If you want to make a share available to one or more users on a system, you can mount the share on a mount point anywhere on the system. When you mount a share as a superuser, you do not need to own the mount point. Mount options control the access to the mount point. You access the server as the user who mounted the share.
- Become an administrator.
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
- Verify that the
network/smb/clientservice is enabled.
$ svcs network/smb/client STATE STIME FMRI online 19:24:36 svc:/network/smb/client:default
This service is enabled by default, so the usual state for the service is
online. To enable the service, type the following command:
$ svcadm enable -r network/smb/client
- Find the share that you want to mount from a server.
$ smbadm show-shares [-A | -u username] [-t] server
- Perform the mount.
$ mount -F smbfs [-o user=user-name,dirperms=octal-triplet,fileperms=octal-triplet,\ gid=group-ID...] //server/share mount-point
Specifies the account used to authenticate the user when accessing a remote system.
Specifies the directory permissions that you can set to the directories. The
dirpermspermission does not affect the access policies that the SMB server maintains.
Specifies the file permissions that you can set to the files on a mount point. The
filepermspermission does not affect the access policies that the SMB server maintains.
Specifies the group ID that you can set as the effective group. The effective group uses the group permissions that is set for the mount point.
Example 4-1 Mounting a Multiuser SMB Share
In this example,
sales-tool share is mounted at the
/sales mount point. This mount point is owned by the user
user1 and group
salesgrp. Mount options enable read and write access to the users belonging to the
smbadm show-shares command to list the shares.
$ smbadm show-shares -A solarsystem c$ Default Share IPC$ Remote IPC sales-tools
sales-tools share to
$ mkdir -m 770 /sales $ chown user1:salesgrp /sales $ ls -ld /sales drwxrwx--- 2 user1 salesgrp 117 Feb 17 13:24 /sales $ mount -F smbfs -o user=user1,fileperms=770,dirperms=770,gid=salesgrp \ //solarsystem/sales-tools /sales
Mount options enable the user
user1 to access the
sales-tools share on the system
solarsystem. These options also enable users in the
salesgrp group to access the files and directories. User
auser can access the share as the user belongs to the
salesgrp group. However, any access to the mount point such as creating a file in the mount point can be done only by the user
$ su -auser % id -gn salesgrp % cd /sales % ls -l total 0 drwxr-x---+ 1 auser salesgrp 512 Feb 17 14:22 central -rwxr-----+ 1 user1 salesgrp 0 Feb 17 14:22 contacts drwxr-x---+ 1 user1 salesgrp 512 Feb 17 14:22 east -rwxr-----+ 1 buser salesgrp 0 Feb 17 14:22 numbers drwx------+ 1 cuser fingrp 512 Feb 17 14:22 west % touch my-file % ls -l my-file -rwxrwx---+ 1 user1 salesgrp 0 Feb 17 14:34 my-file
A user who does not belong to the
salesgrp group cannot access the mount point.
$ su - cuser % id -gn fingrp % cd /sales cd: /sales: [Permission denied]
You can remount the share using the
uid mount option to enable the user
cuser to access the share.
$ umount /sales $ mount -F smbfs -o user=user1,fileperms=770,dirperms=770,gid=salesgrp,uid=cuser\ //solarsystem/sales-tools /sales $ su - cuser % id -un buser % cd /sales % ls -l -rwxrwx---+ 1 user1 salesgrp 0 Feb 17 14:34 my-file drwxr-x---+ 1 auser salesgrp 512 Feb 17 14:22 central -rwxr-----+ 1 user1 salesgrp 0 Feb 17 14:22 contacts drwxr-x---+ 1 user1 salesgrp 512 Feb 17 14:22 east -rwxr-----+ 1 buser salesgrp 0 Feb 17 14:22 numbers drwx------+ 1 cuser fingrp 512 Feb 17 14:46 west
cuser who belongs to the
fingrp group owns the
west directory in the
/sales mount point. However, user
cuser cannot access the
west directory, as the
/sales mount point is mounted by user
user1 who does not belong to the
% ls -l west ls: error reading directory west: Permission denied