Article

Suse Mounting NetWare 6.0 NSS volumes in Suse Linux 10.1

About this article:

What it deals with:
The mounting of Novell NetWare NSS volumes from a Suse Linux system using NCP - NetWare Core Protocol.

Platform: Novell NetWare 6.0 & openSUSE 10.1

Author:
Dr. Duncan J. Potter, 2007.

Scenario:

NCPFS

The Novell Client for Suse Linux seems excellent for regular Linux desktop users, but a lighter solution is sought here.
Rather than install the Novell client, the path chosen here was to install ncpfs on our SUSE system.

  1. Using Yast, install the ncpfs package (NetWare Core Protocol File System) - the download site is http://freshmeat.net/projects/ncpfs/

  2. Now we follow the step-by=step instructions detailed in Novell Cool Solutions: "HOWTO: Mount Netware Servers in Linux Through /etc/fstab"
    Read the above instructions carefully and you'll see this is how the steps were implemented in our example below:

    • As root create a mount point for the NetWare volume:
      > mkdir /mnt/FS1

    • Create a group permitted to access NetWare volumes:
      > groupadd nwaccess

    • Add the user user1 to this newly created nwaccess group:
      > usermod -G nwaccess user1

    • > cd /mnt/FS1

    • > chgrp nwaccess . [Important - see here for why.]

  3. Edit /etc/fstab to include the last line shown here in blue (followed by a blank line):

    • /dev/sda2 / reiserfs acl,user_xattr 1 1
      /dev/sda1 swap swap defaults 0 0
      proc /proc proc defaults 0 0
      sysfs /sys sysfs noauto 0 0
      debugfs /sys/kernel/debug debugfs noauto 0 0
      usbfs /proc/bus/usb usbfs noauto 0 0
      devpts /dev/pts devpts mode=0620,gid=5 0 0
      /dev/fd0 /media/floppy auto noauto,user,sync 0 0
      FS1.mydomain.com/user1.myOU.mydomain /mnt/FS1 ncp uid=user1,gid=nwaccess,mode=660,owner=user1,A=FS1.mydomain.com,passwdfile=/etc/ncp-pass 0 0

Mounting the NetWare Volumes

  1. We require to store the Novell password of the user, unencrypted.
    The /etc/ncp-pass file must be manually created and have the FQDN of host and login name of user:password as follows:
    FS1.mydomain.com/user1.myOU.mydomain:mypassword

  2. Initially the permissions on /etc/ncp-pass were
    -rw------- root root
    so that only root could access the file, though this was later changed so that user user1 was the owner, and the group was set as nwaccess.

  3. In initial tests, the NetWare volumes were mounted as follows:

    • Change to root to use mount command:
      > su

    • The password is read from /etc/ncp-mount:
      > mount -a -t ncp

    • If successful, all mounted Novell volumes should appear under the mount point:
      > ls /mnt/FS1

  4. Dismount NetWare volumes via

    • > umount -a -t ncpfs [note the last word is not ncp but ncpfs.]

Mounting the NetWare Volumes as a normal user

The above is fine for superuser access, but how about when the user doesn't have superuser access to their openSUSE machine?
Admittedly, in the actual scenario for which this work was undertaken the user did have such access, but we pursue the more general situation here.

What didn't work - but is included for completeness

Normal users don't have permission to use the mount command, so let's try and change that:
  1. Let's try using the SetUseridRoot command on the Mount command (see here on a related IPX mount-related web page which has some good information on mounting NetWare volumes). One would change the permissions on the mount command via

    • > whereis mount [answer is /bin/mount]

    • > chown root:nwaccess /bin/mount

    • > chmod 755 mount [owner (root) has twx, group (nwaccess) has rx, other has rx]

    Alas, this didn't work. Issuing the correct mount -a -t ncp command as a non-root user produces no result. Perhaps the /etc/ncp-pass file permission/ownership are at issue?

  2. Change ownership of mount to the non-root user who wishes to mount the volume:
    >chown user1 /etc/ncp-pass
    >chmod 750 /etc/ncp-pass [owner=r,w,x,group=r,x]

    3. The above didn't work either.

What did work: sudo

The solution is to use the sudo command. Sudo allows one to run selected commands with root (or other user) privileges. It is configured by means of the visudo command.
  1. Usage: As root, configure sudo by running:
    > visudo

    2. This starts the microemacs text editor to edit the /etc/sudoers file, which it creates if not present.
    Note that one should set the EDITOR environment variable or vi will start.
    Do this by editing /root/.bashrc and adding the line
    export EDITOR=ue

  2. So, back in the visudo environment, enter the following text:
    %users suse01 = NOPASSWD: \bin\mount -a -t ncp, \sbin\mount -a -t ncp, \bin\umount -a -t ncpfs

  3. This will allow all users of machine suse01 to use the mount/umount commands with the specified parameters, required to handle mounting of Novell volumes. For the user (user1) to mount the volumes he must run

    • > sudo mount -a -t ncp

  4. To dismount volumes, one can run (as root) either of these commands:

    • > umount -a -t ncpfs

    • > umount /mnt/FS1 [where the latter is the mount point]
      Note that using only the first command sometimes resulted in a 'file system is busy' warning message but using the second one always worked. Also, one could run the sync command to flush the file system buffers before dismounting.

  5. It would be convenient to provide a desktop shortcut to a script which would do the mounting and dismountig, and this is covered next.

Scripting: Mounting the Novell Folders with help from kdialog

So, we can mount the NetWare folders as root and a normal user from a command shell using the above mount command.
We could also script this and create a simpler bash shell script to do this to avoid remembering the mount syntax.

