1y ago

Best practices in mounting NAS shares?

What are some best practices in mounting NAS shares that you all follow?

Currently I am mounting using fstab to my user’s home directory with full rwx permissions, but that feels wrong.

I’ve read to use the mnt directory or the media directory but opinions differ.

My main concern is I want to protect against inadvertently deleting the contents of the NAS with an errant rm command. And yes I have backups of my NAS too.

Edit: this is a home NAS with 1 user on this Linux PC (the other clients being windows and Mac systems)

Would love to hear everyone’s philosophy! Thanks!

You're viewing a single thread.

36 comments

Mounting it in fstab is a bad idea... in home even worse.
Just make some desktop entries with the shares and that should be enough.
- What's so wrong with fstab?
  
  Well, for one, it's network attached storage. If it's not present in the network for one reason or another, guess what, your OS doesn't boot... or it errors during boot, depending on how the kernel was compiled and what switches your bootloader sends to the kernel during boot. Second, this is an easy way for malware to spread, especially if it's set to run after user logon.
  
  Well, for one, it's network attached storage. If it's not present in the network for one reason or another, guess what, your OS doesn't boot... or it errors during boot, depending on how the kernel was compiled and what switches your bootloader sends to the kernel during boot.
  Just use nofail in the fstab.
  Second, this is an easy way for malware to spread, especially if it's set to run after user logon.
  If your fileshare is accessible to you, it is also accessible to malware running as your user. Mounting the share via a filemanager doesn't change this.
  
  Just use nofail in the fstab.
  Really? Didn't know about this switch, thanks for the info ☺️.
  If your fileshare is accessible to you, it is also accessible to malware running as your user. Mounting the share via a filemanager doesn't change this.
  It does, it's not mounted on boot.
  In general, mounting a netwok lication at boot is a bad idea in any OS, unless you know exactly what you're doing (all of the rigs that mount it are on a separate network, limited internet access through specific ports, none of them have users working them like daily drivers doing whatever on them - bascially, a server cluster is the only scenario that mounting a network share on boot makes sense). Why do you think that nowadays Windows users generally avoid mounting shares as network drives, but instead access them through shortcuts. The exact same reason, except in Windows, the share is mounted on logon (as far as I know, I might be wrong and the share might be mounted at boot, just reports that the share is missing when a user logs in). It's safer if the location of the share is not known at boot, period. When the user logs in and decides to copy something to the share (unknow period of time after the login), that is a different story. Sure, well written malware will find a way to replicate itself and infect other rigs even if you don't mount the share at boot, but at least you're shielding yourself from the badly written ones.
- I agree, for most cases just mount it via your File Manager of choice. If you're using it as a backing storage for another server, then that's a use case where fstab is fine.
  
  If I mount it in the file manager, how do I reference that location in the terminal to say do copy operations to it?
  
  It has to have a mount point somewhere. Just double click the desktop entry, that will mount it wherever you told it to and then you can copy to that location, easy peasy 😉.
  
  Which file manager are you using?
  In Nautilus, you can right click anywhere and click Open in Console, at which point it will open up a terminal leading to a gvfs mount directory.
  In KDE, it is slightly more annoying because there's no right click option to quickly open it in terminal, but like gvfs, there's a mount directory that you can access at /run/user//kio-fuse-/smb/.
  
  I've found that Dolphin, at least, is much slower with network mounts than a CLI-based "mount".
  
  Lately performance has improved dramatically. A year ago, it used to be about half-speed, but now it's basically on par with a CLI-mount.

36 comments