Many macOS administrators face issues when trying to automount SMB shares with non-root permissions. The traditional /etc/fstab approach often fails to respect uid and gid parameters, defaulting to root:wheel ownership regardless of configuration attempts.
Since OS X El Capitan, System Integrity Protection (SIP) has restricted direct filesystem modifications. While /etc/fstab still works for basic mounting, permission handling behaves differently than on Linux systems:
//server/share /Volumes/share smbfs nobrowse,url=smb://user:pass@server/share,uid=501,gid=20 0 0
The uid and gid parameters here are frequently ignored by the macOS automounter.
Here's a working approach that combines autofs with proper permission handling:
Step 1: Create automount map
sudo mkdir -p /etc/auto_smb
sudo nano /etc/auto_smb/shares
Add this configuration (replace placeholders):
sharename -fstype=smbfs,soft,nosuid,nobrowse,uid=501,gid=20 ://username:password@server/sharepath
Step 2: Configure automount master map
sudo nano /etc/auto_master
Add this line at the end:
/- /etc/auto_smb/shares
Step 3: Create launchd plist for automount
Create /Library/LaunchDaemons/com.user.smbmount.plist:
Label
com.user.smbmount
ProgramArguments
/usr/bin/automount
-vc
RunAtLoad
KeepAlive
To ensure the mount point has correct permissions before mounting:
sudo mkdir -p /Volumes/sharename
sudo chown 501:20 /Volumes/sharename
sudo chmod 775 /Volumes/sharename
After implementing this solution:
sudo automount -vc
ls -la /Volumes/sharename
Should show files with the correct user/group ownership. The share will automatically mount when accessed and remain available in headless mode.
For environments requiring credential management:
security add-internet-password -a username -s server -w password -r "smb "
This stores credentials in the Keychain, which can then be referenced in automount configurations.
After spending considerable time battling SMB automounting on macOS Sierra, I've discovered several critical pain points that most documentation fails to address properly. The traditional /etc/fstab approach appears to work superficially, but completely ignores permission settings like uid and gid parameters, defaulting to restrictive root:wheel ownership.
The macOS implementation of SMB mounting has some peculiar behaviors:
mount_smbfsdoesn't properly respect POSIX permission flags- System integrity protection interferes with
/etc/fstabmodifications - Credential prompts break headless automation
Here's a working approach that combines launchd and a wrapper script:
#!/bin/bash
# /usr/local/bin/mount_smb_share.sh
MOUNT_POINT="/Volumes/NetworkShare"
SHARE_URL="smb://server/share"
CREDENTIALS_FILE="$HOME/.smbcredentials"
if [ ! -d "$MOUNT_POINT" ]; then
mkdir -p "$MOUNT_POINT"
fi
mount -t smbfs \
-o nobrowse,soft,noowners,uid=$(id -u),gid=$(id -g),credentials=$CREDENTIALS_FILE \
$SHARE_URL $MOUNT_POINT
chmod 775 "$MOUNT_POINT"
Save this as /Library/LaunchDaemons/com.user.mountsmb.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.user.mountsmb</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/mount_smb_share.sh</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<false/>
<key>AbandonProcessGroup</key>
<true/>
</dict>
</plist>
Create ~/.smbcredentials with:
username=your_username
password=your_password
domain=WORKGROUP
Then set appropriate permissions:
chmod 600 ~/.smbcredentials
After loading the launchd service (sudo launchctl load /Library/LaunchDaemons/com.user.mountsmb.plist), verify with:
mount | grep smbfs
ls -la /Volumes/NetworkShare