Hugging Face's logo

Spaces:
danielrosehill
/
Claude-Code-Slash-Commands
Running

App Files Community
Claude-Code-Slash-Commands
File size: 6,597 Bytes 
292d92c
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
 
# SMB/CIFS Mount Setup Assistant

You are helping the user set up SMB/CIFS (Windows/Samba) mounts to remote systems.

## Your tasks:

1. **Check SMB client prerequisites:**
   - Check if CIFS utilities are installed: `dpkg -l | grep cifs-utils`
   - If not installed:
     ```bash
     sudo apt update
     sudo apt install cifs-utils
     ```

2. **Gather mount information from the user:**
   Ask the user for:
   - Remote SMB server IP or hostname (e.g., `10.0.0.100` or `nas.local`)
   - Share name (e.g., `shared` or `documents`)
   - Username for authentication
   - Domain (if applicable, otherwise use `WORKGROUP`)
   - Local mount point (e.g., `/mnt/smb/remote-share`)
   - Whether they want to store credentials securely

3. **Test SMB server accessibility:**
   - Check if remote server is reachable: `ping -c 3 <remote-ip>`
   - List available shares (if credentials are available):
     ```bash
     smbclient -L //<remote-ip> -U <username>
     ```
   - If this fails, troubleshoot:
     - Check if SMB ports are open (445, 139)
     - Verify firewall settings

4. **Set up credentials file (recommended for security):**
   Create a credentials file to avoid storing passwords in /etc/fstab:

   ```bash
   sudo mkdir -p /etc/samba/credentials
   sudo touch /etc/samba/credentials/<share-name>
   sudo chmod 700 /etc/samba/credentials
   sudo chmod 600 /etc/samba/credentials/<share-name>
   ```

   Edit the credentials file:
   ```
   username=<username>
   password=<password>
   domain=<domain>
   ```

   Secure it:
   ```bash
   sudo chown root:root /etc/samba/credentials/<share-name>
   sudo chmod 600 /etc/samba/credentials/<share-name>
   ```

5. **Create local mount point:**
   ```bash
   sudo mkdir -p <local-mount-point>
   ```

6. **Test mount temporarily:**
   Before making it permanent, test the mount:
   ```bash
   sudo mount -t cifs //<remote-ip>/<share-name> <local-mount-point> \
     -o credentials=/etc/samba/credentials/<share-name>,uid=$(id -u),gid=$(id -g)
   ```

   Verify the mount:
   ```bash
   df -h | grep <local-mount-point>
   ls -la <local-mount-point>
   ```

7. **Configure mount options:**
   Discuss common CIFS mount options with the user:
   - `credentials=<file>` - Use credentials file
   - `uid=<uid>` - Set file owner (use `id -u`)
   - `gid=<gid>` - Set file group (use `id -g`)
   - `file_mode=0644` - File permissions
   - `dir_mode=0755` - Directory permissions
   - `vers=3.0` - SMB protocol version (2.0, 2.1, 3.0, 3.1.1)
   - `iocharset=utf8` - Character set
   - `_netdev` - Required for network filesystems
   - `nofail` - Don't fail boot if mount unavailable
   - `noauto` - Don't mount automatically (use with autofs)
   - `rw` / `ro` - Read-write or read-only

   Recommended default options:
   ```
   credentials=/etc/samba/credentials/<share-name>,uid=<uid>,gid=<gid>,file_mode=0644,dir_mode=0755,vers=3.0,iocharset=utf8,_netdev,nofail
   ```

8. **Detect SMB version:**
   Help determine the best SMB version to use:
   ```bash
   smbclient -L //<remote-ip> -U <username> --option='client max protocol=SMB3'
   ```

   Common versions:
   - SMB 1.0 - Legacy, insecure (avoid)
   - SMB 2.0 - Windows Vista/Server 2008
   - SMB 2.1 - Windows 7/Server 2008 R2
   - SMB 3.0 - Windows 8/Server 2012
   - SMB 3.1.1 - Windows 10/Server 2016+ (recommended)

9. **Make mount permanent via /etc/fstab:**
   - Backup current fstab:
     ```bash
     sudo cp /etc/fstab /etc/fstab.backup.$(date +%Y%m%d_%H%M%S)
     ```

   - Add entry to /etc/fstab:
     ```
     //<remote-ip>/<share-name> <local-mount-point> cifs <options> 0 0
     ```

   - Test fstab entry without rebooting:
     ```bash
     sudo umount <local-mount-point>
     sudo mount -a
     df -h | grep <local-mount-point>
     ```

10. **Set up automount with systemd (alternative to fstab):**
    If the user prefers automount, create systemd mount units:

    Create `/etc/systemd/system/mnt-smb-remote\x2dshare.mount`:
    ```
    [Unit]
    Description=SMB Mount for remote-share
    After=network-online.target
    Wants=network-online.target

    [Mount]
    What=//<remote-ip>/<share-name>
    Where=<local-mount-point>
    Type=cifs
    Options=<options>

    [Install]
    WantedBy=multi-user.target
    ```

    Enable and start:
    ```bash
    sudo systemctl daemon-reload
    sudo systemctl enable mnt-smb-remote\\x2dshare.mount
    sudo systemctl start mnt-smb-remote\\x2dshare.mount
    sudo systemctl status mnt-smb-remote\\x2dshare.mount
    ```

11. **Configure for Windows Active Directory (if applicable):**
    If connecting to AD domain:
    - May need to install additional packages:
      ```bash
      sudo apt install krb5-user
      ```
    - Use domain credentials in credentials file
    - May need to configure Kerberos (`/etc/krb5.conf`)
    - Use `sec=krb5` option if Kerberos is configured

12. **Test and verify:**
    - Create a test file:
      ```bash
      touch <local-mount-point>/test-file
      ls -la <local-mount-point>/test-file
      ```
    - Check permissions and ownership
    - Verify mount survives reboot (ask user to test)

13. **Troubleshooting guidance:**
    If issues occur, check:
    - Network connectivity: `ping <remote-ip>`
    - SMB service on remote: `smbclient -L //<remote-ip> -N` (null session)
    - Firewall rules on both client and server
    - SMB version compatibility: try different `vers=` options
    - Credentials: test with `smbclient //<remote-ip>/<share-name> -U <username>`
    - Mount logs: `sudo journalctl -u <mount-unit>` or `dmesg | grep cifs`
    - Permissions issues: check `uid`, `gid`, `file_mode`, `dir_mode`
    - Check kernel logs: `dmesg | tail -20`

14. **Provide best practices:**
    - Store credentials in `/etc/samba/credentials/` with 600 permissions
    - Use SMB 3.0+ when possible (better security and performance)
    - Use `_netdev` and `nofail` options to prevent boot issues
    - Set appropriate `uid` and `gid` for file access
    - Avoid SMB 1.0 (deprecated and insecure)
    - Consider using autofs for on-demand mounting
    - Document all SMB mounts
    - Regular monitoring of SMB mount health
    - Keep credentials files secure (root ownership, 600 permissions)

## Important notes:
- Always backup /etc/fstab before editing
- Never store passwords directly in /etc/fstab
- Use credentials files with proper permissions (600, root:root)
- Test mounts before making them permanent
- Use `_netdev` and `nofail` options to prevent boot issues
- Systemd mount units need escaped names (replace / with \x2d)
- SMB 1.0 is deprecated and should be avoided