suse init script for DFS Mount with kerberos and AD Login

#! /bin/bash
#
# This script is used to control during bootup.
#
# usage: nasmount [start|stop]
#
# start
# stop
# modified by Yingding Wang 06.11.2012

### BEGIN INIT INFO
# Provides:          nasmount
# Required-Start:    $network
# Required-Stop:
# Default-Start:     3 5
# Default-Stop:      0 1 2 6
# Short-Description: init script for nas mount
# Description: this script mount the DFS (NAS) with Kerberos User from AD during the starting up
### END INIT INFO

mountDIR=/nas #your mount point in your linux system
mountingDIR=//nas/subdirectory #your mounting point in your window DFS or NAS

# AD User and AD password
ad_user=<your ad_user>
ad_password=<your ad_user_pw>
# Access User for Mounting Directory in DFS
user=$ad_user
password=$ad_password

# DFS Domin
dom=Your_Realm

# Access Richts Setting for Mount Point
ac_user_name=<access username>
ac_group_name=<access groupname>
uid=`id -u $ac_user_name`
gid=`getent group $ac_group_name | cut -d: -f3`

# Logging prefix
prompt=Logging:

#
# Main
#
case $1 in
  start)
   #creat mount point directory
   if [ ! -d $mountDIR ]
   then
     echo "$prompt mount point $mountDIR doesn't exist"
     mkdir $mountDIR;
     echo "$prompt mount point $mountDIR is created"
   else
   #checking if mountDIR is amountpoint
     if /bin/mountpoint -q $mountDIR
     then
       echo "$prompt Directory exist, it will be unmounted"
       /bin/umount $mountDIR
     else
     # do nothing
     echo "$prompt Directory not mounted"
     fi
   fi

   if [ $? -gt 0 ]; then
      echo "cached error"
      $?=0
   fi

   # get kerbos granting ticket from AD, the user AD_USER muss be a memeber of Realm in AD
   echo "$prompt getting kerberos ticket with kinit"
   echo $ad_password | kinit $ad_user;

   # after the ticket successfully granted, mount nas Directory to mount point /nas1
   # use uid and gid option to specify the user id and group id for mount point access rights
   /sbin/mount.cifs $mountingDIR $mountDIR -o user=$user,dom=$dom,password=$password,uid=$uid,gid=$gid
   if [ $? -gt 0 ]; then
     echo "catched error"
     $?=0
   fi

   #Log output line
   #echo `date` >> /var/log/nasmount.log
   #echo "mount successful" >> /var/log/nasmount.log
   echo "$prompt done."
  ;;

  stop)
   #checking if mountDIR is a mountpoint
   if /bin/mountpoint -q $mountDIR
   then
     echo "$prompt Directory exist, it will be unmounted"
     /bin/umount $mountDIR
   else
   #do nothing
     echo "$prompt Directory not mounted"
   fi
   if [ $? -gt 0 ]; then
     echo "cached error";
     $?=0
   fi
   echo "$prompt done."
  ;;

  *)
  ## If no parameters are given, print which are availabel.
   echo "Usage: $0 {start|stop}"
   exit 1
  ;;
esac

exit
Advertisements

A bash script for WindowsDFS mount in Linux

[Purpose]
Since the Kerberos Tickets only works for 24 hours in our system,
i wrote a bash script for crontab to automatically remount a windows DFS
directory in our linux system.

[Prerequisite]
Please sieh my post: Mount Windows DFS in Linux with Kerberos

[Advice]
You should run this bash as “root” or root user. If you want to use it for other users,
your should check the rights for your users.

[Results]
this script only need to be called once, even the kerberos tickets is invalid after
24hours the mount  point is still working. you still have write and read access
to the mounting point (Windows DFS Directory).
Just make sure after server reboot,
this script will be called.

[Codes]

#!bin/sh
#Editted in 10.05.2012
mountDIR=<your mount point in linux system>
mountingDIR=<your directory in windows DFS //windows/directory >
# AD User and AD password
ad_user=<your Active Directory user, who can be authenticated in AD>
ad_password=<AD user password>
# Access User for Mounting Directory in DFS
user=< User who has the access and write rights in Windows DFS directory, $ad_use >
password=< User password for DFS directory ,$ad_password >
# DFS Domain
dom=<Your DFS directory Domain, XXX >
# Access Richts Setting for Mount Point
uid=< The user who should have access from Linux to access the Mount Point, 
      your DFS after mounting >
gid=< The Group who should have access from Linux to access the Mount Point >

#creat mount point directory
if [ ! -d $mountDIR ]
then
        echo "Directory doesn't exist"
        mkdir $mountDIR       
else
        echo "Directory exist, it will be unmounted"
        /sbin/umount.cifs $mountDIR
fi

# get kerbos granting ticket from AD, the user must be a memeber of AD
kinit $ad_user $ad_password;

# after the ticket successfully granted, mount nas Directory to mount point
# use uid and gid option to specify the user id and group id'
# for mount point access rights
/sbin/mount.cifs $mountingDIR $mountDIR -o user=$user,dom=$dom,
password=$password,uid=$uid,gid=$gid