 on / type ext4 (rw,noatime,errors=remount-ro,data=ordered)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=25,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=3286)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
mqueue on /dev/mqueue type mqueue (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
sunrpc on /run/rpc_pipefs type rpc_pipefs (rw,relatime)
tmpfs on /run/user/1274545246 type tmpfs (rw,nosuid,nodev,relatime,size=391560k,mode=700,uid=1274545246,gid=1274544641)
//server.lan/aaditya on /home/roaming/SERVER/aaditya type cifs (rw,relatime,vers=2.1,sec=ntlmssp,cache=strict,username=aaditya,domain=SERVER,uid=1274545246,forceuid,gid=1274544641,forcegid,addr=192.168.1.191,file_mode=0755,dir_mode=0755,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
gvfsd-fuse on /run/user/1274545246/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1274545246,group_id=1274544641)
tmpfs on /run/user/1001 type tmpfs (rw,nosuid,nodev,relatime,size=391560k,mode=700,uid=1001,gid=1001)
gvfsd-fuse on /run/user/1001/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1001,group_id=1001)

挂载.cifs(8)有以下信息:

       nounix
       Disable the CIFS Unix Extensions for this mount. This can be useful in order to turn off multiple settings at once. This includes POSIX acls, POSIX locks,
       POSIX paths, symlink support and retrieving uids/gids/mode from the server. This can also be useful to work around a bug in a server that supports Unix
       Extensions.

       See section INODE NUMBERS for more information.

我尝试添加UNIX到安装选项列表,但失败并显示:

安装错误(22):参数无效 11 月 3 日 17:24:35 系统 lightdm:(mount.c:76):请参阅 mount.cifs(8) 手册页(例如 man mount.cifs)

为什么是名词自动添加的选项如何禁用?

或者我可以知道哪些是禁用的确切选项名词以便可以启用它们?

操作系统是Ubuntu 16.04

$ uname -srm
Linux 4.10.0-38-lowlatency x86_64

文件夹已安装pam_mount,如果我卸载然后重新安装它会得到相同的mount输出。

但是,如果我禁用文件夹挂载pam_mount,注销,登录并尝试通过命令行手动挂载,然后在一些案例我不明白名词在安装选项中? (相当混乱;需要查明它在哪里起作用,在哪里不起作用)

答案1

经过多次尝试,这似乎是该vers选项的效果。如果vers=2.1删除,unix 扩展似乎已启用:

//server.lan/aaditya on /home/roaming/SERVER/aaditya type cifs (rw,relatime,vers=1.0,cache=strict,username=aaditya,domain=SERVER,uid=1274545246,forceuid,gid=1274544641,forcegid,addr=192.168.1.191,unix,posixpaths,serverino,mapposix,acl,rsize=1048576,wsize=65536,echo_interval=60,actimeo=1)

我添加的原因vers=2.1是因为 samba 共享有磁盘空间配额,但在 1.0 中显示的是整个磁盘的可用空间而不是配额。

那么现在的问题是:如何为 samba 2.1 版启用 unix 扩展?

相关内容