FC3 - I'm anything but dissapointed

David Liguori liguorid at albany.edu
Tue Jan 18 15:17:54 UTC 2005



Guy Fraser wrote:
> On Fri, 2005-14-01 at 05:06 +0100, Markus Huber wrote:
> 
>>Jim Cornette wrote:
>>
>>
>>>I'm still using gnome. KDE does look acceptable.
>>
>>Same here, but I still prefer gnome (just looks better), although there 
>>are fine KDE-apps.
>>
>>What still buffles me is the handling of Windows Networks. I switch off 
>>firewall as stated in the Release Notes, but I cannot access the shares 
>>I have access to through nautilus, only throug Konquerer in 
>>filecommander mode. samba.conf is of course the same ;-) Strange.
>>
>>Regards
>>Markus Huber
> 
> I have the firewall running and access our Samba Server with out 
> any problems but I setup an /etc/fstab entry :
> 
> //asgard/public /mnt/public smbfs \
> noauto,user,credentials=/home/guy/.credentials,\
> port=139,gid=500,uid=500 0 0
> 
> Note: The port=139 is required for servers that are SMB not CIFS.
> 
> The only trick is you need to do as root is :
> 
> chmod u+s /usr/bin/smbmnt
> 
> I set myself as the owner of /mnt/public and the .credentials 
> file is :
> 
> ---start---
> username = winuser
> password = winpass
> ---end---
> 
> Doing it this way you don't have to copy files to your hard 
> drive to open them.
> 
> Hope this helps.
> 
> 
Presumably the ".credentials" file is unreadable to anyone except the owner and root, right?  If someone got root access to your workstation they would automatically have access to your network share as well, but I guess you'd have plenty of other problems anyway.  If you know you're the only one who will ever have physical access to your workstation it's mostly a moot point, of course.

The thing I like about how the Nautilus browser access is supposed to work is that the user needs to give his/her password when using the share each time, presumably sent over the network encrypted. The only other way I know of to accomplish this is to issue the mount command with password, unmount it when you're done and make sure it doesn't stay in the command history file--a pain in the fanny unless you do it with a shell script.  I look forward to it working in release 4 without taking down the whole firewall.

 --
David Liguori




More information about the fedora-list mailing list