Page tree

Mounting Windows and DesyCloud Directories on Maxwell login nodes

GVFS (Gnome Virtual File System) provides a very simple way accessing Windows shares like the Windows-home-directory. GVFS lives in user-space and does not require any elevated rights. GVFS requires however a DBUS session to run, which becomes a bit tedious for pure ssh logins. To facilitate the process we made a small scriplet which allows to handle Windows Home, DESYCloud and arbitrary smb/dav locations.

The tool is called wcm (Windows and Cloud Mount) and is located under /software/tools/bin. It should work in remote sessions with plain ssh as well as full graphical login (e.g. xfce). 

Please note:

  • this will work on Maxwell on login nodes only, not on compute nodes. It's bound to a specific host: if you mount your remote folder on max-display001 it won't be accessible from max-wgs (etc).
  • The volume is mounted under $XDG_RUNTIME_DIR. So run echo $XDG_RUNTIME_DIR to get the mount point.


GVFS mounts with wcm
[@max-display002 ~]$ /software/tools/bin/wcm -h
usage: /software/tools/bin/wcm [-dhikKlv] [-s share] [-U url] [-u user] [-L linkpath]
  -s | --share SHARE                  Specify SHARE to mount or dismount
                                      SHARE can be one of HOME,CLOUD,ALL defaults to HOME
                                      SHARE ALL only applies to dismounts
  -U | --URL URL                      Specify an URL to mount. Can be any gvfs-supported located like smb://...,davs://
  -d | --dismount                     Dismount share
 
  -h | --help                         Display help
  -H | --home                         Just show HOMEDIR location & exit
  -v | --verbose                      A bit more narrative output
  -i | --interactive                  Specifiy username/password on command-line [default]
  -n | --non-interactive              Use username/password from environment
  -u | --user                         Specify username. Defaults to schluenz
  -L | --LINK LINKPATH                Generate a link at PATH specified pointing to new mount. Path can be relative or full
  -t | --token                        use kerberos credentials (for ssh/sftp urls)
 
  -l | --list                         List mounts
  -k | --kill                         kill DBUS session if no mounts or sessions are attached 
  -K | --KILL                         kill DBUS session forcefully, try to umount gvfs-mounts beforehand

#
# Mounting Windows Home and create in Link in the current directory:
#
[@max-wgs001 ~]$ wcm -s HOME -L winHome
*** Started new DBUS sessions. PID: 23487 
*** You might want to source /home/<user</.dbus_settings.max-wgs001.desy.de to use the session in your terminal
Username [<user>]: 
Password: 
... successfully mounted ntapwin1.desy.de/<user>$ under $XDG_RUNTIME_DIR/gvfs/smb-share:server=ntapwin1.desy.de,share=<user>$ 
*** generated winHome -> /run/user/<uid>/gvfs/smb-share:server=ntapwin1.desy.de,share=<user>$ 
#
#  The link generated ...
#
[@max-wgs001 ~]$ ls -l winHome
winHome -> /run/user/<uid>/gvfs/smb-share:server=ntapwin1.desy.de,share=<user>$/
#
#  The mount ...
#
[@max-wgs001 ~]$ wcm -l
*** Mount: smb://ntapwin1.desy.de/<user>$/ at /run/user/<uid>/gvfs/smb-share:server=ntapwin1.desy.de,share=<user>$ #
#  Umount a specific gvfs-mount:
#
[@max-wgs001 ~]$ wcm -s HOME -d
*** Using existing DBUS session. PID: 23487
*** Unmounted smb://ntapwin1.desy.de/<user>$  
[@max-wgs001 ~]$ wcm -l

#
# Mounting DESYCloud. Be aware: it's slow. See below for more performant solutions
#
[@max-display002 ~]$ /software/tools/bin/wcm -s CLOUD -i
*** Using existing DBUS session. PID:  
Username: .....
Password:       # not shown!
... successfully mounted  davs://desycloud.desy.de/remote.php/webdav/ under $XDG_RUNTIME_DIR/gvfs/dav\:host\=desycloud.desy.de\,ssl\=true\,prefix\=%2Fremote.php%2Fwebdav 

#
#   list and remove mounts
#
[@max-display002 ~]$ /software/tools/bin/wcm -l
*** Mount: davs://desycloud.desy.de/remote.php/webdav at /run/user/1234/gvfs/dav:host=desycloud.desy.de,ssl=true,prefix=%2Fremote.php%2Fwebdav 
*** Mount: smb://netapp101.desy.de/$USER$/ at /run/user/1234/gvfs/smb-share:server=netapp101.desy.de,share=${USER}$ 


# unmount
[@max-display002 ~]$ /software/tools/bin/wcm -s CLOUD -d
*** Using existing DBUS session. PID:  
*** Unmounted davs://desycloud.desy.de/remote.php/webdav/  
#
#   list and remove mounts
#
[@max-display002 ~]$ /software/tools/bin/wcm -l
*** Mount: smb://netapp101.desy.de/${USER}$/ at /run/user/1234/gvfs/smb-share:server=netapp101.desy.de,share=${USER}$ 

# unmount ALL gvfs-mount under this session
[@max-display002 ~]$ /software/tools/bin/wcm -s ALL -d

# unmount ALL gvfs-mounts under this session and remove the DBUS session
[@max-display002 ~]$ /software/tools/bin/wcm -K

The only acceptable way to specify credentials (username/passwd) is interactive. It implies that an automatic or script-based mount is not possible! DON'T ever save your password in clear text in a file.

IF you absolutely need to - for whatever reason - you could set an environmental variable PASSWORD to contain your password. Be aware that someone with admin rights on the machine might still be able to steal your credentials.  

Don't add it to login-scripts and make sure the command is NOT recorded in the history. For example (bash):

Specifying Password env
[@max-display002 ~]$ set +o history       # switch history off
[@max-display002 ~]$ export PASSWORD=bla  # set env
[@max-display002 ~]$ history              # won't show the last command
[@max-display002 ~]$ set -o history       # switch history on
# won't work:
[@max-display002 ~]$ set +o history; export PASSWORD=bla; set -o history    # bash history considers it a single command and records it accordingly
#
#  Alternatively
#
export HISTCONTROL=ignorespace            # do not record commands starting with <space> 
 export PASSWORD=bla                      # set env
[@max-display002 ~]$ history              # won't show the last command

# The popular export HISTFILE=/dev/null doesn't seem to work. 



  • No labels