Using an external CIFS mount as Datastore

[lapo]

Hi, I'm having a hard time using an external CIFS mount as datastore.
I tried using this fstab:

//192.168.2.35/ProxmoxBackup /mnt/nas cifs defaults,guest,uid=34,gid=34,file_mode=0644,dir_mode=0750

forcing user and permission to the required ones, but I'm having a hard time with the fact that PBS requires 755 on root, and 750 on any other folder.
Couldn't 750 be accepted on root too?
It's only more secure…
In the meanwhile I'll probably try to patch and build the server myself.

 

[Blueloop]

The last 5 in 755 only grants others rights to access and read - there is no write access. Subsequent file masks - 750 - exclude all other access for others.

I think that means that you can see the name of the top level directory, if you can even connect to the SMB server in the first place.

I don't see a security risk here.

I suggest that you might investigate the firewalling options that Proxmox has to offer or looking into SIEM thingies. Samba has loads of security options to play with too.

You are diving into AAA and it is a well trod path. There is nothing wrong with your software ... its how you use it.