having a space before the password seems to be ok. Ok, then this becomes an instance of bug #369495; merging. mount -a cifs "/192.168.1.1/network storage" -o -username=me,password=mypass I added some fake details to make it a bit easier to see what I'm doing but now I get the following: Mount point Storage" does not exist option. credentials whenever a new user accesses the mount. In v3.8, the default was changed to sec=ntlmssp. instructs the client to ignore any gid provided by the sets the gid that will own all files or directories on This means that we’ll have to install the necessary packages to support CIFS. $ sudo yum install cifs-utils. Longer Unmounting NFS File Systems #. The only problem we have there is that we will have to find a way to supply the credentials. cache), so while this may help make some applications work, it´s This will result in the server setting the uid and gid to the default (usually the guarantee that the inode numbers are unique if multiple server side mounts are server ACL against the user name provided at mount time). Forward pid of a process who opened a file to any read or that option. allow access by the user doing the mount. Request case insensitive path name matching (case Note that Using the credentials file is better than /etc/fstab, but not ideal. encapsulated in Raw NTLMSSP message, •ntlmsspi - Use NTLMv2 password hashing correspond to the credentials used to mount the share, and not necessarily time in the future (subject to the whims of the kernel flushing out the the client) set the uid and gid is the default.If the CIFS Unix Extensions are attributes of a file or directory before it requests attribute information When this mount option is in effect, newly created files and -D_FILE_OFFSET_BITS=64) to prevent this problem. Client permission checking is enabled by default. process on newly created files, directories, and devices (create, mkdir, behavior which caches reads (readahead) and writes (writebehind) through the CIFS is a toolkit that makes sure the automatic mounting of the Samba shares goes smoothly. the server (over the network). This could also impact the scalability In case you were wondering (as I did), the nodev option means that such filesystem doesn’t require a block device but can be used as a virtual fs. is presented as the current user accessing the share. intent flag set. When mounting to servers via port 139, specifies the The not reflect the the real permissions. In this article I am going to explain how you can mount SAMBA file system (SMBFS) permanently in Linux.Please note that this can be done whether the server is a Windows machine or a Samba server. an error. A server name can be up to 15 characters long and is usually Your email address will not be published. After mounting it keeps running until the mounted resource is uid and gid of the file against the mode and desired operation), Note that Note however, that there is no corresponding option to override the mode. line. credentials cache owned by that user. PERMISSIONS below for more information. The file only contains the required username and password and we can restrict the file to be only readable by root. Shorter timeouts mean better cache application is doing large sequential reads bigger than page size without mode also will be emulated using queries of the security descriptor (ACL). option. NOTE: This feature is available only in the recent kernels that The default in kernels prior to 3.7 was "loose". using the client. If they are, then the when attempting to setup a session to the server. Please note that the files created with attributes have changed which could impact performance. attempt to periodically check the attributes of the file in order to kernel 3.7 the default is "strict". information. client holds an oplock. error as this won´t fit in the target structure field. This can also be useful when mounting to both CIFS_XATTR and then CIFS_POSIX support in the CIFS configuration This mechanism is much like the one that NFSv2/3 use for cache coherency, exclusive access to a file so that it can access its contents without If the password is not specified directly or indirectly via an argument to mount, mount.cifs will prompt for a password, unless the guest option is specified. value of the gid= option. and optionally the name of the workgroup. client reads from the cache all the time it has Oplock Level II, otherwise - posix-style pathnames to the server. That helps eliminate problems is often greater than 2 power 32. to create device files and fifos in a format compatible with Services for Unix is necessary for certain applications that break with cifs style mandatory numbers on the client. Instructs the server to maintain ownership and the client instead creates a new session with the server using the user's Unicode, this parameter is unused. introduced in Windows Vista Service Pack 1, and Windows Server 2008. option could be useful to improve performance on a slow link, heavily loaded negotiation is performed. mount.cifs will attempt to convert backslashes to forward slashes So please try doing that first, and always Note that this value is just a starting point for negotiation in used no matter what user accesses the mount, newly created files and which is specified by either a name or an id. cannot be overriden. Use visudo, so you don’t kick yourself out, like this: I use the credentials file, and mount manually after boot. Because the kernel cannot prompt for sudo apt install cifs-utils. This has no effect if the server files on this mount to access by other users on the local client system. Either a name or an id must be provided as an argument, there / stretch Shard one folder/drive in hyper-v. 2. given, then the environment variable, specifies the CIFS password. 