[TriLUG] SMB, fstab, php/apache user access?
David McDowell
turnpike420 at gmail.com
Tue Mar 1 14:28:33 EST 2005
In my current setup, I have a RH flavored linux distro. I have the
following line in my /etc/fstab which mounts a share folder on a
windows network to the mnt point so that an rsync cron.d job will run.
The job successfully rsync's my complete web directory to the share
location where the backup tapes in the Microsoft environment can grab
the files. The .credfile has the Microsoft share's username and
password for auth by the Microsoft machine to the share. Everything
here works great. Root has the mount, root runs the cron.d, mount
works, script works, all is happy.
//SERVER/ShareName /mnt/webbackup smbfs credentials=/path/to/.credfile 0 0
Now is where I'm a bit confused, maybe just syntax related. The
/etc/fstab line above connects to the Microsoft share as user foo,
password bar, just as the .credfile states it should. As the root
user on the linux box, I can make directories, cp files, mv files,
delete files, basically everything works perfectly as I said. So this
does not appear to be a permissions issue with the Microsoft share. I
believe where I'm going is bumping into problems with the way other
users on the linux box talk to the share. Here's what I mean.
I am creating a web app using PHP 4.x on Apache 2.x on this linux box.
The PHP is accepting uploaded files, and the PHP path for placement
of those uploaded files is /mnt/webbackup/ and any folders and files
structure that I create with the app should be able to be placed
there. As many of you know, httpd doesn't run as root. It runs as
apache by default. So it would seem that the local apache user on
this linux box is unable to use the share created in the /etc/fstab.
With the share umounted, I tried changing ownership and perms of the
/mnt/webbackup mount point. But, whenever I run mount -a to test the
line from /etc/fstab, it never fails to change back to:
drwxr-xr-x 1 root root 24567 Feb 28 18:38 webbackup
No amount of chmod, chown seem to change the mount point once the
mount is established either.
So, how do I make this mount point usable by a regular user such as
apache, yet still allow it to be in /etc/fstab (for automation
purposes in case of reboot due to new kernel, UPS failure, etc.)
After the smbfs, do I need rw,apache,credentials=/path/to/.credfile to
give the apache user read/write access? This is what I'm getting out
of the first few google hits. Something else I'm reading says:
To enable non root user to mount smb shares you must set smbmnt setuid
Here's how
# cd /usr/lib/samba/classic
# chmod +s smbmnt
which I think is from Solaris? I find this equiv in samba 3.x:
chmod +s /usr/bin/smbmnt
I think... so can the share still be connected using my current
/etc/fstab and then used by the apache user after that from the PHP
web app?
Thanks,
David McD
More information about the TriLUG
mailing list