1 2 3 Previous Next 40 Replies Latest reply: Jan 3, 2014 7:10 AM by tomoyuki.m
VPAhelp Level 1 Level 1 (0 points)

I have a launchd job that runs a shell script on a Snow Leopard server. The shell script backs up a share on another Windows server. Works great. Part of the script, of course, is mounting the share:

 

mount_smbfs -d 0500 -f 0400 //'domain;login:password'@server/share mountpoint

 

This works fine in Snow Leopard. The same code, when run as root on LION (as required for a system level launchd job) FAILS with an authentication error. The very same code works fine when run as a local admin user.

 

It seems root cannot use mount_smbfs on Lion systems? What am I missing here?


Mac mini, Mac OS X (10.7.2), Server OS
  • 1. Re: Can't use mount_smbfs as root?
    etresoft Level 7 Level 7 (24,270 points)

    Does it run fine from within a launchd context when run as a local admin user? Have you tried the script while running as root with "sudo bash"? I suggest using Autofs for this. If you ran it as a local user you might be able to get that password out of there.

  • 2. Re: Can't use mount_smbfs as root?
    VPAhelp Level 1 Level 1 (0 points)

    It seems non-root users can't attach shares to mountpoints in /Volumes. Receive an "operation not permitted". So, the script as written won't work from a non-root account.

     

    Let's ignore the fact, for the moment, that the goal is to have this run from a launchd job.

     

    Simply speaking, when I'm su'd in as root, I can't use mount_smbfs. Admin and non-admin users work fine (provided the mountpoint is in a sensible location).

  • 3. Re: Can't use mount_smbfs as root?
    etresoft Level 7 Level 7 (24,270 points)

    Maybe we should step back and ask just what you are attempting to accomplish.

     

    I wouldn't expect you do be able to do anything with /Volumes. That is a special location. What do you consider a "sensible location"?

     

    Does the mount have to be done as root?

  • 4. Re: Can't use mount_smbfs as root?
    VPAhelp Level 1 Level 1 (0 points)

    /Volumes is no more special than any other location. Root has privileges to write there, and it's a perfectly sane place to drop a mountpoint.

     

    Ignore that.

     

    Yes, the mount has to be performed as root, as the goal is to back up a Windows server by shell script triggered on a schedule with launchd (while no one is logged in). Worked fine in Snow.

     

    As usual, Apple changed something, and hasn't documented it. We're left to fumble around in the dark hoping we stumble on the solution.

  • 5. Re: Can't use mount_smbfs as root?
    etresoft Level 7 Level 7 (24,270 points)

    VPAhelp wrote:

     

    /Volumes is no more special than any other location. Root has privileges to write there, and it's a perfectly sane place to drop a mountpoint.

    /Volumes is special. It is owned by Autofs. Even root doesn't have full control over it because it is already managed by root via Autofs.

     

    Yes, the mount has to be performed as root, as the goal is to back up a Windows server by shell script triggered on a schedule with launchd (while no one is logged in). Worked fine in Snow.

     

    Why do you need root for that?

     

    As usual, Apple changed something, and hasn't documented it. We're left to fumble around in the dark hoping we stumble on the solution.

     

    Ah! I love commentary.

     

    Just because something behaved as you expected in Snow Leopard doesn't mean your expectations were valid. There is no reason you need root to manually mount something on /Volumes to backup some other machine. It would be better to have the other machine login as un unprivileged user on the Mac and back itself up.

  • 6. Re: Can't use mount_smbfs as root?
    VPAhelp Level 1 Level 1 (0 points)
    /Volumes is special. It is owned by Autofs. Even root doesn't have full control over it because it is already managed by root via Autofs.

    You're mistaken. /Volumes is owned by root:admin. AutoFS is irrelevant. I should be able to define a folder as a mountpoint wherever I'd like as root, and mount a filesystem there. It's that simple. Sheez... non-root users can perform this function! root can't even mount a filesystem with mount_smbfs regardless of location of the mountpoint!! This is repeatable on multiple machines, with both Lion server and client.

     

    Why do you need root for that?

     

    As I said, the goal is a system-level launchd job that runs on a schedule with no user logged in. Those, as far as I can tell, by definition run as root.

     

    Ah! I love commentary.

    Glad to hear it. Your's is pretty ripe and invigorating, too.

     

    There is no reason you need root to manually mount something on /Volumes to backup some other machine. It would be better to have the other machine login as un unprivileged user on the Mac and back itself up.

    The "other machine" in question is a Win 2K8 box.

     

    Look, I came here asking a simple question. Ignore my goals. They are clearly irrelevant to you, and if you'd perform the task at hand differently, that's fine. The long and the short of it is that if you try to run mount_smbfs as root in Lion, it will fail with an authentication error. It doesn't matter where the mountpoint is. Try it. Now, come back and give me a good reason why the root user can't or shouldn't be able to use mount_smbfs just like any other user.