Wouldn't it be nice, also, to have a KDE desktop shortcut from which we could run this BASH script, which need only prompt for the ROOT password to run the mount command? The solution is using kdialog which will provide a dialogue to the user (as the name suggests.)

References: Shell scripting with KDE Dialog , Kdialog Dialog Types
Usage: Refer to the above for further details. The script requires to request the user for the ROOT password, so one would use the examples in the links above to:

  1. In the user's home folder, create a bash script with microemacs (for example) named, for simplicity, novell_mount.sh

    • > ue novell_mount.sh&

  2. The bash script is as follows:
    #!bin/bash
    # Define the home folder of user on Novell server.
    VOL=/mnt/FS1/FS1/usersvolume/user1

    # Tell the user what's happening:
    kdialog --title "Novell Folder Mounting" --passivepopup "Mounting FS1 Volumes ..." 1

    if [ -d $VOL ]
    then
    kdialog --title "Novell Folder Mounting" --msgbox "It's ok!\nNovell Volumes are already available, under $VOL ."
    exit
    else
    # Mount the volume using sudo (edit with visudo command)
    sudo mount -a -t ncp
    fi


    # Now test if home folder has mounted
    if [ -d $VOL ]
    then
    kdialog --title "Novell Folder Mounting" --passivepopup "Novell Volumes Mounted under $VOL." 2
    else
    kdialog --title "Novell Folder Mounting" --msgbox "Novell Volumes did NOT mount.\n Oh dear. Try again."

    fi
    exit

  3. To make the script executable one must of course type

    • > chmod u+x novell_mount.sh

  4. And to run the script from a command shell one would type

    • > . novell_mount.sh

  5. One can easily create a KDE desktop shortcut to this script, as long as the command parameter is

    • /bin/bash -i /home/<user>/novell_mount.sh

    • One needs also click Properties-Application-Advanced and select the "Run in Terminal" option or a bouncing ball appears for a good few seconds after the script/shortcut has run. This indicates the application times out, or does not close properly.

    • The "Terminal Options" are the KDE Konsole Options, listed here.

    • The Terminal options chosen were --vt_sz 2x1 --nomenubar --noscrollbar -T Info

  6. To create a dismount script, open microemacs (or any editor) and create the following under script novell_umount.sh:
    #!bin/bash
    # Define the home folder of user on the Novell server:
    VOL=/mnt/FS1/FS1/usersvolume/user1

    # Tell the user what's happening:
    kdialog --title "Novell Folder Mounting" --passivepopup "Dismounting FS1 Volumes ..." 1

    if [ ! -d $VOL ]
    then
    kdialog --title "Novell Folder Dismounting" --msgbox "It's ok!\nNovell Volumes are not mounted."
    exit
    else
    # Flush any caches to disk
    sudo sync

    # Dismount by mount name
    sudo /bin/umount /mnt/FS1

    # Dismount the volume type using sudo (edit with visudo command)
    sudo /bin/umount -a -t ncpfs
    fi

    # Now test if home folder has dismounted
    if [ ! -d $VOL ]
    then
    kdialog --title "Novell Folder Dismounting" --passivepopup "Novell Volumes Dismounted." 2
    else
    kdialog --title "Novell Folder Dismounting" --msgbox "Novell Volumes did NOT dismount.\n Oh dear. Try again."

    fi

    exit

  7. Again, create a KDE shortcut to this script and ensure it is executable, as above. Note that

    • A few more sudo commands have been added, for which visudo must be run, and the following line must be present in /etc/sudoers as a result:

    • %users suse01 = NOPASSWD: /bin/sync, /bin/mount -a -t ncp, /sbin/mount -a -t ncp, /bin/umount /mnt/FS1, /bin/umount -a -t ncpfs

    • In the discount script, both ways of dismounting were required to ensure the volumes are dismounted. At this stage, I'm unsure why this should be. Volume dismount isn't actually critical for single-user Linux machines.

Problems

1. Initial error when running Kdialog

An error message was generated initially when using kdialog, stating "failed to open file /usr/lib/qt3/etc/settings/qtrc". A web-search revealed this was because the above file (qtrc) was readable only by root. The error was resolved by chmod a+x the above file (as root).

2. Mounting fails at openSUSE Boot time

The Novell volumes are not mounted at boot time, as the network service has not started at the time /etc/fstab is being read and disks/volumes mounted. This isn't a problem in the scenario discussed here and is further discussed in the NetWare Cool Solutions "Automatically Mounting Remote NCP (NetWare) Shares on SUSE Linux System Boot" [Ref] which goes into more detail and discusses Samba solutions too. Samba would mount the volume in a case-insensitive way, suitable for the documentroot of an Apache webserver, say.

Using ncpmount

It's also possible to mount Novell volumes using the ncpmount command that comes as part of the ncpfs package. Initial steps in testing this are as follows:

  1. In a command shell, change to root (su)

  2. Make sure the mount point exists (e.g. /mnt/FS1)

  3. Issue the command

    • >ncpmount -S FS1 -A FS1.mydomain.com -U user1.myOU.mydomain /mnt/FS1
    whereupon a password will be prompted for and the Novell volumes mount.

  4. There are many options available (see the hyperlink to ncpmount above). Some of these can store the password in a file, for instance.

  5. To dismount the volumes one can issue

    • >ncpumount -S FS1

Note that the normal Linux user (e.g. user1) does not have permissions to view the volumes (only root does) when the above command is issued. The remedy is to use the -u and -g flags which specify the default file owner (via uid) and group id of the mounted volumes. These can be determined easily by running

This time the regular Linux user with uid 1002 can browse their Novell files - and long filenames are supported.

References:

  1. A forum page with lot of links around subject is here.
  2. See also this helpful website entitled /etc/fstab demystified