I currently use a script which contains commands along the lines of
sudo /sbin/mount.cifs $SERVER_SHARE $MOUNT -o username=$DOMAIN_$USER,uid=$USER,gid=$USER,file_mode=0664,dir_mode=0775
to mount my cifs shared directories. This works fine, but I have to enter my password for each of these lines, so I would like to automate this process.
In order to adhere to local security policy I must not add my password to the command line, nor may I store my password in plain text in a file (either the mount script or a credentials file).
Do I have any other options for authenticating my cifs mount, or am I stuck entering my password for each and every share?
Ideally I would like the equivalent of doing a ssh-add, where I only have to enter my password once and all subsequent ssh commands use that authentication and do not require me to enter my password again.
If it makes any difference, I am using RHEL 5.8 as a normal user with very limited sudo access.
Best Answer
The Gnome keyring can store passwords. You can enter the password in your Gnome keyring, or if you use the Gnome keyring for other things, you can put a master password and save the keyring to disk.
GVFS, the Gnome virtual filesystem framework, queries the Gnome keyring for passwords if it's available.
From the command line, you can perform a Samba mount with
gvfs-mount:You have no control on the mount point: it's
~/.gvfs/sharename\ on\ hostname. And I don't think that you can control mount options such as permission mappings (but I could be wrong:gvfs-mountis not documented and I haven't explored its internals).You'll need D-bus. See Samba mount with password prompt as non-root user