15.6. Mounting a Remote NetWare Volume

IPX is commonly used to mount NetWare volumes in the Linux filesystem. This allows file-based data sharing between other operating systems and Linux. Volker Lendecke developed the NCP client for Linux and a suite of associated tools that make data sharing possible.

In an NFS environment, we'd use the Linux mount command to mount the remote filesystem. Unfortunately, the NCP filesystem has unique requirements that make it impractical to build it into the normal mount. Linux has an ncpmount command that we will use instead. The ncpmount command is one of the tools in Volker's ncpfs package, which is available prepackaged in most modern distributions or in source form from ftp.gwdg.de in the /pub/linux/misc/ncpfs/ directory. The version current at the time of writing is 2.2.0.

Before you can mount remote NetWare volumes, you must ensure your IPX network interface is configured correctly (as described earlier). Next, you must know your login details on the NetWare server you wish to mount; this includes the user ID and password. Lastly, you need to know which volume you wish to mount and what local directory you wish to mount it under.

15.6.1. A Simple ncpmount Example

A simple example of ncpmount usage looks like this:

# ncpmount -S ALES_F1 -U rick -P d00-b-gud /mnt/brewery
This command mounts all volumes of the ALES_F1 fileserver under the /mnt/brewery directory, using the NetWare login rick with the password d00-b-gud.

The ncpmount command is normally setuid to root and may therefore be used by any Linux user. By default, that user owns the connection and only he or the root user will be able to unmount it.

NetWare embodies the notion of a volume, which is analogous to a filesystem in Linux. A NetWare volume is the logical representation of a NetWare filesystem, which might be a single disk partition be spread across many partitions. By default, the Linux NCPFS support treats volumes as subdirectories of a larger logical filesystem represented by the whole fileserver. The ncpmount command causes each of the NetWare volumes of the mounted fileserver to appear as a subdirectory under the mount point. This is convenient if you want access to the whole server, but for complex technical reasons you will be unable to re-export these directories using NFS, should you wish to do so. We'll discuss a more complex alternative that works around this problem in a moment.

15.6.2. The ncpmount Command in Detail

The ncpmount has a large number of command line options that allow you quite a lot of flexibility in how you manage your NCP mounts. The most important of these are described in Table 15-2.

Table 15-2. ncpmount Command Arguments

ArgumentDescription

–S server

The name of the fileserver to mount.

–U user_name

The NetWare user ID to use when logging in to the fileserver.

–P password

The password to use for the NetWare login.

–n

This option must be used for NetWare logins that don't have a password associated with them.

–C

This argument disables automatic conversion of passwords to uppercase.

–c client_name

This option allows you to specify who owns the connection to the fileserver. This is useful for NetWare printing, which we will discuss in more detail later.

–u uid

The Linux user ID that should be shown as the owner of files in the mounted directory. If this is not specified, it defaults to the user ID of the user who invokes the ncpmount command.

–g gid

The Linux group ID that should be shown as the owner of files in the mounted directory. If this is not specified, it will default to the group ID of the user who invokes the ncpmount command.

–f file_mode

This option allows you to specify the file mode (permissions) that files in the mounted directory should have. The value should be specified in octal, e.g., 0664. The permissions that you will actually have are the file mode permissions specified with this option masked with the permissions that your NetWare login ID has for the files on the fileserver. You must have rights on the server and rights specified by this option in order to access a file. The default value is derived from the current umask.

–d dir_mode

This option allows you to specify the directory permissions in the mounted directory. It behaves in the same way as the –f option, except that the default permissions are derived from the current umask. Execute permissions are granted where read access is granted.

–V volume

This option allows you to specify the name of a single NetWare volume to mount under the mount point, rather than mounting all volumes of the target server. This option is necessary if you wish to re-export a mounted NetWare volume using NFS.

–t time_out

This option allows you to specify the time that the NCPFS client will wait for a response from a server. The default value is 60mS and the timeout is specified in hundredths of a second. If you experience any stability problems with NCP mounts, you should try increasing this value.

–r retry_count

The NCP client code attempts to resend datagrams to the server a number of times before deciding the connection is dead. This option allows you to change the retry count from the default of 5.

15.6.3. Hiding Your NetWare Login Password

It is somewhat of a security risk to be putting a password on the command line, as we did with the ncpmount command. Other active, concurrent users could see the password if they happen to be running a program like top or ps. To reduce the risk of others seeing and stealing NetWare login passwords, ncpmount is able to read certain details from a file in a user's home directory. In this file, the user keeps the login name and password associated with each of the fileservers he or she intends to mount. The file is called ~/.nwclient and it must have permissions of 0600 to ensure that others cannot read it. If the permissions are not correct, the ncpmount command will refuse to use it.

The file has a very simple syntax. Any lines beginning with a # character are treated as comments and ignored. The remainder of the lines have the syntax:

fileserver/userid password
The fileserver is the name of the fileserver supporting the volumes you wish to mount. The userid is the login name of your account on that server. The password field is optional. If it is not supplied, the ncpmount command prompts users for the password when they attempt the mount. If the password field is specified as the – character, no password is used; this is equivalent to the –n command-line argument.

You can supply any number of entries, but the fileserver field must be unique. The first fileserver entry has special significance. The ncpmount command uses the –S command-line argument to determine which of the entries in ~/.nwclient to use. If no server is specified using the –S argument, the first server entry in ~/.nwclient is assumed, and is treated as your preferred server. You should place the fileserver you mount most frequently in the first position in the file.

15.6.4. A More Complex ncpmount Example

Let's look at a more complex ncpmount example involving a number of the features we've described. First, let's build a simple ~/.nwclient file:

# NetWare login details for the Virtual Brewery and Winery
#
# Brewery Login
ALES_F1/MATT staoic1
#
# Winery Login
REDS01/MATT staoic1
#
Make sure its permissions are correct:
$ chmod 600 ~/.nwclient

Let's mount one volume of the Winery's server under a subdirectory of a shared directory, specifying the file and directory permissions such that others may share the data from there:

$ ncpmount -S REDS01 -V RESEARCH -f 0664 -d 0775 /usr/share/winery/data/
This command, in combination with the ~/.nwclient file shown, would mount the RESEARCH volume of the REDS01 server onto the /usr/share/winery/data/ directory using the NetWare login ID of MATT and the password retrieved from the ~/.nwclient file. The permissions of the mounted files are 0664 and the directory permissions are 0775.