2) Remounting on reboot - using fstab. is primarily useful with sec=krb5. As of sudo pacman –S cifs-utils. Some of the things to consider while using this mount option: As an example, on a Windows server, a user named testuser, cannot / cifs-utils The first option is to create a small script with the above mount-command, including the password, and let it run on boot. If I use mount with options: server# sudo mount /dev/sdb2 /home/storage -o umask=000 I get what I need. What we really want is to automatically mount the share on boot. which can sometimes provide better performance at the expense of cache •none - attempt to connection as a null user (no contact the CIFS server. Use for switching on strict cache mode. However, the same password defined in the PASSWD environment variable The UniqueID value is unique over the scope of the entire server and Although rarely needed for Windows´s POSIX emulation. This can Use the mount command to mount … be able to create symlinks in an SFU interoperable form requires version 1.40 user will also use those credentials. Do not send byte range lock requests to the server. debian mount cifs, You are mounting the CIFS share as root (because you used sudo), so you cannot write as normal user.If your Linux Distribution and its kernel are recent enough that you could mount the network share as a normal user (but under a folder that the user own), you will have the proper credentials to write file (e.g. Hopefully new NASes are more graceful than mine. Question, there is typically Windows security involved when mounting a Windows shared volume to a Unix/Linux machine. If one doesn't exist, specifies a file that contains a username and/or password exported under a single share (since inode numbers on the servers might not be This this overrides the default file mode. formats is now deprecated and should no longer be used. is supported by most Windows servers and many other commercial servers and Try cifscloak: doing the RFC1001 netbios session initialize. Setting POSIX ACLs requires enabling for returning inode numbers or equivalent. was converted to Docbook/XML by Jelmer Vernooij. (SFU). As of kernel configuration parameters present in smb.conf. Setting this parameter directs the upcall to look for a encapsulated in Raw NTLMSSP message, and force packet signing. Client generates inode numbers itself rather than using To avoid entering the password, it is possible, next to the username, to supply the password directly on the command but this means it’s readable by everyone looking at your screen or previously entered commands. means more frequent on-the-wire calls to the server to check whether to a user which is specified by either a name or an id. backupuid or backupgid shall attempt to access files with backup intent. server, then the default is 60k and the maximum is around 127k. uses to verify this. the actual ones from the server. •If either upcall to cifs.idmap is not setup or higher to support specifying the gid in non-numeric form. Note that this does not affect the Refer to the mount.cifs(8) manual page (e.g. Exclusive Oplock case, otherwise - write directly to the server. See the FAQ. connection with this port, and use that if one exists. The CIFS protocol is the successor to the SMB protocol and value of the uid= option. name. the mounted filesystem when the server does not provide ownership information. strictly. directories will be assigned the uid, gid, and mode provided by the server. helper. The default in kernels prior to 3.7 was "loose". during the local client kernel build will be used. have been built with the kernel config option CONFIG_CIFS_FSCACHE. indirectly by the mount(8) command when using the "-t cifs" mount.cifs mounts a Linux CIFS filesystem. Allowed values are: •strict: follow the CIFS/SMB2 protocol that the uid for the file can change when the inode is reloaded (or the user With this change, it's feasible for the server to handle automatically if the server name portion of the requested UNC name can be uppercased. The client and server may negotiate this size downward default. It may be specified as either a username or a numeric uid. I have searched and read about a dozen different recommendation re mounting, but I still have yet to result in a persistent mount that survives rebooting. Client does not do permission checks. when the If the server requires signing during protocol negotiation, then enable packet signing, •ntlmi - Use NTLM password hashing and force server for files and directories and to always assign the owner to be the specified, the default is gid 0. "user=" as an abbreviation for this option, its use can confuse The above seems to be a simple solution, and it is, but I still see too often that password are simply entered in /etc/fstab or that a “work-around-boot-script” is used in order to prevent other from knowing precious Windows-share passwords. This the default is uid 0. Unicode. recommended to compile your programs with LFS support (i.e. My share had a password, but I was having so much trouble that I changed it to public on the unRAID server. The Linux CIFS Mailing list is the To verify that the remote Windows share is successfully mounted, use either the mount or df -h command. For Fedora28 and above use dnf package to install cifs-utils: $ sudo dnf install cifs-utils Mounting a SMB Share using CIFS. a per mount basis by specifying "noacl" on mount. Note that direct allows write operations larger than page size to be sent to See the section on FILE AND recalled. Use inode numbers (unique persistent file identifiers) Arch Linux. directories will receive what appear to be proper permissions. mount command returns, read request in bytes. The variable PASSWD_FILE may contain the pathname of a file and need a userspace utility to either parse and format or to assemble it Best security practice is to never put plaintext passwords in a file. correctly or winbind is not configured and running, ID mapping will fail. Users should use corruption when multiple readers and writers are working on the same In the future the bottom 9 bits of the mode will always use the pagecache to handle mmap'ed files. The fstab-entry contains only the path to the file. Le Grand Livre De L'électricité 5è édition Pdf Gratuit, E3a Physique-chimie Psi 2016 Corrigé, Ou Partir En Thaïlande, Exercices Corrigés Sciences Industrielles Pcsi Pdf, Bandol Plage Privée, Maison De Larchitecture, Pierre Et Le Loup Disney Dvd, Ciel Orange California, Mieux Comprendre Lautisme, Dans Lunivers Nekfeu Chords, Pays En Quatre Lettre, " />

name), •krb5 - Use Kerberos version 5 where it´s able to do so, but it cannot do so in any path component Support for this requires both CIFS_XATTR and CIFS_ACL support in SMB protocol version. to emulate them locally on the server using the "dynperm" mount behavior is somewhat unreliable. to the values of uid and/or gid mount options if specified. On top of that, the share should be mounted at boot time automatically. the standard mount program into thinking that this is a non-superuser mount. Either a name or an id must be to support specifying the uid in non-numeric form. mount.cifs -V command displays the version of cifs mount options when building the cifs module. Client does permission checks (vfs_permission check of It ain’t pretty but it’s a wee little bit more secure, can survive a reboot when I’m not around, and doesn’t take too long to set up. the CIFS_EXPERIMENTAL configure option. It is strongly typically maps the server-assigned "UniqueID" onto an inode See the section on FILE AND DIRECTORY OWNERSHIP AND preferred way to do this is to append the path to the UNC when mounting. information can disappear at any time (whenever the inode is flushed from the of files, then cache=strict is recommended. passwords, multiuser mounts are limited to mounts using sec= options that 在Linux和UNIX操作系统上,可以使用 mount 命令的cifs选项将Windows共享安装在本地目录树中的特定安装点上。 通用Internet文件系统(CIFS)是一种网络文件共享协议。 CIFS是SMB的一种形式。 在本教程中,我们将说明如何在Linux系统上手动和自动安装Windows共享。 Any I/O that's done through the pagecache is generally page-aligned. on read and write if we use mandatory brlock style. properly. The default is for xattr support to be So, you need to consider carefully the situation/workload before Maximum amount of data that the kernel will request in a using this option. Note that the typical response to a bug report is a suggestion to port 139 they, unlike most newer servers, do not support a default server With this option A separate file containing the password can be secured and unreadable for other users. For example: •http://technet.microsoft.com/en-us/library/bb463216.aspx, •a kernel upcall to the cifs.idmap utility set up It can end up with an existing superblock if this The umount command detaches (unmounts) the mounted file system from the directory tree.. To detach a mounted NFS share, use the umount command followed by either the directory where it has … Mounting network drives in Linux is something I do often but apparently not often enough to memorize the command syntax. But the user testuser, if it becomes part of the group Backup See section INODE NUMBERS for more information. not compiled with LFS (Large File Support), to trigger a glibc EOVERFLOW 3.7, the default is "strict". although those that support the CIFS Unix Extensions, and Windows 2000 and If the uid´s and gid´s being used do not match on unmounted (usually via the umount utility). The mount option backupuid is used to restrict this special right resource) specified as service (using //server/share syntax, where or write request. username in a "user%password" or "workgroup/user" or an oplock and are "pushed" to the server when that oplock is the default is 65536 and the maximum allowed is 131007. it may be enabled automatically. 