SMB automount using systemd

axelquack · March 26, 2025, 1:18pm

Hi - I saw there were repeating questions on how to mount external drives over SMB.

I documented in detail what I did under Bazzite and a bottleneck I had with SELinux. Happy to get feedback on what I could have differently, better, or easier.

Bazzite SMB automount

Make sure that you replace whatever is in “<>” with your own data.

Setup authentication configuration file

Generate a file that defines the login data to mount the volume. The file will be called credentials located at /var/home/<username>/.smb/credentials. Make sure you first generate the folder mkdir /var/home/<username>/.smb.

username=<username>
password=<password>

Ensure the credentials file is readable only by the owner: chmod u=rw,go= /var/home/<username>/.smb/credentials
Create a mount folder on your local machine: mkdir /var/home/<username>/retrodeck
Create a file called var-home-<username>-retrodeck.mount located at /etc/systemd/system. sudo touch /etc/systemd/system/var-home-<username>-retrodeck.mount.

Create mount unit

[Unit]
Description=Mount SMB Retrodeck Share
# A human-readable description of this mount unit.

# Ensures the network is available before trying to mount.
Requires=network-online.target
# This unit will only start if 'network-online.target' is available.
After=network-online.target systemd-resolved.service
# Waits until network and DNS resolution are ready.
Wants=network-online.target systemd-resolved.service
# Suggests that these services should be running, but does not fail if they aren't.

[Mount]
# Defines what to mount and where.

# The network share (SMB/CIFS) that will be mounted.
What=//<yourRemoteServerIP>/<yourRemoteFolder>
# Replace with actual IP and share name, e.g., //192.168.1.100/retrodeck.

# Local mount point where the share will be attached.
Where=/var/home/<username>/retrodeck
# Replace <username> and <retrodeck> with actual values. Make sure that it matches with the folder you create as mount folder.

# Specifies the filesystem type.
Type=cifs
# This is necessary for mounting a Windows SMB/CIFS share.

# Mount options:
Options=rw,uid=1000,gid=1000,nofail,credentials=/var/home/<username>/.smb/credentials,vers=3.0
# `rw`          → Read/write access.
# `uid=1000`    → Ensures that the mounted files are owned by user ID 1000 (your main user).
# `gid=1000`    → Ensures group ownership by group ID 1000.
# `nofail`      → Prevents boot failure if the SMB share is unavailable.
# `credentials=/var/home/<username>/.smb/credentials` → Specifies the file storing the SMB username & password.
# `vers=3.0`    → Forces SMB version 3.0 for security and performance.

# Sets a timeout to stop trying if the mount hangs.
TimeoutSec=30
# If the mount attempt takes longer than 30 seconds, it will give up.

[Install]
# Ensures this mount is activated at boot.
WantedBy=multi-user.target
# Mounts the share when the system reaches multi-user mode (normal operation).

Set mount unit file permissions

Make sure you have set the correct permissions and ownership for systemd mount files.
Correct Owner and Group: sudo chown root:root /etc/systemd/system/var-home-<username>-retrodeck.mount
Correct File Permissions: sudo chmod u=rw,g=r,o=r /etc/systemd/system/var-home-<username>-retrodeck.mount (u=rw → User (root) gets read & write; g=r → Group (root) gets read-only.; o=r → Others get read-only)

Fixing SELinux Denial (under Bazzite)

By default Systemd is being denied access to the mount unit file due to SELinux policies.

Check Current SELinux Mode

Run:

getenforce

If it returns Enforcing, SELinux is actively blocking access.
If it returns Permissive, it logs issues but doesn’t enforce them.

Relabel the Mount Unit File

Since the file is in /etc/systemd/system/, it should have the correct SELinux label. To fix it:

sudo restorecon -v /etc/systemd/system/var-home-<username>-retrodeck.mount

Now reload Systemd, enable Auto-Start, and start the SMB mount immediately

Reload Systemd to recognize New or modified units: sudo systemctl daemon-reload
- Forces systemd to reload all unit files (services, mounts, timers, etc.).
- Necessary when adding, modifying, or deleting .mount files, since systemd does not automatically detect changes.
- Without this, systemd might not recognize new or modified units, leading to errors when enabling or starting them.
Enable the mount to Auto-Start at boot: sudo systemctl enable var-home-<username>-retrodeck.mount
- Creates a symbolic link in /etc/systemd/system/multi-user.target.wants/ pointing to your mount file.
- Ensures that systemd automatically mounts the SMB share every time the system boots.
- This does not immediately mount it—it just sets it up for future boots.
Start (mount) the SMB share immediately: sudo systemctl start var-home-<username>-retrodeck.mount
- Manually triggers the mounting of the SMB share right now, without waiting for a reboot.
- If successful, the mount point (/var/home/<username>/retrodeck) should now show the contents of the SMB share.
- If there are errors (e.g., wrong credentials, network issues), it will fail, but logs can be checked using journalctl -xe.

Topic		Replies	Views
How to install autofs Bluefin	4	256	December 23, 2023
How to mount an SD card at startup? Bluefin	3	65	February 18, 2025
New install with legacy ext4 home drive Bazzite	2	473	January 16, 2025
How to auto-mount Bitlocker NTFS encrypted drive at boot? Bazzite	1	227	January 2, 2025
How to add a second hard disk, automount at boot and make Steam in Game Mode see it? Bazzite	2	1900	December 23, 2023