PDA

View Full Version : SLES 11 share access problems



sysengPS
03-Mar-2015, 19:36
Hello. Here's my situation. server A has files I need on server C, but server A is in a PCI zone, so I can't directly connect server C to server A. Ok, I'll share the files from server A to server B, then access server B from server C. I tried this using nfs, but found out that this was a nfs re-export issue that isn't really kosher. So I tried exporting via cifs from server A to server B, but I'm unable to do so. I'm getting error 13 permission denied going from server B to server A. It should be noted that server B is currently serving a share for server A. Sorry about the confusion.

from server B:
sudo mount -t cifs -vvv //serverA/835 /mnt/835 -o username=user,password=******


We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

root's password:
mount: fstab path: "/etc/fstab"
mount: mtab path: "/etc/mtab"
mount: lock path: "/etc/mtab~"
mount: temp path: "/etc/mtab.tmp"
mount: UID: 0
mount: eUID: 0
mount: spec: "//serverA/835"
mount: node: "/mnt/835"
mount: types: "cifs"
mount: opts: "username=****,password=******"
mount: external mount: argv[0] = "/sbin/mount.cifs"
mount: external mount: argv[1] = "//serverA/835"
mount: external mount: argv[2] = "/mnt/835"
mount: external mount: argv[3] = "-v"
mount: external mount: argv[4] = "-o"
mount: external mount: argv[5] = "rw,username=user,password=********"
mount.cifs kernel mount options: ip=192.168.182.16,unc=\\serverA\835,,ver=1,user=us er,pass=********
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
user@serverB:/> exit

Server A
/etc/samba/smb.conf

[global]
workgroup = domain
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
idmap gid = 10000-20000
idmap uid = 10000-20000
kerberos method = secrets and keytab
realm = domain.com
security = ADS
hosts allow = 192.168.181.20
template homedir = /home/%D/%U
template shell = /bin/bash
winbind offline logon = yes
winbind refresh tickets = yes
ldap suffix =
wins server =
wins support = No

[835]
comment = psheft 835 via serverB
path = /mnt/835
read only = yes
writeable = no
create mask = 0666
force user = user

smbusers.conf

root = administrator admin
;nobody = guest pcguest smbguest

Any help you can give would be appreciated. Thanks.

jmozdzen
04-Mar-2015, 18:39
Hi sysengPS,


from server B:
sudo mount -t cifs -vvv //serverA/835 /mnt/835 -o username=user,password=******
[...]
mount: external mount: argv[5] = "rw,username=user,password=********"
mount.cifs kernel mount options: ip=192.168.182.16,unc=\\serverA\835,,ver=1,user=us er,pass=********
mount error(13): Permission denied
[...]
Any help you can give would be appreciated. Thanks.

What's in SMB logs on serverA? You may have to increase the verbosity of smbd to see anything useful. Can we assume that "user/pass" is a valid user in AD and has a proper mapping on SaMBa?

BTW, the only real trouble with re-exporting NFS mounts is creating a loop (serverC exports something that is mounted from serverB, serverB is exporting this and has mounted it from serverA, and serverA had that mounted from serverC). If you can handle administratively that no-one will create such a loop accidentally, i.e. via serverD, everything ought to be fine.

Regards,
Jens

sysengPS
04-Mar-2015, 20:16
Well, I feel dumb. I was trying an account that was local on both boxes, but it was trying to auth w/ the dc. Once I put in domain credentials, it was happy. Thanks very much!

jmozdzen
05-Mar-2015, 12:46
Hi sysengPS,

success is what counts ;)

Regards,
Jens

sysengPS
05-Mar-2015, 20:00
This is true.
So I got the CIFS share to work, but am unable to share that share. I get "exportfs: /mnt/835 does not support NFS export"


manderson@pesproxy01:~> df -hT
Filesystem Type Size Used Avail Use% Mounted on
/dev/sda2 ext3 48G 33G 14G 70% /
udev tmpfs 1.9G 124K 1.9G 1% /dev
tmpfs tmpfs 1.9G 68K 1.9G 1% /dev/shm
jaxprodna2.payspanad.com:/prod-proxy01-virtualftp cifs 760G 468G 293G 62% /mnt/virtualftp
//serverC/835 cifs 48G 30G 17G 65% /mnt/835