[Solved] Re: Windows shares again
Eric A. Bonney wrote:
Just an update. I finally got this working today. One thing I decided
to do, and am still doing, is I moved all the shared external drives
there were on my XP box, down to the Linux server. This way it was
easier to serve the files to the XP box using Samba and I knew what I
was doing there.
Then I finally got the pam_mount to work so that it automatically mounts
the samba shares under the /home of each user when they login and then
unmounts them when they log out. I had to use a how to that was written
for Fedora and pull out only the pieces of information that I need.
So I can find all sorts of information on how to share a Linux share
to a windows machine using Samba and how to share a Linux share with a
Linux box again using Samba. I can find all sorts of examples for
each of these. I can find examples of using pam to auto mount shares
on login again from Linux to Linux, but my biggest issue is finding
documentation on gaining access to shared folders from a Windows
machine on Linux boxes.
I want to be able to do the following upon a users login:
1. When the user logs into the Linux machine, based on what group they
are assigned to, they should have certain shares automatically mounted
2. When the user logs into the Linux machine, based on what group they
are assigned to, they should have all other shares not automatically
mounted, set to such a way that they can't gain access to them at all.
3. When the user logs out of the Linux machine, all shares should be
I know I am supposed to be able to do this with pam, but I am not sure
how to do this. Do I need some kind of configuration file for the
login part? Also, does Samba recognize groups from the XP machine? I
currently use groups on the XP machine to restrict access of the users
on that machine to certain directories.
I know on my Samba server that is running on my Linux machine, I can
specify invalid users on a per share basis, which can limit the users
access to those shares. Not really sure how to do this on the windows
shared folders or if it is even possible. I guess I might have to
move all that data down to the Linux server and then run it all from
the Samba server.
Anyone have any other suggestions on how to work this out?
Here is a brief description of what I have done so far to get it to work
after installing pam and configuring samba correctly:
1. Modified /etc/pam.d/kdm and /etc/pam.d/login files to include the
following line before all other auth lines.
auth required pam_mount.so
2. Further down in the same two files from #1 I added
session optional pam_mount.so
3. Modified /etc/security/pam_mount.conf as follows:
commented out the line "options_require nosuid, nodev"
4. Added all the shares that I wanted shared on my laptop under /home
volume * smbfs servername sharename /home/&/mountpoint
uid=& - -
This is working just fine on my laptop at the present time. I know
there is a way to feed pam_mount a configuration file that is setup in
the user's /home directory that specifies the shares that are completed
in #4. I plan on using the configuration file setup for my Debian box
that all the family uses, so that each user has a different set of
shares that show up under their /home. The kids don't need access to
all the shares and neither do any of the guests that use the computer.
Hopefully this will help someone else out in the future and save them