Since 10 November our faculty has a new website! The old website will still be available at oldwww.fi.muni.cz for now. Something is broken? Please report it to webmaster@fi.muni.cz or use our webform.

translated by Google

Accessing disks on your own machine

Unix home directory /home/login you can access your own or any other machine in multiple ways - via Sambu (CIFS), NFS, or SSHFS. Autofs can also be used to simplify connections. In the Samba section, you can also find a way to connect your Windows home directory.

The instructions below are targeted to Unix OS. If you want to make the home directory available on a Windows machine, you can find the necessary steps here .

General information

Connections and disconnections are commands mount and umount , you can find more information about them, for example, in the man pages. The directory in which you want to access the remote directory is called mountpoint. Mountpoint is not a call-to-connect command created - it must be pre-existing (this is not only true for Autofs where it is created automatically). You can display all attached (mounted) directories with the command mount without parameters.

Samba (CIFS)

Accessibility via Sambu is only possible for machines in the FI network and only allows access to the home directory. The Samba protocol is generally blocked in the Internet due to its frequent abuse. On your machine, you need a root access and a tool mount.cifs (for example, under Debian available in the package cifs-utils ). Exporting the Samba home directory is enabled automatically for the entire FI network. The connection requires authentication data. From a security point of view, it is best to save it to a file to which it only has root access because it contains the faculty password in pure form. We can create a file, for example, in /etc/samba/fi_cred.conf , set access rights 600, and its content should be as follows:

username=login
password=heslo
domain=NTFI

Access the home directory itself /mnt/fi-home can be done with a command mount :

muj_stroj# mount -t cifs //home.fi.muni.cz/login /mnt/fi-home \
    -o uid=muj_login,gid=skup,credentials=/etc/samba/fi_cred.conf

The uid and gid parameters are login and the primary group on your machine (can be found with the command id ). You can also place these parameters in one line of the file /etc/fstab :

//home.fi.muni.cz/login    /mnt/fi-home    cifs
    uid=muj_login,gid=skup,credentials=/etc/samba/fi_cred.conf  0  0

and then you just need to connect the command

muj_stroj# mount /mnt/fi-home

Disconnect can be done by umount:

muj_stroj# umount /mnt/fi-home

In the case of Samba configuration problems, you can also test the connection functionality by using the command smbclient (usually from the package of the same name), and in case of success it should prompt smb: \>

Connect your Windows machine home directory

Command mount you can also connect a folder with the home directory and profile of Windows faculty machines. Please specify the remote directory //ad.fi.muni.cz/DFS/home/login or any of the Windows disks , for example:

mount -t cifs //ad.fi.muni.cz/DFS/home/login /mnt/fi-win-home \
    -o uid=muj_login,gid=skup,credentials=/etc/samba/fi_cred.conf

NFS

NFS access is only available for machines in the FI network and only allows access to the home directory. However, the currently used NFS version 3 of the home directory server requires that the UID and primary user ID under which you work on your address book should be the same as the UID and the primary GUI of the faculty UNIX account (this can be determined by a command id ). Therefore, this use is now better suited for new system installations where these identifiers can be easily influenced. Alternatively, you can create a new user who will have the required identifiers and then work with the attached files below. As a result of other NFS specifics, file permissions are applied to full access to these files; so if you do not have files open to others, you will not even reach them under the root user on your machine.

On your machine again you need root access and tool mount.nfs (for example, under Debian available in the package nfs-common ). You also need to be allowed export the home directory NFS protocol (change takes effect within two hours). The connection does not require authentication, so you need to consider the risk associated with export. Access to mountpoint /mnt/fi-home can be done again with a command mount with the following options:

muj_stroj# mount -t nfs home.fi.muni.cz:/export/home/login /mnt/fi-home \
    -o rw,noatime,soft,actimeo=30,vers=3,sloppy,addr=147.251.48.3

Again, remember that the mountpoints are accessible by the user with the same UID and GID, so verification of the connection functionality needs to be done under it, not under the router.

These parameters can also be included in the file /etc/fstab (see the Samba section). Alternatively, you can add an option to the options user , so that a common user can also bind / disconnect the directory (if you want to run programs from the mountpoint, you have to choose user to add an option exec - the choice user automatically turns it off):

home.fi.muni.cz:/export/home/login	/mnt/fi-home    nfs
    rw,user,exec,noatime,soft,actimeo=30,vers=3,sloppy,addr=147.251.48.3  0  0

SSHFS

You need a tool installed on your machine sshfs . Depending on your distribution, you may need to add your account to a bundle using FUSE (see the information below). This procedure can be used without any further restrictions; the only condition is the functional registration for a faculty machine (Aisa, Anxur, Nymfa, ...). You can add any directory within your faculty home directory. For example, to add a faculty directory /home/login/mail into the directory ~/fi-home can be done as follows:

muj_stroj$ sshfs login@aisa:/home/login/mail ~/fi-home

If this command ends with a file access error /etc/fuse.conf , you need to add a user to a fuse group, for example, a command muj_stroj# usermod muj_login -aG fuse ).

After connection, the sshfs command remains in the background and provides access to remote files. Disconnection can be done by a command fusermount :

muj_stroj$ fusermount -u ~/fi-home

Autofs

Autofs can ensure that the directory is connected as needed when accessed, and then, if not used for a while, is disconnected.

To install it, you need root access to the machine and package autofs . After installation, you need to edit the file contents /etc/auto.master with the main configuration of autofs and /etc/auto.home with configuration for machine with home directories home.fi.muni.cz. To /etc/auto.master add a line

/mnt/net   /etc/auto.home

and to the newly created /etc/auto.home add a line, according to the protocol used, which content is derived from the fstab rows for that protocol:

# pro pripojovani pres Sambu
fi-home-smb
    -fstype=cifs,uid=muj_login,gid=skup,credentials=/etc/samba/fi_cred.conf
    ://home.fi.muni.cz/login

# pro pripojovani pres NFS
fi-home-nfs
    -rw,user,noatime,soft,actimeo=30,vers=3,sloppy
    home.fi.muni.cz:/export/home/login

The content of the two lines is due to their length; in the file, all the parameters for each connection must be placed in one line. Then it is still necessary to retrieve the configuration of autofs, for example by command /etc/init.d/autofs reload or other specific for distribution and autofs should already be functional.

The mountpoint to which the directory automatically connects must not exist. Attempts to access it, however, will cause it to be created and connected according to the configuration, ie after entering the directory /mnt/net you will not see a directory in the listing of its contents, but the command cd fi-home-smb in the case of correct configuration, succeeds and the subsequent listing of contents displays the files in the remote directory. After a period of inactivity, the remote directory is disconnected and the mountpoint is deleted.

Possible problems

Connecting a remote directory to a file system will overlap the contents of the directory that we use as a mountpoint. The original directory still exists, but it is not easily accessible until the remote directory is disconnected. However, programs that have the directory or subdirectory already opened will see their original content. So if you were in the mountpointe, you added a remote directory to it and listed its contents, nothing would seem to change. In that case, it will help to re-enter that directory.

When bundling directories over the network, it's good to realize the risk of losing a network connection. In this case, of course, work with the attached directory will no longer work. However, you may also freeze programs that work with the content in this directory (they will get into an uninterrupted sleep state; top status D), and these programs may not respond to the SIGKILL signal ( kill -9 ). Also disconnect the directory with Samby and NFS using umount may fail. Sometimes this problem can be partly resolved by forced laziness: umount -lf ; For more information, see the command page of the command.

Also, it is not good to end the running sshfs violently, as it may not be possible to properly disconnect the attached directory.