user token

user token

[muzzol]

hi!

is any token related to user trying to mount passed to autofs?

i've tried $USER and other variables without any success.

what i want to do is something like:

============================================

#!/bin/bash

# $Id: auto.smb,v 1.3 2005/04/05 13:02:09 raven Exp $

# This file must be executable to work! chmod 755!

key="$1"
mountopts="-fstype=cifs"
smbopts=""
credfile="/home/$USER/auto.smb.$key"

for P in /bin /sbin /usr/bin /usr/sbin
do
        if [ -x $P/smbclient ]
        then
                SMBCLIENT=$P/smbclient
                break
        fi
done

[ -x $SMBCLIENT ] || exit 1

if [ -e $credfile ]; then
        mountopts="$mountopts,credentials=$credfile"
        smbopts="-A $credfile"
else
        smbopts="-N"
fi

$SMBCLIENT $smbopts -gL $key 2>/dev/null| awk -v key="$key" -v
opts="$mountopts" -F'|' -- '
        BEGIN   { ORS=""; first=1 }
        /Disk/  { if (first) { print opts; first=0 }; sub(/ /, "\\ ",
$2); print " \\\n\t /" $2, "://" key "/" $2 }
        END     { if (!first) print "\n"; else exit 1 }
        '

============================================

note the credfile line:

credfile="/home/$USER/auto.smb.$key"

if there's no variable, can any additional parameter be passwd to the
executables mappings beside the key?

regards,

muzzol

-- 
========================
     ^ ^
     O O
    (_ _)
muzzol(a)gmail.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>

_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs

Re: user token

[Ian Kent]

On Mon, 2007-11-26 at 10:49 +0100, muzzol wrote:
> hi!
> 
> is any token related to user trying to mount passed to autofs?
> 
> i've tried $USER and other variables without any success.

So you're not using version 5 then, or are you?

Version 5 sets several variables in the environment, USER, GROUP, HOME,
UID and GID.

> 
> what i want to do is something like:
> 
> ============================================
> 
> #!/bin/bash
> 
> # $Id: auto.smb,v 1.3 2005/04/05 13:02:09 raven Exp $
> 
> # This file must be executable to work! chmod 755!
> 
> key="$1"
> mountopts="-fstype=cifs"
> smbopts=""
> credfile="/home/$USER/auto.smb.$key"
> 
> for P in /bin /sbin /usr/bin /usr/sbin
> do
>         if [ -x $P/smbclient ]
>         then
>                 SMBCLIENT=$P/smbclient
>                 break
>         fi
> done
> 
> [ -x $SMBCLIENT ] || exit 1
> 
> if [ -e $credfile ]; then
>         mountopts="$mountopts,credentials=$credfile"
>         smbopts="-A $credfile"
> else
>         smbopts="-N"
> fi
> 
> $SMBCLIENT $smbopts -gL $key 2>/dev/null| awk -v key="$key" -v
> opts="$mountopts" -F'|' -- '
>         BEGIN   { ORS=""; first=1 }
>         /Disk/  { if (first) { print opts; first=0 }; sub(/ /, "\\ ",
> $2); print " \\\n\t /" $2, "://" key "/" $2 }
>         END     { if (!first) print "\n"; else exit 1 }
>         '
> 
> ============================================
> 
> note the credfile line:
> 
> credfile="/home/$USER/auto.smb.$key"
> 
> if there's no variable, can any additional parameter be passwd to the
> executables mappings beside the key?

No other parameters can be passed to program maps.
I don't really know of a sane way to do this.

Ian

Re: user token

[muzzol]

En/na Ian Kent ha escrit:
> On Mon, 2007-11-26 at 10:49 +0100, muzzol wrote:
> No other parameters can be passed to program maps.
> I don't really know of a sane way to do this.
> 

is this by design?

do you plan to add such feature in the future?

-- 
========================
      ^ ^
      O O
     (_ _)
muzzol(a)muzzol.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>

Re: user token

[Ian Kent]

On Mon, 2007-11-26 at 20:27 +0100, muzzol wrote:
> En/na Ian Kent ha escrit:
> > On Mon, 2007-11-26 at 10:49 +0100, muzzol wrote:
> > No other parameters can be passed to program maps.
> > I don't really know of a sane way to do this.
> > 
> 
> is this by design?

