[OpenIndiana-discuss] CIFS automount share visibility

Stefan Müller-Wilken stefan.mueller-wilken at acando.de
Wed Feb 12 14:14:31 UTC 2014 

Hi Jim,

unfortunately that didn't change a bit. I switched off sharesmb on all relevant shares, doublechecked /etc/smbautohome and restarted the box twice. No luck - the autohome shares are still visible to anyone.

Any other place I could check this?

Cheers
 Stefan
________________________________________
Von: Jim Klimov [jimklimov at cos.ru]
Gesendet: Mittwoch, 12. Februar 2014 10:47
An: openindiana-discuss at openindiana.org
Betreff: Re: [OpenIndiana-discuss] CIFS automount share visibility

On 2014-02-12 08:54, Stefan Müller-Wilken wrote:
> Dear all,
>
> I'm currently having problems with CIFS automount shares being visible to all connected users and not only to each user personally.
>
> Quick search has revealed that similar has happened in the past (https://www.mail-archive.com/cifs-discuss@opensolaris.org/msg01197.html), but it seems as if simply rebooting a few times does not fix the problem.
>
> @Jim: do you still remember what you've done to fix the problem?

I believe I defined the paths to home directories in smbautohome, i.e.

# cat /etc/smbautohome
*       /export/home/&

The individual user-home datasets have sharesmb=off

Now when the windows user contacts the server and is authorized (by
the name-password popup or by AD domain integration) he only sees
his home directory and shares with explicit sharesmb settings (and
which don't have a dollar sign in the end - which can be used to
hide some shares).

For the latter example, now that the fileserver has migrated to OI,
it can use CIFS child mounts (so that users can browse sub-datasets
as normal sub-directories in a single share). However, the default
automagic of this implementation created sort of weird names of
the child-dataset shares (based on full dataset name rather than
sharesmb=name=xxx of the parent dataset), and what's worse - they
were visible names. I prettied this up by explicitly renaming the
child datasets' cifs names so they are not visible, but can be
browsed by both direct request and via pretty recursion:

# zfs list -o sharesmb,name -r
pond/export/DUMP/manual/oldsystems/windows
SHARESMB                                   NAME
name=Backups-OldWindows
pond/export/DUMP/manual/oldsystems/windows
name=Backups-OldWindows__From-BOOKKEEPER$
pond/export/DUMP/manual/oldsystems/windows/_From-BOOKKEEPER
name=Backups-OldWindows__From-BRIDGE$
pond/export/DUMP/manual/oldsystems/windows/_From-BRIDGE
...

HTH,
//Jim


_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss

________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022

More information about the OpenIndiana-discuss mailing list