Always permission 777 on mount shared cifs

Question

I have a little problem when I mount a SMB shared folder from a Synology NAS. I want to mount a shared folder with permissions: git:root 700

But the mounted folder always have permission set to 777 ( even after a chmod 700 without error)

In my /etc/fstab I used this line:

#uid=999 ---> git user
//server/folder /mnt/artifacts cifs username=windowsUser,password=xxxxx,gid=0,uid=999,file_mode=0700,dir_mode=0700,iocharset=utf8 0 0

Do you know why I cannot set my rights to 700 ? I did a mistake ? Something stupid ?

Thanks in advance for your help ;)

you should consider to mark the answer of @Docnovak the correct one — tswaehn, Sep 20 '20 at 17:02

Docnovak · Answer 1 · 2018-08-22T06:04:07.597

If the remote machine user ID and the local machine user ID do not match, the permissions will default to 777. Mount.cifs doesn't support umask, so instead "noperm" option can be used. This way even if the permissions of the users on the local and remote machines don't match, the user will still be allowed to read and write to the folder, the equivalent of umask=000.

//address/location /mount/location cifs username=username,password=password,noperm,vers=2.0 0 0

score 8 · Answer 2 · answered Nov 07 '16 at 22:48

8

a good start is to check out the manpage for CIFS:

$ man mount.cifs
[...]
   file_mode=arg
       If the server does not support the CIFS Unix extensions this overrides the default file mode.

   dir_mode=arg
       If the server does not support the CIFS Unix extensions this overrides the default mode for directories.
[...]
   nounix
       Disable the CIFS Unix Extensions for this mount. 
[...]

So since the file_mode (and dir_mode) seem to only work if the server does not support the CIFS Unix extensions, i would start by disabling them (via the nounix option)

answered Nov 07 '16 at 22:48

umläute

28,885
9
68
122

Thanks for your anwser ;) I have already trying to add `nounix` option (and remove file/dir_mode ) but this produce a `no such file or directory` error. – David Nov 08 '16 at 08:09
Thanks ! That worked just fine. See my answer below for more details. – Yannick Mauray Nov 16 '20 at 21:08

score 2 · Answer 3 · answered Nov 16 '20 at 21:11

Adding nounix worked just fine. For information, the line I have in /etc/fstab is :

//server/share /mnt/folder cifs credentials=/home/yannick/.smbcredentials,iocharset=utf8,sec=ntlm,vers=1.0,uid=1000,gid=1000,file_mode=0644,dir_mode=0755,nounix 0 0

with 1000 being my user id and group id.

Inside .smbcredentials, I have this :

username=<distant login>
password=<distant password>

score 0 · Answer 4 · answered May 14 '20 at 07:48

I try to mount a CIFS share with permissions only for root. Other users should not be able to even list any files.

Therefore I used the following fstab entry:

//192.168.0.100/DRV   /mnt/DRV   cifs   user=user,pass=pass,uid=0,gid=0,nounix,file_mode=0007,dir_mode=0007   0   0

I also tried the noperm parameter.

In detail I created the folder with this permissions:

drwxrwx--- 2 root root 4096 Mai 14 09:09 DRV

After mounting the network share, the folder have:

d------rwx 2 root root 4096 Mai 14 04:50 W

I've recognized my mistake: The permissions *file_mode=0007,dir_mode=0007* are wrong! Correct ist *0770*. I'm wondering because I often have read to invert the permission flags!? — Meisterzunge, May 14 '20 at 19:08

MrEditor97 · Accepted Answer · 2016-11-10T12:13:35.750

-3

Your problem is a very common one. You are using incorrect tags to be able to change the file permissions of the mounted folder.

You need to add 'umask=', instead of 'file_mode=700' and 'dir_mode=700' as it is using system mount options not CIFS's options.

To do this you can use:

//address/location /mount/location cifs credentials=/location,uid=id,gid=id,umask=700 0 0

This will mount the file share under the set file permissions.

For security I would recommend using a credentials file, which contains the username and password, and must be set as read only.

edited Nov 10 '16 at 12:13

answered Nov 10 '16 at 12:07

MrEditor97

80
8

1

Hi @MrEditor97, I have tried with `umask` but that produce an `Invalid argument` error. `//server/folder /mnt/artifacts cifs credentials=/root/.smbcredentials,gid=0,uid=999,iocharset=utf8,umask=700 0 0` [It seems](https://superuser.com/questions/698422/why-does-this-line-in-my-fstab-give-me-an-invalid-argument-error) `umask` cannot be used with cifs. – David Nov 15 '16 at 16:28
2

Hi @David, Sorry that you are still having a problem. I have just referenced with my setup, and to mount the CIFS share with the permissions you are wanting you must use `file_mode=0600,dir_mode=0700`. I was using a Samba share therefore (which forces the correct file permissions) so I did not have to do it like you are. Is it possible for you to force the correct file permissions on your share? The only thing I can say, is try to use the `file_mode= and dir_mode=` with the addition of a **0** infront of the mount? – MrEditor97 Nov 15 '16 at 18:37
Hi @MrEditor97, first , thanks for your answer ;) unfortunately I still have the problem with the addition of 0. But I found a solution in my NAS, so now it's working :D thanks to everybody ;) – David Nov 16 '16 at 16:11
@David, thanks for letting me know that you are all sorted. I am sorry that I couldn't help with your actual problem though. – MrEditor97 Nov 16 '16 at 16:28
3

mount.cifs has no support for umask [mount error(22): Invalid argument], however supports *file_mode* and *dir_mode*. nevertheless the correct answer is given below. if remote and local user/gid not matching it defaults to 0777 anyway. – tswaehn Sep 20 '20 at 16:59

Always permission 777 on mount shared cifs

5 Answers5

Linked