It's been that way since before I took over maintenance of autofs.

> 
> do you plan to add such feature in the future?

Like I said, I don't see any "sane" way to do this.
There is a way to use an external environment variable withing maps but
I haven't looked at that code for some time now.

What is it that you need that the standard environment I mentioned
doesn't provide?

Ian

Re: user token

[muzzol]

2007/11/27, Ian Kent <raven@themaw.net>:
> What is it that you need that the standard environment I mentioned
> doesn't provide?
>

for example sending a message to user with zenity. for identifying
wich user is performing the request i must do some tricky things now,
and only works on stations with just one user logged in.

exposing some user variables _inside_ executable mappings would help a
lot with mounts that need some interaction from user.

look out this pseudo-code:

if user request for samba mount
  if not exists credentials file
    ask for credentials

as i said, i got a working script, but is very dirty and specific.


-- 
========================
     ^ ^
     O O
    (_ _)
muzzol(a)gmail.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>

_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs

Re: user token

[muzzol]

2007/11/27, Ian Kent <raven@themaw.net>:
> I have no idea what you are talking about here.
>

sorry for not being clear.

 - im using version 5.0.2
 - i want an executable map that asks some info to user.
 - i take auto.smb as base and add something like this:

opts="-fstype=cifs,credentials=$CREDENTIALS"

USERSESSION=`w | grep "x-session-manager"`
USER=`echo "$UXSESSION" | cut -d" " -f1`
DISPLAY=`echo "$UXSESSION" | tr -s " " | cut -d" " -f2`
CREDENTIALS="/home/$USER/.smb.auth.$key"

if [ ! -e "$CREDENTIALS" ]; then
    NEWKEY=`zenity --entry --hide-text --text="Enter your pass for $key"`
    echo -e "username=$USER\npassword=$NEWKEY" > "$CREDENTIALS"
fi

[...]

this works as long as there's only one user on the machine and is
pretty limited. if user variables were exposed to executable maps it
could be easily integrated with Zenity, DBUS, xmessage, or any other
user space process.


> The USER macro is available to maps (along with the others I mentioned
> before), including executable maps as an environment variable, and as a
> macro variable for normal maps, when using version 5.
>

but this is _after_ the executable map is processed, so its usability
is very limited.

> If you're talking about version 4 then that information isn't available
> in the kernel request packet to the daemon so it can't be done.
>

i was talking about v5 all the time, but i hope now is more clear.

regards,

muzzol

-- 
========================
     ^ ^
     O O
    (_ _)
muzzol(a)gmail.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>

_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs

Re: user token

[Ian Kent]

On Tue, 2007-11-27 at 16:13 +0100, muzzol wrote:
> 2007/11/27, Ian Kent <raven@themaw.net>:
> > I have no idea what you are talking about here.
> >
> 
> sorry for not being clear.
> 
>  - im using version 5.0.2
>  - i want an executable map that asks some info to user.
>  - i take auto.smb as base and add something like this:
> 
> opts="-fstype=cifs,credentials=$CREDENTIALS"
> 
> USERSESSION=`w | grep "x-session-manager"`
> USER=`echo "$UXSESSION" | cut -d" " -f1`
> DISPLAY=`echo "$UXSESSION" | tr -s " " | cut -d" " -f2`
> CREDENTIALS="/home/$USER/.smb.auth.$key"
> 
> if [ ! -e "$CREDENTIALS" ]; then
>     NEWKEY=`zenity --entry --hide-text --text="Enter your pass for $key"`
>     echo -e "username=$USER\npassword=$NEWKEY" > "$CREDENTIALS"
> fi
> 
> [...]
> 
> this works as long as there's only one user on the machine and is
> pretty limited. if user variables were exposed to executable maps it
> could be easily integrated with Zenity, DBUS, xmessage, or any other
> user space process.

I think this is where the problem is.
Expose what user variables?
The ones of the user process requesting the mount?
They are present in the user process not the automount process and
basically aren't known to automount.

This is the fundamental problem with adding this feature.
One suggestion is to actually decouple the mount request from automount
and run a program from the kernel within requesting user context but
then you can't mount because you're not root and executing a program
from the kernel is bad news as far as I'm concerned. You just can't get
return status.