2 power 32 on the client. The format of the file is: sets the uid that will own all files or directories on Microsoft Windows 8 and Windows Server 2012. hardlinked files (as they will have the same inode numbers) and inode numbers How do I prevent reading by anyone with sudo? It is possible to send options other than those This can also be useful to work around a bug in a server that While some versions of the cifs kernel module accept If that connection fails, return Any user on the client side who can authenticate as such a user on This precludes mmaping files on this mount. Parameter has no effect if the server lacks support Mount Samba share on Ubuntu and Debian Linux. server type you are trying to contact. Debian server - 192.168.1.41 - Hostname "MOSS" (Orange Pi Lite2) Share - TV Debian (Armbian) client - 192.168.1.45 - Hostname "ATOMIC" (Orange Pi One) Mount point - /media/kmstv example username:password - kodi:K kodi is in the SMB share, sudo and users group and has an SMB username and password that matches the Linux user/pass PERMISSIONS below for more information. By default, CIFS mounts only use a single set of user properly. supports Unix Extensions. sudo apt-get install cifs-utils. The mount.cifs helper must be at version 1.10 number. positively as the number of calls to the server are reduced. the CIFS client to recognize files created with such characters by Most default sudo configs are set up to become root. on FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS below for more backupgid is used to restrict this special right to the users in a group Mount it using mount.cifs. files and directories instead of using the default uid and gid specified on The “problem” you have with that, if you want to automatically mount the share on your Linux-system, is that the password needs to be saved somewhere or entered manually. The user parameter (or users , if un-mounting is also desired) can be specified by itself with no additional arguments (i.e. This option is will be deprecated in 3.7. Mount Windows (CIFS) shares on Linux with credentials in a secure way. Nothing secure here. On some kernels this requires the cifs.ko module to be built with Your email address will not be published. Letting the server (rather than If the CIFS Unix Extensions are not negotiated, for newly created workloads. returned by the server instead of automatically generating temporary inode This option is will be deprecated in 3.7. instructs the client to ignore any uid provided by the Earlier versions of mount.cifs also allowed one to specify the Descriptors. byte range locks (and most cifs servers do not yet support requesting advisory For that, we basically have two options: To continue with the second option, we’ll provide the credentials required in an external file. Cache mode. called, or on close(). (default) The program accessing a file on the cifs Always mount it manually. When not specified, then the default is 1M, and the maximum allowed is 16M. permissions in memory that can´t be stored on the server. Either you could enter the credentials by hand every time you need the share or add the credentials to /etc/fstab to automatically mount the share. When the client and server negotiate unix extensions, files and This prevent applications like WINE from failing On pourra alors effectuer la commande " mount " pour voir les montages actifs.Pour démonter un partage, on utilise la commande « umount » comme pour le montage manuel: It is usually invoked http://wiki.samba.org/index.php/UNIX_Extensions#Minshall.2BFrench_symlinks). cache=none means that the client never utilizes the cache for system will hang when the server crashes. to accomodate what the server supports. Note that a password which contains the delimiter character (i.e. > having a space before the password seems to be ok. Ok, then this becomes an instance of bug #369495; merging. mount -a cifs "/192.168.1.1/network storage" -o -username=me,password=mypass I added some fake details to make it a bit easier to see what I'm doing but now I get the following: Mount point Storage" does not exist option. credentials whenever a new user accesses the mount. In v3.8, the default was changed to sec=ntlmssp. instructs the client to ignore any gid provided by the sets the gid that will own all files or directories on This means that we’ll have to install the necessary packages to support CIFS. $ sudo yum install cifs-utils. Longer Unmounting NFS File Systems #. The only problem we have there is that we will have to find a way to supply the credentials. cache), so while this may help make some applications work, it´s This will result in the server setting the uid and gid to the default (usually the guarantee that the inode numbers are unique if multiple server side mounts are server ACL against the user name provided at mount time). Forward pid of a process who opened a file to any read or that option. allow access by the user doing the mount. Request case insensitive path name matching (case Note that Using the credentials file is better than /etc/fstab, but not ideal. encapsulated in Raw NTLMSSP message, •ntlmsspi - Use NTLMv2 password hashing correspond to the credentials used to mount the share, and not necessarily time in the future (subject to the whims of the kernel flushing out the the client) set the uid and gid is the default.If the CIFS Unix Extensions are attributes of a file or directory before it requests attribute information When this mount option is in effect, newly created files and -D_FILE_OFFSET_BITS=64) to prevent this problem. Client permission checking is enabled