Testing the UID var.

Testing the UID var.

[Stef Bon]

Hello,

the latest weeks I've been testing with the paramters UID, USER etc. 
provided by the automounter,
indicating the user activating the mount. I've changed the default 
auto.smb script to make use of this var:
(earlier I had another constructing which was not so comprehensive)

---------

#!/bin/bash

key="$1"
opts='-fstype=smbtest,auid=$UID'

SMBCLIENT=/usr/bin/smbclient

[ -x $SMBCLIENT ] || exit 1

# echo $key

$SMBCLIENT -gNL $key 2>/dev/null| awk -v key="$key" -v opts="$opts" 
-F'|' -- '
        BEGIN   { ORS=""; first=1 }
        /Disk/  { if (first) { print opts; first=0 }; sub(/ /, "\\ ", 
$2); print " \\\n\t /" $2, "://" key "/" $2 }
        END     { if (!first) print "\n"; else exit 1 }
        '
--------

Note:
a. I've made this script I little bit simpler by letting it not search 
the smbclient script.
b. the fstype is not smb but smbtest. I've created a wrapper 
mount.smbtest which will filter the parameter
auid out. This value can be used for permissions and authentification
c. the extra opion auid (activating user) which will be assigned when 
the automounter does the mount, not when running this script. That's why 
there are single quotes around it.

Futher I use this wrapper mount.smbtest, which is a little bit too big 
to show here. In pseudo code:

---------

#!/bin/sh

# log the parameters, important to see how this script is called
# and what the value of auid is

set | grep "^BASH_ARGV" >> /var/log/mount.smbtest.log

seperate the value auid from the rest of the paramaters
if this auid is not empty, and does exist (an existing user on the system)
check there are credentials for this user

if so then perform a mount.smb with the credentials, with all the right 
options (mountpoint, unc_address and other options)
else do a guest mount ( with the right options)


----------

When looking to the logfile, sometimes the auid is correct, but in about 
50% of the cases it's empty.

If you would like to test with this I can provide this mount.smbtest script.

Stef Bon

Re: Testing the UID var.

[Stef Bon]

Stef Bon wrote:
> ---------
>
> #!/bin/bash
>
> key="$1"
> opts='-fstype=smbtest,auid=$UID'
>
> SMBCLIENT=/usr/bin/smbclient
>
> [ -x $SMBCLIENT ] || exit 1
>
> # echo $key
>
> $SMBCLIENT -gNL $key 2>/dev/null| awk -v key="$key" -v opts="$opts" 
> -F'|' -- '
>         BEGIN   { ORS=""; first=1 }
>         /Disk/  { if (first) { print opts; first=0 }; sub(/ /, "\\ ", 
> $2); print " \\\n\t /" $2, "://" key "/" $2 }
>         END     { if (!first) print "\n"; else exit 1 }
>         '
> --------
>
> Note:
> a. I've made this script I little bit simpler by letting it not search 
> the smbclient script.
> b. the fstype is not smb but smbtest. I've created a wrapper 
> mount.smbtest which will filter the parameter
> auid out. This value can be used for permissions and authentification
> c. the extra opion auid (activating user) which will be assigned when 
> the automounter does the mount, not when running this script. That's why 
> there are single quotes around it.
>   

I would like to add that the mount will use the userid of the activating 
user, but that the smbclient does a guest
lookup. It is with this construction not possible to make use of this 
"activating userid" in auto.smb. In general I find it very difficult to 
figure out a construction which does support mounting for every ordinary 
user which:
- give enough permissions so that user one cannot access other users 
mountpoint (if more than one user is logged in)
- use the activating user in the mount program as the lookup program as well


Stef Bon