1. Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.4
  2. Using SMB File Sharing on Client Systems
  3. Managing SMB Mounts in the Global Environment
  4. How to Mount a Multiuser SMB Share

How to Mount a Multiuser SMB Share

If you want to make a share available to one or more users on a system, you can mount the share on a mount point anywhere on the system. When you mount a share as a superuser, you do not need to own the mount point. Mount options control the access to the mount point. You access the server as the user who mounted the share.

  1. Become an administrator.
  2. Verify that the network/smb/client service is enabled.
    $ svcs network/smb/client
STATE          STIME    FMRI
online         19:24:36 svc:/network/smb/client:default

    This service is enabled by default, so the usual state for the service is online. To enable the service, type the following command: 

    $ svcadm enable -r network/smb/client
  3. Find the share that you want to mount from a server.
    $ smbadm show-shares [-A | -u username] [-t] server
  4. Perform the mount.
    $ mount -F smbfs [-o user=user-name,dirperms=octal-triplet,fileperms=octal-triplet,\
gid=group-ID...] //server/share mount-point
    user-name

    Specifies the account used to authenticate the user when accessing a remote system.

    octal-triplet

    Specifies the directory permissions that you can set to the directories. The dirperms permission does not affect the access policies that the SMB server maintains.

    octal-triplet

    Specifies the file permissions that you can set to the files on a mount point. The fileperms permission does not affect the access policies that the SMB server maintains.

    group-ID

    Specifies the group ID that you can set as the effective group. The effective group uses the group permissions that is set for the mount point.

Example 4-1 Mounting a Multiuser SMB Share

In this example, sales-tool share is mounted at the /sales mount point. This mount point is owned by the user user1 and group salesgrp. Mount options enable read and write access to the users belonging to the salesgrp group.

Use the smbadm show-shares command to list the shares. 

$ smbadm show-shares -A solarsystem
c$      Default Share
IPC$    Remote IPC
sales-tools

Mount the sales-tools share to /sales mount point. 

$ mkdir -m 770 /sales
$ chown user1:salesgrp /sales
$ ls -ld /sales
drwxrwx---   2 user1    salesgrp    117   Feb 17 13:24 /sales
$ mount -F smbfs -o user=user1,fileperms=770,dirperms=770,gid=salesgrp \
//solarsystem/sales-tools /sales

Mount options enable the user user1 to access the sales-tools share on the system solarsystem. These options also enable users in the salesgrp group to access the files and directories. User auser can access the share as the user belongs to the salesgrp group. However, any access to the mount point such as creating a file in the mount point can be done only by the user user1. 

$ su -auser
% id -gn salesgrp
% cd /sales
% ls -l
total 0
drwxr-x---+  1 auser    salesgrp     512 Feb 17 14:22 central   
-rwxr-----+  1 user1    salesgrp       0 Feb 17 14:22 contacts
drwxr-x---+  1 user1    salesgrp     512 Feb 17 14:22 east
-rwxr-----+  1 buser    salesgrp       0 Feb 17 14:22 numbers
drwx------+  1 cuser    fingrp       512 Feb 17 14:22 west  
% touch my-file
% ls -l my-file
-rwxrwx---+  1 user1    salesgrp       0 Feb 17 14:34 my-file

A user who does not belong to the salesgrp group cannot access the mount point. 

$ su - cuser
% id -gn
fingrp
% cd /sales
cd: /sales: [Permission denied]

You can remount the share using the uid mount option to enable the user cuser to access the share. 

$ umount /sales
$ mount -F smbfs -o user=user1,fileperms=770,dirperms=770,gid=salesgrp,uid=cuser\
   //solarsystem/sales-tools /sales
$ su - cuser
% id -un
buser
% cd /sales
% ls -l
-rwxrwx---+  1 user1    salesgrp       0 Feb 17 14:34 my-file
drwxr-x---+  1 auser    salesgrp     512 Feb 17 14:22 central
-rwxr-----+  1 user1    salesgrp       0 Feb 17 14:22 contacts
drwxr-x---+  1 user1    salesgrp     512 Feb 17 14:22 east
-rwxr-----+  1 buser    salesgrp       0 Feb 17 14:22 numbers
drwx------+  1 cuser    fingrp       512 Feb 17 14:46 west

The user cuser who belongs to the fingrp group owns the west directory in the /sales mount point. However, user cuser cannot access the west directory, as the /sales mount point is mounted by user user1 who does not belong to the fingrp group. 

% ls -l west
ls: error reading directory west: Permission denied