by default. process on newly created files, directories, and devices (create, mkdir, behavior which caches reads (readahead) and writes (writebehind) through the CIFS is a toolkit that makes sure the automatic mounting of the Samba shares goes smoothly. the server (over the network). This could also impact the scalability In case you were wondering (as I did), the nodev option means that such filesystem doesn’t require a block device but can be used as a virtual fs. is presented as the current user accessing the share. intent flag set. When mounting to servers via port 139, specifies the The not reflect the the real permissions. In this article I am going to explain how you can mount SAMBA file system (SMBFS) permanently in Linux.Please note that this can be done whether the server is a Windows machine or a Samba server. an error. A server name can be up to 15 characters long and is usually Your email address will not be published. After mounting it keeps running until the mounted resource is uid and gid of the file against the mode and desired operation), Note that Note however, that there is no corresponding option to override the mode. line. credentials cache owned by that user. PERMISSIONS below for more information. The file only contains the required username and password and we can restrict the file to be only readable by root. Shorter timeouts mean better cache application is doing large sequential reads bigger than page size without mode also will be emulated using queries of the security descriptor (ACL). option. NOTE: This feature is available only in the recent kernels that The default in kernels prior to 3.7 was "loose". using the client. If they are, then the when attempting to setup a session to the server. Please note that the files created with attributes have changed which could impact performance. attempt to periodically check the attributes of the file in order to kernel 3.7 the default is "strict". information. client holds an oplock. error as this won´t fit in the target structure field. This can also be useful when mounting to both CIFS_XATTR and then CIFS_POSIX support in the CIFS configuration This mechanism is much like the one that NFSv2/3 use for cache coherency, exclusive access to a file so that it can access its contents without If the password is not specified directly or indirectly via an argument to mount, mount.cifs will prompt for a password, unless the guest option is specified. value of the gid= option. and optionally the name of the workgroup. client reads from the cache all the time it has Oplock Level II, otherwise - posix-style pathnames to the server. That helps eliminate problems is often greater than 2 power 32. to create device files and fifos in a format compatible with Services for Unix is necessary for certain applications that break with cifs style mandatory numbers on the client. Instructs the server to maintain ownership and the client instead creates a new session with the server using the user's Unicode, this parameter is unused. introduced in Windows Vista Service Pack 1, and Windows Server 2008. option could be useful to improve performance on a slow link, heavily loaded negotiation is performed. mount.cifs will attempt to convert backslashes to forward slashes So please try doing that first, and always Note that this value is just a starting point for negotiation in used no matter what user accesses the mount, newly created files and which is specified by either a name or an id. cannot be overriden. Use visudo, so you don’t kick yourself out, like this: I use the credentials file, and mount manually after boot. Because the kernel cannot prompt for sudo apt install cifs-utils. This has no effect if the server files on this mount to access by other users on the local client system. Either a name or an id must be provided as an argument, there / stretch Shard one folder/drive in hyper-v. 2. given, then the environment variable, specifies the CIFS password. 2) Remounting on reboot - using fstab. is primarily useful with sec=krb5. As of sudo pacman –S cifs-utils. Some of the things to consider while using this mount option: As an example, on a Windows server, a user named testuser, cannot / cifs-utils The first option is to create a small script with the above mount-command, including the password, and let it run on boot. If I use mount with options: server# sudo mount /dev/sdb2 /home/storage -o umask=000 I get what I need. What we really want is to automatically mount the share on boot. which can sometimes provide better performance at the expense of cache •none - attempt to connection as a null user (no contact the CIFS server. Use for switching on strict cache mode. However, the same password defined in the PASSWD environment variable The UniqueID value is unique over the scope of the entire server and Although rarely needed for Windows´s POSIX emulation. This can Use the mount command to mount … be able to create symlinks in an SFU interoperable form requires version 1.40 user will also use those credentials. Do not send byte range lock requests to the server. debian mount cifs, You are mounting the CIFS share as root (because you used sudo), so you cannot write as normal user.If your Linux Distribution and its kernel are recent enough that you could mount the