First you need to ensure that setuid root is set on the CIFS mount executable:
chmod u+s /sbin/mount.cifs
In order for a user to mount a CIFS share it must be in the /etc/fstab file in the following format:
//researchdata.uct.ac.za/<MYDISK> /researchdata/<MYDISK> cifs user,user=wf/<UCTID>,noauto,uid=<LOCALUSER>,gid=<LOCALGROUP>,iocharset=utf8,file_mode=<FM>,dir_mode=<DM>,noperm 0 0
Where MYDISK is the //researchdata arcive disk name you were given, UCTID is your staff or student number, LOCALUSER and LOCALGROUP are the cluster user and group owners of this new mount point and FM and DM are the read, write execute permissions that wil be set up.
For example:
//researchdata.uct.ac.za/StarData /researchdata/StarData cifs user,user=wf/01234567,noauto,uid=501,gid=900,iocharset=utf8,file_mode=0750,dir_mode=0750,noperm 0 0
However in reality we will reference the Infiniband IP instead of the DNS name of //researchdata archive. The user will then execute the following:
mount /researchdata/StarData
If the CIFS mount is not in /etc/fstab the user gets an error stating that they need to be root in order to mount a file system. This prevents users from mounting arbitrary file systems which would be a major security problem.
We intend to add various mount points to our cluster nodes to allow users to mount //researchdata archive storage directly on the HPC cluster, however this will only be done on request. The disks are not mounted automatically and by default users should assume that the mount points are not active and as part of their job should manually mount their //researchdata disk. In order to minimize on the number of active mount points we will periodically umount /researchdata disks on inactive nodes.