[Samba] setuids mount option broke

Derek Simkowiak dereks at realloc.net
Sat May 29 14:09:17 MDT 2010 

 > /Does it work if you change 'setuids' to 'suid'?/

    No.  Using "suid", the behavior is identical as "setuids".

    I was hoping to use either Samba over SSH, or else sshfs (Fuse), for 
mounting these remote home dirs using SSH.  But Samba's "setuids" option 
is broke, and sshfs doesn't even have that option.  Thus, I was forced 
to set up an OpenVPN server and mount the homes with NFS over OpenVPN.  
NFS sucks, and I hope the setuids option comes back. 

    Getting offtopic, but for the archives: I had to use the NFS mount 
options "soft,udp,retrans=0" so that I could log in if the VPN went 
down.  With those options, there's only a ~4 second delay before the NFS 
gives up with an error.  If you leave set it to "tcp", your SSH shell 
will lock up for 5 minutes (when you log in and it tries to read 
~/.bashrc), another 5 minutes if you accidentally type "ls", and another 
5 minutes if you hit [TAB] and it tries to do command-line completion 
for you.  You can tweak your TCP timeouts, but do you really want to 
tweak TCP settings just to make NFS fail in a reasonable fashion (and 
thus possibly break everything else)?  And if you leave it at the 
default "hard" instead of "soft", the system will lock up indefinitely 
when you log in (trying to read ~/.bashrc).

    I love OpenVPN, but installing, configuring, generating certs, 
copying certs to the client, testing, setting up monitoring, etc. was a 
couple hours of work, compared to 5 minutes setting up an SSH tunnel 
with my pre-existing key... and yet, OpenVPN was still less work than 
trying to tunnel NFS over SSH (thanks to dynamic RPC ports, lockd, etc.).


Thanks,
Derek

On 05/29/2010 05:11 AM, Scott Lovenberg wrote:
>
>
> On Fri, May 28, 2010 at 4:12 PM, Derek Simkowiak <dereks at realloc.net 
> <mailto:dereks at realloc.net>> wrote:
>
>       I can mount it using these options in /etc/fstab... note the use
>     of "setuids" here:
>
>     //cst6/testhome /testhome cifs
>     iocharset=utf8,credentials=/root/cst6_password.txt,setuids 0 0
>
> Does it work if you change 'setuids' to 'suid'?
>
>       Is there anything else I can try?  Looking at this earlier post,
>     it seems like maybe "setuids" is not even a supported option
>     anymore...?
>
>     http://lists.samba.org/archive/linux-cifs-client/2010-March/005600.html
>
> The client code has been moved out of the samba package recently.  In 
> the current release of the client (the client is now released 
> separately from the samba suite, but the two aren't in sync yet) the 
> setuid functionality is deprecated (but can still be enabled at 
> compile time).  At the moment the option is being called 'legacy'; I 
> don't know if the functionality is being dropped or 
> upgraded/redesigned, though.
>
>
> -- 
> Peace and Blessings,
> -Scott.
>

More information about the samba mailing list