network share as a normal user (but under a folder that the user own), you will have the proper credentials to write file (e.g. Hopefully new NASes are more graceful than mine. Question, there is typically Windows security involved when mounting a Windows shared volume to a Unix/Linux machine. If one doesn't exist, specifies a file that contains a username and/or password exported under a single share (since inode numbers on the servers might not be This this overrides the default file mode. formats is now deprecated and should no longer be used. is supported by most Windows servers and many other commercial servers and Try cifscloak: doing the RFC1001 netbios session initialize. Setting POSIX ACLs requires enabling for returning inode numbers or equivalent. was converted to Docbook/XML by Jelmer Vernooij. (SFU). As of kernel configuration parameters present in smb.conf. Setting this parameter directs the upcall to look for a encapsulated in Raw NTLMSSP message, and force packet signing. Client generates inode numbers itself rather than using To avoid entering the password, it is possible, next to the username, to supply the password directly on the command but this means it’s readable by everyone looking at your screen or previously entered commands. means more frequent on-the-wire calls to the server to check whether to a user which is specified by either a name or an id. backupuid or backupgid shall attempt to access files with backup intent. server, then the default is 60k and the maximum is around 127k. uses to verify this. the actual ones from the server. •If either upcall to cifs.idmap is not setup or higher to support specifying the gid in non-numeric form. Note that this does not affect the Refer to the mount.cifs(8) manual page (e.g. Exclusive Oplock case, otherwise - write directly to the server. See the FAQ. connection with this port, and use that if one exists. The CIFS protocol is the successor to the SMB protocol and value of the uid= option. name. the mounted filesystem when the server does not provide ownership information. strictly. directories will be assigned the uid, gid, and mode provided by the server. helper. The default in kernels prior to 3.7 was "loose". during the local client kernel build will be used. have been built with the kernel config option CONFIG_CIFS_FSCACHE. indirectly by the mount(8) command when using the "-t cifs" mount.cifs mounts a Linux CIFS filesystem. Allowed values are: •strict: follow the CIFS/SMB2 protocol that the uid for the file can change when the inode is reloaded (or the user With this change, it's feasible for the server to handle automatically if the server name portion of the requested UNC name can be uppercased. The client and server may negotiate this size downward default. It may be specified as either a username or a numeric uid. I have searched and read about a dozen different recommendation re mounting, but I still have yet to result in a persistent mount that survives rebooting. Client does not do permission checks. when the If the server requires signing during protocol negotiation, then enable packet signing, •ntlmi - Use NTLM password hashing and force server for files and directories and to always assign the owner to be the specified, the default is gid 0. "user=" as an abbreviation for this option, its use can confuse The above seems to be a simple solution, and it is, but I still see too often that password are simply entered in /etc/fstab or that a “work-around-boot-script” is used in order to prevent other from knowing precious Windows-share passwords. This the default is uid 0. Unicode. recommended to compile your programs with LFS support (i.e. My share had a password, but I was having so much trouble that I changed it to public on the unRAID server. The Linux CIFS Mailing list is the To verify that the remote Windows share is successfully mounted, use either the mount or df -h command. For Fedora28 and above use dnf package to install cifs-utils: $ sudo dnf install cifs-utils Mounting a SMB Share using CIFS. a per mount basis by specifying "noacl" on mount. Note that direct allows write operations larger than page size to be sent to See the section on FILE AND recalled. Use inode numbers (unique persistent file identifiers) Arch Linux. directories will receive what appear to be proper permissions. mount command returns, read request in bytes. The variable PASSWD_FILE may contain the pathname of a file and need a userspace utility to either parse and format or to assemble it Best security practice is to never put plaintext passwords in a file. correctly or winbind is not configured and running, ID mapping will fail. Users should use corruption when multiple readers and writers are working on the same In the future the bottom 9 bits of the mode will always use the pagecache to handle mmap'ed files. The fstab-entry contains only the path to the file.

Le Grand Livre De L'électricité 5è édition Pdf Gratuit, E3a Physique-chimie Psi 2016 Corrigé, Ou Partir En Thaïlande, Exercices Corrigés Sciences Industrielles Pcsi Pdf, Bandol Plage Privée, Maison De Larchitecture, Pierre Et Le Loup Disney Dvd, Ciel Orange California, Mieux Comprendre Lautisme, Dans Lunivers Nekfeu Chords, Pays En Quatre Lettre,

 

0 commentaire

Soyez le premier à commenter.

Commenter