Apache access to mounted shares.

Sorry, thought I mentioned. I tried to change the permissions on the directory.

Even with a sudo, the permissions are not changed. I don't get an error message back from chmod. It just ignores the command and the permissions are not changed (doesn't make any difference if I do 744 or 755, they still remain 700).

Interestingly, when I go to /Volumes/ in Finder and check the permissions, it says the owner is SYSTEM, group is WHEEL, and even they have "No Access".

This is different than what I get when I do an LS in Terminal. Which says the owner is ADMINISTRATOR and group is ADMIN (which is the userid I am signed on with). And permissions are DRWX------

Well, I have a very uggly work around that I will document, but not recommend. It is pretty resource intensive, and not particularly secure, but it works for our limited environment.

The application was simple enough that if I could copy the files I needed to a local drive, then things would work.

PHP can execute a system command, and that command runs as WWW (the Apache id), so what I ended up doing was checking to see if the file I needed was already on the local system (in a directory that WWW can access). If the file was not already there, then I would exec('smb_client....). Since you can include a command on the smb_client command line, I just included a command to copy the file I was looking for.

This is NOT a recommended solution... it is simply something that works for me..
1) PHP does not encourage running system commands under Apache. If the command hangs, you can hang Apache.

2) Running the client like this uses all the resource to establish the smb connection for each file I needed to copy, then tear it down.

As you can see, if you do this a lot, it could slow things down.

While I was writing this up, it occured to me that another option would be to have PHP see if the share was mounted, and if not, then it could issue the smb_mount command as WWW. I will have to try this next time I get some time on the server for testing.

Hi Jun,

I do not think that this is a Windows access problem. What files you can access on the Windows system is determined by the WINDOWS user ID you connect to the system with. Even if you are running as root on the Mac system, if you connect as JOHN to the windows system, you will only be able to access the files that JOHN has access to.

What I think we need is somebody who understands how OS/X determines the permissions and owner when you mount an SMB share. And then how to change it.

It would also be helpful to know how to tell Finder that the SMB share is mounted. If I mount a share with SBM_MOUNT, Finder doesn't always notice it, and doesn't notice if I unmount it. So currently on my system, Finder says the share is mounted, but it really isn't, and I cannot eject it from Finder.

Hi Jun san,

I tried this and encountered some strange results.

I created the directory /Volumes/RWD and checked that it was owned by root, group admin, with permissions of RWDR-WR-W.

I then did the sudo mount_smbfs. It asked for both passwords (root and the windows password). And looked like it worked.

I could do a cd /Volumes/RWD/, but when I tried to do an ls -l, I got a permissions denied message.

So I tried doing sudo ls -l and that gave me a directory listing as expected. So the mount worked. And it showed everything as being owned by root, with group of admin. The user id I was running under was a member of the admin group, so it should have had permissions.

I tried sudo ls -el and did not see any ACLs attached (which I did not expect to see because we did not have ACLs set for the boot volume.

Nick