14

How can I mount a SMB network share that can be accessed by anyone? Here's what I tried:

Using mount command

me$ sudo mkdir /Multimedia
me$ sudo chmod 777 /Multimedia
me$ sudo mount -t smbfs -o nosuid,-d=777 //user:password@qnap/Multimedia /Multimedia/

then

me$ cd /Multimedia      
-bash: cd: /Multimedia: Permission denied

permission on /Multimedia after mounting

drwxrwxrwx   1 root  wheel  16384 Nov  8 11:04 Multimedia

yet this works

root# cd /Multimedia

tl;dr only root can access mounted share

Using automount

in /etc/auto_master

#
# Automounter master map
#
+auto_master            # Use directory service
/net                    -hosts          -nobrowse,hidefromfinder,nosuid
/home                   auto_home       -nobrowse,hidefromfinder
/Network/Servers        -fstab
/-                      -static
### SMB shares
/-                      /etc/automounts/smb -nosuid,noowners

in /etc/automounts/smb

/Multimedia        -fstype=smbfs,soft,noowners,noatime,nosuid ://user:password@qnap/Multimedia

then

me$ sudo automount -vc
automount: /net updated
automount: /home updated
automount: /Multimedia mounted
automount: no unmount

after that

me$ cd /Multimedia
me$ ls -ld /Multimedia/
drwx------  1 me  staff  16384 Nov  8 11:04 /Multimedia/

Works! But unfortunately other users have no access

otheruser$ cd /Multimedia 
-bash: cd: /Multimedia: Permission denied

Yet if I

me$ umount /Multimedia

and then

otheruser$ cd /Multimedia
otheruser$ ls -ld /Multimedia 
drwx------  2 otheruser  staff  1 Nov  8 15:17 /Multimedia

Works! But

me$ cd /Multimedia
-bash: cd: /Multimedia: Permission denied

and yet

root# cd /Multimedia

Works!

tl;dr only the user that caused automount and root have access to the share

Community
  • 1
Rytis I
  • 241
  • 1
  • 2
  • 8

3 Answers3

2

Make the SMB share mountable as guest, then it will be mounted with right permissions.

I had the exact same problem and this works for me in High Sierra:

/etc/auto_nfs:

Public -fstype=smbfs,soft,noowners,noatime,nosuid smb://guest@192.168.1.1/Public

And after mount, it will have drwxrwxrwx rights and I am able to browse it from different users.

Tommi Uimonen
  • 29
1

It seems like macOS does not allow users to mount SMB network drive with custom uid/gid bits. And it only permits a user who mounts a drive to access the drive. I do not know whether Apple cares about security or it is just a bug. But unfortunately, it is for years. I have tested several cases on a macOS-to-macOS shared drive:

    known-user@a-server:~% sudo ls -l
    -rw-r-----  1 known-user    known-group    0 Jun 13 10:50 a-file
    -rw-r-----  1 known-user    unknown-group  0 Jun 13 10:50 b-file
    -rw-r-----  1 unknown-user  known-group    0 Jun 13 10:50 c-file
    -rw-r-----  1 unknown-user  unknown-group  0 Jun 13 10:50 b-file

    who-mount@my-desktop:~% sudo ls -l
    -rw-r-----  1 who-mount     whose-group  0 Jun 13 10:50 a-file
    -rw-r-----  1 who-mount     whose-group  0 Jun 13 10:50 b-file
    -rw-r-----  1 who-mount     whose-group  0 Jun 13 10:50 c-file
    -rw-r-----  1 who-mount     whose-group  0 Jun 13 10:50 d-file

    who-mount@my-desktop:~% cat a-file
    who-mount@my-desktop:~% echo hello > a-file

    who-mount@my-desktop:~% cat b-file
    who-mount@my-desktop:~% echo hello > b-file

    who-mount@my-desktop:~% cat c-file
    who-mount@my-desktop:~% echo hello > c-file
    zsh: permission denied: c-file

    who-mount@my-desktop:~% cat d-file
    cat: d-file: Permission denied
    who-mount@my-desktop:~% echo hello > d-file
    zsh: permission denied: d-file
  1. The uid/gid of shared files/folders are always who-mount:whose-group
  2. The permission bits are the same on the shared server a-server
  3. The server treats who-mount as known-user:known-group (here known-group is the default group of know-user)

One suggestion is to use Fuse for macOS. It provides custom uid/gid and permission bits options with -o flag; check out bindfs which mounts FUSE drive and alters permission. With the bindfs, you can mount permission-fetched smb drive after mounting the smb drive in the way you mentioned.

But, I think, the best is each user has own shared drives.

Daehyun You
  • 11
-1

I have a question that could be an answer...
Why don't you use "Sharing" in System preferences?
You then select File Sharing, set up folders and users and under the "options" button you will find SMB.
That should do the trick and much more easylly than with the CLI.

Marc Augier
  • 1