> 
> 
> > The USER macro is available to maps (along with the others I mentioned
> > before), including executable maps as an environment variable, and as a
> > macro variable for normal maps, when using version 5.
> >
> 
> but this is _after_ the executable map is processed, so its usability
> is very limited.

What do you mean "after" it's processed.
It, along with the other variables, are set in the environment prior to
executing the map.

Ian

Re: user token

[Stef Bon]

On Tuesday 27 November 2007 09:19:35 muzzol wrote:
> 2007/11/27, Ian Kent <raven@themaw.net>:
> > What is it that you need that the standard environment I mentioned
> > doesn't provide?
> >
> 
> for example sending a message to user with zenity. for identifying
> wich user is performing the request i must do some tricky things now,
> and only works on stations with just one user logged in.
> 
> exposing some user variables _inside_ executable mappings would help a
> lot with mounts that need some interaction from user.
> 
> look out this pseudo-code:
> 
> if user request for samba mount
>   if not exists credentials file
>     ask for credentials
> 
> as i said, i got a working script, but is very dirty and specific.
> 
> 
Well i've done something like this. Look at:

http://www.howtoforge.com/automatic_discovery_mounting_smb_networkshares

I've been struggling with this question some time, and found a good way to deal with this USER
variable.

In short:
. there are some scripts which are run by fcron which maintain a cache. These scripts make use of nbtscan (systemwide) and
smbclient (per user) to find all hosts and shares. The latest make use of a credentialsfile (if found, if no then guest).
. one of the mainthings these script create is a "windows network tree" in the homemap of all users logged in:
~/Global Network/Windows Network/Host A/first share A
                                                                             second share A
                                                                 Host B/first share B
                                                                              second share B

The shares are symbolic links. For example the first share A of host A points to:

/mnt/autofs/user/%USER%/smb/Host A/first share A

Now on this directory my automount program is active (which for this user is started 
when he logs in, but still is running as root), with only:

auto.hosts and auto.share which look like:

auto.hosts in the /var/run/autofs/user/%USER%/smb directory

#!/bin/bash

echo "-fstype=autofs,-Dhost=${host} file:/var/run/autofs/user/%USER%/smb/auto.share"


and auto.share also in the /var/run/autofs/user/%USER%/smb directory

* ${host}:/&
*   -fstype=smb ://${host}/&

Now this smb filesystem does not exist (only cifs and smbfs right?) I've created a script 
mount.smb which calls mount.cifs (or mount.smbfs).

To this program no variable is know which can identify the user. Simular to your problem.

Now when you look at the mountpoint, the  mountpoint is always something like:

/mnt/autofs/user/%USER%/smb/somehost/someshare

so with a program like cut you can extract the exact userid:

userid=$(echo $mountpoint | cut --delimiter "/" --fields 5 )

If this is found,
you can check in the userhomedirectory for a credentialsfile.

If found, the script will call the right mountprogram (mount.cifs or mount.smbfs)
with the credentialsfile. If not there, it will do a guest mount.

Note that this construction in my mail here is newer than in the howto on howtoforge.

I'm running this at home, and it's very good.

Hope this helps,

Stef Bon
Voorburg
the Netherlands

user token

[muzzol]

2007/11/29, Ian Kent <raven@themaw.net>:
> The USER environment variable is set in the environment before the
> executable map is executed. Maybe there's a bug in the way I execute the
> maps, no doubt a stupid mistake. I'll check that.
>

then i dont know what we're talking about. should that example work?
if answer is yes you make my day! :D

it would be fine if you provide in the docs some examples of variables
in executable maps. maybe i can open a bug about that and give some
hints.


--
========================
     ^ ^
     O O
    (_ _)
muzzol(a)gmail.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>


-- 
========================
     ^ ^
     O O
    (_ _)
muzzol(a)gmail.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>

_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs

Re: user token

[muzzol]

2007/11/29, Ian Kent <raven@themaw.net>:
> > opts="-fstype=cifs,credentials=/home/$USER/.smb.creds"
>
> The USER environment variable is set in the environment before the
> executable map is executed. Maybe there's a bug in the way I execute the
> maps, no doubt a stupid mistake. I'll check that.
>

any news about this?

im very interested and i can't make it work.

regards

-- 
========================
     ^ ^
     O O
    (_ _)
muzzol(a)muzzol.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>

_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs