On Fri, Nov 21, 2008 at 8:27 PM, Günter Kukkukk <[EMAIL PROTECTED]> wrote: > Am Freitag, 21. November 2008 schrieb Richard Nelson: >> On Thu, Nov 20, 2008 at 9:51 PM, Günter Kukkukk <[EMAIL PROTECTED]> wrote: >> > Am Mittwoch, 19. November 2008 schrieb Richard Nelson: >> >> Greetings, >> >> >> >> I am working on getting mount.cifs version: 1.11-3.2.4 on debian to >> >> mount a share on a samba server Version 3.0.13-1.1-SUSE on SuSe. This >> >> was working on older debian systems, but upon upgrading some of the >> >> systems to Lenny I am now having trouble mounting shares. Again, this >> >> was working and I have smbfs installed on the systems (which is what I >> >> used before). >> >> >> >> The samba server is set to have encrypt passwords = No and I am >> >> basically authenticating from /etc/passwd+shadow (no smbpasswd file). >> >> The setup is still working fine on non upgraded systems. Only on the >> >> newly upgraded systems is the mounting not working. >> >> >> >> The kernel on the clients do have CONFIG_CIFS_WEAK_PW_HASH=y >> >> >> >> Below is some dmesg info after running the mount.cifs with various / >> >> proc/fs/cifs/SecurityFlags: >> >> mount.smbfs //172.16.0.8/tech ./mymount -ouser=tech >> >> >> >> SNIP >> >> >> >> >> Any thoughts welcome. Many thanks. >> > >> >> Greetings, >> >> >> > I'm not sure whether the following hints will also work with older cifs >> > versions, it worked here with the recent git tree. >> > >> > 1.) use 'modprobe cifs' to load the kernel module >> >> Yes it is loaded. >> >> > 2.) use 'echo 0x20 > /proc/fs/cifs/SecurityFlags' (also try 0x27) >> >> Ok I have output below. >> >> > 3.) mount by using the "sec=lanman" option, >> > e.g. mount -t cifs //server/share /mount/point -o >> > cred=/path/to/creds_file,sec=lanman >> > >> >> With mount -t cifs //172.16.0.8/tech ./mymount -ouser=tech,sec=lanman >> >> [698499.794951] fs/cifs/cifs_debug.c: sec flags 0x20 >> [698499.794958] fs/cifs/cifs_debug.c: packet signing disabled >> >> [698534.544307] fs/cifs/cifsfs.c: Devname: //172.16.0.8/tech flags: 64 >> [698534.544316] fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 4 >> with uid: 0 >> [698534.544325] fs/cifs/connect.c: Username: tech >> [698534.544328] fs/cifs/connect.c: UNC: \\172.16.0.8\tech ip: 172.16.0.8 >> [698534.544339] fs/cifs/connect.c: Socket created >> [698534.545059] fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo >> 0x7fffffff >> [698534.545066] fs/cifs/transport.c: Sending smb of length 68 >> [698534.552075] fs/cifs/connect.c: Existing smb sess not found >> [698534.552088] fs/cifs/cifssmb.c: secFlags 0x10 >> [698534.552093] fs/cifs/transport.c: For smb_command 114 >> [698534.552096] fs/cifs/transport.c: Sending smb of length 78 >> [698534.552325] fs/cifs/connect.c: Demultiplex PID: 7365 >> [698534.552337] fs/cifs/connect.c: rfc1002 length 0x82000004 >> [698534.552339] fs/cifs/connect.c: Good RFC 1002 session rsp >> [698534.552804] fs/cifs/connect.c: rfc1002 length 0x55 >> [698534.552820] fs/cifs/cifssmb.c: Dialect: 2 >> [698534.552822] CIFS VFS: Server requests plain text password but >> client support disabled >> [698534.552826] fs/cifs/cifssmb.c: Signing disabled >> [698534.552828] fs/cifs/cifssmb.c: negprot rc 0 >> [698534.552830] fs/cifs/connect.c: Security Mode: 0x1 Capabilities: >> 0xe3fd TimeAdjust: 21600 >> [698534.552833] fs/cifs/sess.c: sess setup type 1 >> [698534.552838] fs/cifs/sess.c: Negotiating LANMAN setting up strings >> [698534.552842] fs/cifs/transport.c: For smb_command 115 >> [698534.552845] fs/cifs/transport.c: Sending smb: total_len 142 >> [698534.558690] fs/cifs/connect.c: rfc1002 length 0x27 >> [698534.558690] fs/cifs/netmisc.c: Mapping smb error code 5 to POSIX err -13 >> [698534.558690] fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release >> [698534.558690] fs/cifs/sess.c: ssetup rc from sendrecv2 is -13 >> [698534.558690] fs/cifs/sess.c: ssetup freeing small buf f6e9c740 >> [698534.558690] CIFS VFS: Send error in SessSetup = -13 >> [698534.688079] fs/cifs/connect.c: No session or bad tcon >> [698534.688088] fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid >> = 4) rc = -13 >> [698534.688091] CIFS VFS: cifs_mount failed w/return code = -13 >> >> >> >> And >> >> [698790.654395] fs/cifs/cifs_debug.c: sec flags 0x27 >> [698790.654395] fs/cifs/cifs_debug.c: packet signing now required >> >> [698799.968300] fs/cifs/cifsfs.c: Devname: //172.16.0.8/tech flags: 64 >> [698799.968300] fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 5 >> with uid: 0 >> [698799.968300] fs/cifs/connect.c: Username: tech >> [698799.968300] fs/cifs/connect.c: UNC: \\172.16.0.8\tech ip: 172.16.0.8 >> [698799.968300] fs/cifs/connect.c: Socket created >> [698799.968603] fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo >> 0x7fffffff >> [698799.968603] fs/cifs/transport.c: Sending smb of length 68 >> [698799.976084] fs/cifs/connect.c: Existing smb sess not found >> [698799.976097] fs/cifs/cifssmb.c: secFlags 0x10 >> [698799.976103] fs/cifs/transport.c: For smb_command 114 >> [698799.976106] fs/cifs/transport.c: Sending smb of length 78 >> [698799.976387] fs/cifs/connect.c: Demultiplex PID: 7371 >> [698799.976401] fs/cifs/connect.c: rfc1002 length 0x82000004 >> [698799.976403] fs/cifs/connect.c: Good RFC 1002 session rsp >> [698799.976786] fs/cifs/connect.c: rfc1002 length 0x55 >> [698799.976802] fs/cifs/cifssmb.c: Dialect: 2 >> [698799.976804] CIFS VFS: Server requests plain text password but >> client support disabled >> [698799.976808] fs/cifs/cifssmb.c: Signing disabled >> [698799.976810] fs/cifs/cifssmb.c: negprot rc 0 >> [698799.976813] fs/cifs/connect.c: Security Mode: 0x1 Capabilities: >> 0xe3fd TimeAdjust: 21600 >> [698799.976815] fs/cifs/sess.c: sess setup type 1 >> [698799.976821] fs/cifs/sess.c: Negotiating LANMAN setting up strings >> [698799.976825] fs/cifs/transport.c: For smb_command 115 >> [698799.976828] fs/cifs/transport.c: Sending smb: total_len 142 >> [698799.982255] fs/cifs/connect.c: rfc1002 length 0x27 >> [698799.982255] fs/cifs/netmisc.c: Mapping smb error code 5 to POSIX err -13 >> [698799.982255] fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release >> [698799.982255] fs/cifs/sess.c: ssetup rc from sendrecv2 is -13 >> [698799.982255] fs/cifs/sess.c: ssetup freeing small buf f6e9c200 >> [698799.982255] CIFS VFS: Send error in SessSetup = -13 >> [698800.112083] fs/cifs/connect.c: No session or bad tcon >> [698800.112091] fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid >> = 5) rc = -13 >> [698800.112094] CIFS VFS: cifs_mount failed w/return code = -13 >> >> >> > I had a short look at the recent git cifs sources. The current plaintext >> > auth codepaths >> > seem to be a bit inconsistant and possibly not very well tested. (that >> > auth type is >> > a bit outdated these days ...) >> > >> >> Yes a bit outdated but still in use by me. :) I think it is supposed >> to work so I am in hopes someone will help out. At worse case I will >> move to a smbpasswd file but I would just assume stay in >> /etc/passwd+shadow. >> >> > Cheers, Günter >> >> Many thanks for your reply. Any further ideas would be appreciated. > > please post the outcome of 'modinfo cifs', done on a failing client. > Cheers, Günter
Greetings Günter, Below is the output of the command you wanted: filename: /lib/modules/2.6.26-1-686/kernel/fs/cifs/cifs.ko version: 1.53 description: VFS to access servers complying with the SNIA CIFS Specification e.g. Samba and Windows license: GPL author: Steve French <[EMAIL PROTECTED]> srcversion: D67A510FA28C2A6AD70148B depends: nls_base vermagic: 2.6.26-1-686 SMP mod_unload modversions 686 parm: CIFSMaxBufSize:Network buffer size (not including header). Default: 16384 Range: 8192 to 130048 (int) parm: cifs_min_rcv:Network buffers in pool. Default: 4 Range: 1 to 64 (int) parm: cifs_min_small:Small network buffers in pool. Default: 30 Range: 2 to 256 (int) parm: cifs_max_pending:Simultaneous requests to server. Default: 50 Range: 2 to 256 (int) I did some testing today and if I populate the smbpasswd with usernames following the a correct file format and enable the use of update encrypted = yes , user passwords get updated in the smbpasswd file. And then if I enable encrypt passwords = Yes , the updated clients work as they should. I do not know if this helps but it is part of an action plan I have in place in the event of no resolution to my keeping encrypt passwords = no issue. Many thanks for your time and replies. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
