Re: [PATCH 00/25] Current autofs patch queue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/02/2013 01:13 PM, Gordon Lack wrote:
>>> I'm not sure what you mean.
> 
> Just that I've not seen it, so thanks for the example.
> 
>>> Users can create user-specific CIFS mounts today with "sudo mount -t cifs -o sec=krb5,cruid=$UID,...".
>>> The intention of my patch is just to enable autofs to create such mounts.
> 
> But that leaves the mount permission dependent on who make the first call.

True. But that holds in the manual "mount -t cifs ..." case as well.

>>> P.S.: You are correct that there is an issue with autofs caching the list of mount points if the
>>> list of mountable shares returned by a server depends on the credentials provided. AFAICS that can
>>> be fixed by configuring the such that all users can see the same shares (but not necessarily
>>> access/mount them all).
> 
> And once you've done that the UID that needs to be used for each of these mounts is mount-specific,
> not "who caused the mount"-specific. Which is why I see a problem with it.

Do you have security concerns, or is it just that you don't consider it
useful? I can just say that I find it very useful working on a Linux
workstation in an AD-dominated environment. It's much more practical
than using any of the "Network Browsing" utilities provided by GNOME and
the like. Just my personal opinion.

I admit I have been using it mostly on my workstation, where I am the
only user.

Martin

> 
> 
> 
> ________________________________
> 
> This e-mail was sent by GlaxoSmithKline Services Unlimited
> (registered in England and Wales No. 1047315), which is a
> member of the GlaxoSmithKline group of companies. The
> registered address of GlaxoSmithKline Services Unlimited
> is 980 Great West Road, Brentford, Middlesex TW8 9GS.
> 


-- 
Dr. Martin Wilck
PRIMERGY System Software Engineer
x86 Server Engineering

FUJITSU
Fujitsu Technology Solutions GmbH
Heinz-Nixdorf-Ring 1
33106 Paderborn, Germany
Phone:			++49 5251 525 2796
Fax:			++49 5251 525 2820
Email:			martin.wilck@xxxxxxxxxxxxxx
Internet:		http://ts.fujitsu.com
Company Details:	http://ts.fujitsu.com/imprint
--
To unsubscribe from this list: send the line "unsubscribe autofs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Filesystem Development]     [Linux Ext4]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux