On Tue, 2013-05-28 at 09:01 -0400, Jeff Layton wrote: > > > > That sounds reasonable. Assuming that you don't actually do anything on > the mount as root, then you can give "cifsuser" very limited privileges > here too, essentially acting as a "squashed" user like under NFS. > > Also, there's no need to do this crontab stuff either. If you mount > with "-o sec=krb5,username=cifsuser" then cifs.upcall will be able to > just use /etc/krb5.keytab without you needing to do anything special. > So cifsuser doesn't need loginShell nor unixHomeDirectory or any of the gecos stuff? I just tried with just posixAccount and uidNumber and gidNumber. It works under test but am I missing something? We just need cifsuser to be able to mount the share. He'll never need to do anything else. Cheers -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