  • 7. Re: Can't use mount_smbfs as root?
    etresoft Level 7 Level 7 (24,270 points)

    VPAhelp wrote:

     

    You're mistaken. /Volumes is owned by root:admin. AutoFS is irrelevant. I should be able to define a folder as a mountpoint wherever I'd like as root, and mount a filesystem there. It's that simple.

    If it is that simple, why can't you do it? I'm the one telling you it is complicated. The evidence seems to be in my favour.

     

    Sheez... non-root users can perform this function!

     

    Then why don't you do with with something other than root?

     

    As I said, the goal is a system-level launchd job that runs on a schedule with no user logged in. Those, as far as I can tell, by definition run as root.

    Then how do you explain all those launchd processes like Apache, MySQL, Bonjour, etc, that run as something other than root?

     

    The "other machine" in question is a Win 2K8 box.

     

    OK. And what's your point? By all accounts, that is a powerful machine that is perfectly capable of backing up itself on its own schedule. If you want to use the Mac as the backup store, configure the Mac to provide those resources when the Windows machine wants. When backing up, it is best to keep the original system's context because it knows those things best. You can encapsulate that on a Mac server using Windows file sharing.

     

    Look, I came here asking a simple question. Ignore my goals. They are clearly irrelevant to you, and if you'd perform the task at hand differently, that's fine. The long and the short of it is that if you try to run mount_smbfs as root in Lion, it will fail with an authentication error. It doesn't matter where the mountpoint is. Try it. Now, come back and give me a good reason why the root user can't or shouldn't be able to use mount_smbfs just like any other user.

     

    I don't know the inner details of Lion's implementation of mount_smbfs. Nor do I care. It works if you use something other than root. Why do you care? Just use something else. What's the big deal? It is an external file system. Your root privileges won't do you any good over there. They will only get you into trouble on the local machine.

  • 8. Re: Can't use mount_smbfs as root?
    VPAhelp Level 1 Level 1 (0 points)
    I don't know the inner details of Lion's implementation of mount_smbfs. Nor do I care. It works if you use something other than root. Why do you care? Just use something else. What's the big deal? It is an external file system. Your root privileges won't do you any good over there. They will only get you into trouble on the local machine.

     

    Thanks for all of your antagonistic non-help.

  • 9. Re: Can't use mount_smbfs as root?
    etresoft Level 7 Level 7 (24,270 points)

    Well, you need to meet me halfway here. I have asked you numerous questions, and experimented with it to find out what works and what doesn't. What have you provided? Complaints about Apple? Who does that help?

     

    I can mount an SMB share in /Volumes from a non-root account with no problem. I wouldn't do that because that is the Finder's directory. If you mess around in some other process' playground, you are likely to experience strange things at strange times. A process that works fine and then mysteriously fails after an OS upgrade - just to pick one random example.

     

    I would prefer to mount drives in my own locations that I control. I can't do it as root, but I really don't care. I would never, ever use root for something like that. Root is dangerous. Don't use it unless that is the only solution. In this case, it seems to be the only solution that doesn't work. I don't see the insistence on making it work.

  • 10. Re: Can't use mount_smbfs as root?
    gavin0001 Level 1 Level 1 (0 points)

    For anyone that is looking for an actual answer to the original poster's question, please see this discussion (https://discussions.apple.com/message/17633910)

  • 11. Re: Can't use mount_smbfs as root?
    jaydisc Level 4 Level 4 (1,400 points)

    It seems that etresoft is somewhat right. I, too, was skeptical, as history has always taught us to mount in /Volumes. I, too, was unable to run my old mount_smbfs scripts as root, or any other non-local admin user. Once I created a mount point OUTSIDE of /Volumes, I could them mount_smbfs as anyone, root included.

  • 12. Re: Can't use mount_smbfs as root?
    jaydisc Level 4 Level 4 (1,400 points)

    Unfortunately, creating a mount point outside of /Volumes means the mount point isn't cleaned up after unmounting the disk, which seems to leave a lot of room for error and damage to the original files. Still digging for best solution…

  • 13. Re: Can't use mount_smbfs as root?
    etresoft Level 7 Level 7 (24,270 points)

    jaydisc wrote:

     

    Unfortunately, creating a mount point outside of /Volumes means the mount point isn't cleaned up after unmounting the disk, which seems to leave a lot of room for error and damage to the original files. Still digging for best solution…

    if you have the umounting scripted, can't you just script any rmdir commands too? Once the volume is unmounted, cleanly or not, the original files aren't going to be damaged. Ideally, you could use autofs and it would take care of all that.

  • 14. Re: Can't use mount_smbfs as root?
    jaydisc Level 4 Level 4 (1,400 points)

    Two things:

     

    1. I can't seem to recreate being able to mount, even with root now. Not sure what I did before, but I'm unable to replicate.

     

    2. The problem with running an rmdir script is that if it DID NOT unmount successfully, you are now deleting files from the share.

     

    Now, you keep mentioning autofs, but that's for a permanent mount, isn't it? My need is for a transient mount. I want to mount a share, back it up, and UNMOUNT it. Do you feel autofs is appropriate for this? How about an example command if so.

1 2 3 Previous Next