this post was submitted on 28 Nov 2023
92 points (96.0% liked)

Linux

48165 readers
1204 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

What are some best practices in mounting NAS shares that you all follow?

Currently I am mounting using fstab to my user’s home directory with full rwx permissions, but that feels wrong.

I’ve read to use the mnt directory or the media directory but opinions differ.

My main concern is I want to protect against inadvertently deleting the contents of the NAS with an errant rm command. And yes I have backups of my NAS too.

Edit: this is a home NAS with 1 user on this Linux PC (the other clients being windows and Mac systems)

Would love to hear everyone’s philosophy! Thanks!

you are viewing a single comment's thread
view the rest of the comments
[–] 0x4E4F@infosec.pub 3 points 11 months ago (2 children)

Mounting it in fstab is a bad idea... in home even worse.

Just make some desktop entries with the shares and that should be enough.

[–] Tiuku@sopuli.xyz 7 points 11 months ago (1 children)
[–] 0x4E4F@infosec.pub 4 points 11 months ago* (last edited 11 months ago) (1 children)

Well, for one, it's network attached storage. If it's not present in the network for one reason or another, guess what, your OS doesn't boot... or it errors during boot, depending on how the kernel was compiled and what switches your bootloader sends to the kernel during boot. Second, this is an easy way for malware to spread, especially if it's set to run after user logon.

[–] Scholars_Mate@lemmy.world 14 points 11 months ago (1 children)

Well, for one, it's network attached storage. If it's not present in the network for one reason or another, guess what, your OS doesn't boot... or it errors during boot, depending on how the kernel was compiled and what switches your bootloader sends to the kernel during boot.

Just use nofail in the fstab.

Second, this is an easy way for malware to spread, especially if it's set to run after user logon.

If your fileshare is accessible to you, it is also accessible to malware running as your user. Mounting the share via a filemanager doesn't change this.

[–] 0x4E4F@infosec.pub 1 points 11 months ago

Just use nofail in the fstab.

Really? Didn't know about this switch, thanks for the info ☺️.

If your fileshare is accessible to you, it is also accessible to malware running as your user. Mounting the share via a filemanager doesn't change this.

It does, it's not mounted on boot.

In general, mounting a netwok lication at boot is a bad idea in any OS, unless you know exactly what you're doing (all of the rigs that mount it are on a separate network, limited internet access through specific ports, none of them have users working them like daily drivers doing whatever on them - bascially, a server cluster is the only scenario that mounting a network share on boot makes sense). Why do you think that nowadays Windows users generally avoid mounting shares as network drives, but instead access them through shortcuts. The exact same reason, except in Windows, the share is mounted on logon (as far as I know, I might be wrong and the share might be mounted at boot, just reports that the share is missing when a user logs in). It's safer if the location of the share is not known at boot, period. When the user logs in and decides to copy something to the share (unknow period of time after the login), that is a different story. Sure, well written malware will find a way to replicate itself and infect other rigs even if you don't mount the share at boot, but at least you're shielding yourself from the badly written ones.

[–] Molecular0079@lemmy.world 4 points 11 months ago (2 children)

I agree, for most cases just mount it via your File Manager of choice. If you're using it as a backing storage for another server, then that's a use case where fstab is fine.

[–] dtrain@lemmy.world 1 points 11 months ago (2 children)

If I mount it in the file manager, how do I reference that location in the terminal to say do copy operations to it?

[–] 0x4E4F@infosec.pub 2 points 11 months ago

It has to have a mount point somewhere. Just double click the desktop entry, that will mount it wherever you told it to and then you can copy to that location, easy peasy 😉.

[–] Molecular0079@lemmy.world 1 points 11 months ago

Which file manager are you using?

In Nautilus, you can right click anywhere and click Open in Console, at which point it will open up a terminal leading to a gvfs mount directory.

In KDE, it is slightly more annoying because there's no right click option to quickly open it in terminal, but like gvfs, there's a mount directory that you can access at /run/user//kio-fuse-/smb/.

[–] NotAnArdvark@lemmy.ca 1 points 11 months ago (1 children)

I've found that Dolphin, at least, is much slower with network mounts than a CLI-based "mount".

[–] Molecular0079@lemmy.world 1 points 11 months ago

Lately performance has improved dramatically. A year ago, it used to be about half-speed, but now it's basically on par with a CLI-mount.