[linux-cifs-client] Re: smbfs & cifs

Steve French smfrench at austin.rr.com
Tue Dec 12 19:03:47 GMT 2006 

> # cat /proc/fs/cifs/DebugData
> Display Internal CIFS Data Structures for Debugging
> ---------------------------------------------------
> CIFS Version 1.40
> Active VFS Requests: 0
> Servers:
> Shares:
>
I would prefer that you would be running a newer version of cifs,
but don't see how it would make a difference here.  For example,
this level of kernel does not include the changes necessary to get 
NTLMv2 to work with Windows.
I am planning on sending that change to the 2.6.16.x stable tree 
maintainers soon though, so
I would expect it to be picked up by distros reasonably soon (it is not 
hard to compile the fix in though).
I don't see any signs though that your server is configured in its 
security policy to require that though.

In your example, the "tree connect" is failing (not the session setup) 
which can be the case when you
are not a valid user but the server is authenticating you as guest but 
then you don't then have permission
to access this particular share as guest.   We can't see the guest flag 
in /proc/fs/cifs/DebugData directly
because the session is torn down after the tree connect failure, but I 
don't think that that
is the issue here, since if you were guest authenticated you would have 
seen the debug message

    "Guest login"

from the lines in sess.c (or fs/cifs/connect.c):
    2211 
<http://master.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;h=2caca06b4bae214327c3fccc7a046f6a0269ac37;hb=e1036502e5263851259d147771226161e5ccc85a;f=fs/cifs/connect.c#l2211> 
if (action & GUEST_LOGIN)
    2212 
<http://master.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;h=2caca06b4bae214327c3fccc7a046f6a0269ac37;hb=e1036502e5263851259d147771226161e5ccc85a;f=fs/cifs/connect.c#l2212> 
cFYI(1, (" Guest login"));

in the log.  It is puzzling why this particular user does not have 
access to the share though despite
(presumably) being validly authenticated.   The obvious thing to check 
is on the Windows side
in the share properties (it is also possible to look in the Windows 
Event Viewer on the server side
to see the security events generated by this - it may explain why it 
rejects attempts to access
this share from this user).   Does
    "smbclient \\server\share -U username%password -W domainname"
work (make sure it is the same username, password, domain that you 
passed to cifs)?

More information about the linux-cifs-client mailing list