0

I have a samba server working and I can access the different shares with the command

smbclient -k //$server.$my_domain.$net/$my_share

I would like the mount to be automatically provided at boot time. The authentication process relies on kerberos. I have tried the following on my /etc/fstab file:

//$server.$my_domain.$net/$my_share /mnt/samba cifs sec=krb5i,rw,user 0 0

Once authenticated against the kerberos server, I execute mount -a. The commands returns $?==0; but the share is not mounted and nothing on logs files. No clue on logs, on client as on server side.

I think I just don't use the appropriate options in the fstab file?

Braiam
  • 622
  • 4
  • 23
philippe
  • 2,131
  • 4
  • 30
  • 53

1 Answers1

2

Kerberos uses the concept of a User Principal Name to authenticate itself; this has the form of user@domain or domain\user.

Since automounts on boot are executed as root, you're probably not providing the right UPN.

You'll have to provide the appropriate mount.cifs options:

cruid=arg
sets the uid of the owner of the credentials cache. This is primarily useful with sec=krb5. The default is the real uid of the process performing the mount. Setting this parameter directs the upcall to look for a credentials cache owned by that user.

Also, enable kerberos debug logging on the client and/or server to see if you get the right token.

adaptr
  • 16,479
  • 21
  • 33
  • Thanks for your quick answer! I hence have added this option to my /etc/fstab line, without any more results //$server.$my_domain.$net/$my_share /mnt/samba cifs sec=krb5i,cruid=$user,rw 0 0 :/ – philippe Dec 03 '12 at 16:39