[linux-cifs-client] Re: CIFS and Windows 2003 Server shares

Thu Jan 8 12:28:04 GMT 2009

On Tue, 6 Jan 2009 18:24:53 -0200
"Leonardo Chiquitto" <leonardo.lists at gmail.com> wrote:

> On Fri, Dec 19, 2008 at 11:12 AM, Leonardo Chiquitto
> <leonardo.lists at gmail.com> wrote:
> > Hello,
> >
> > I'm doing some tests with CIFS client 1.54, trying to discover what
> > changed with Windows 2003 server that is resulting in a different
> > behavior from previous Windows versions. In the end, the goal is
> > to understand whether this is something we can workaround / avoid
> > on the client side.
> >
> > The test:
> > - the same share is mounted twice with different user names
> > - the server is not a domain controller or member server
> > - the server doesn't "know" the users
> > - "Everyone" and "Guest" have full permissions in the share
> >
> > The following commands were used:
> >
> > # mount -t cifs //192.168.8.1/Shared /mnt/a -o
> >  noacl,noperm,user=john,dir_mode=0700,domain=DOMAIN,rw
> > # mount -t cifs //192.168.8.1/Shared /mnt/b -o
> >  noacl,noperm,user=jeff,dir_mode=0700,domain=DOMAIN,rw
> >
> > Results with Windows 2000 Server:
> >
> > - Both mount points are accessible in the client:
> >
> > client:/mnt # ls -la
> > total 8
> > drwxr-xr-x  4 root root 4096 Dec  9 19:14 .
> > drwxr-xr-x 31 root root 4096 Dec 15 11:40 ..
> > drwx------  1 root root    0 Dec 15  2008 a
> > drwx------  1 root root    0 Dec 15  2008 b
> >
> > - "net session" output from server:
> >
> > Computer               User name            Client Type       Opens Idle time
> > -------------------------------------------------------------------------------
> > \\192.168.8.1          JOHN                 Linux version 2.6     0 00:01:40
> > \\192.168.8.1          JEFF                 Linux version 2.6     0 00:01:40
> >
> > * We can see that Windows 2000 Server keeps the user name provided
> > by the client.
> >
> > Results with Windows 2003 Server:
> >
> > - Just the mount point mounted last is accessible:
> >
> > client:/mnt # ls -la
> > ls: cannot access a: Permission denied
> > total 8
> > drwxr-xr-x  4 root root 4096 Dec  9 19:14 .
> > drwxr-xr-x 31 root root 4096 Dec 15 11:40 ..
> > d?????????  ? ?    ?       ?            ? a
> > drwx------  1 root root    0 Dec 15  2008 b
> >
> > - "net session" output from the server:
> >
> > Computer               User name            Client Type       Opens Idle time
> > -------------------------------------------------------------------------------
> > 192.168.8.1          GUEST                Linux version 2.6     0 000012
> >
> > * We can see that just one session remains and the user name was mapped to
> > GUEST.
> >
> > I suppose this is expected, but I really would like to understand what is
> > the underlying cause.
> 
> I couldn't find a solution for this problem yet, but I have more information
> to share:
> 
> - The problem also happens with Windows 2008 Server and earlier versions
>   of the CIFS client (tested with 1.20).
> 
> Playing with the code, I found that disabling TCP connection sharing by
> applying the following patch, will workaround the problem: I can now
> mount the same share twice with different users and still have access to
> both.
> 
> --- linux.orig/fs/cifs/connect.c
> +++ linux/fs/cifs/connect.c
> @@ -1463,9 +1463,11 @@ cifs_get_tcp_session(struct smb_vol *vol
>  	}
> 
>  	/* see if we already have a matching tcp_ses */
> +#if 0
>  	tcp_ses = cifs_find_tcp_session(&addr);
>  	if (tcp_ses)
>  		return tcp_ses;
> +#endif
> 
>  	tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
>  	if (!tcp_ses) {
> 
> I understand that this is not a valid fix, it was made only for debugging.
> 
> It's also interesting that even when not sharing the TCP connection,
> "net session" output from Windows 2003 still shows only one session
> opened. Don't laugh, but is there any documentation that describes what
> defines an unique SMB session for different versions of Windows?
> 

Not that I know of...

The Linux CIFS code has 3 layered "pieces" when setting up a mount:

TCP Session (basically the socket)
SMB Session (generally separated by username)
Tree Connection (sort of the actual "mount")

These are all "many to one". i.e. a TCP session can have several SMB
sessions, and a SMB session can have several tcons.

It sounds almost like the server is squishing the SMB sessions together
and getting them confused for some reason. You might want to look at
what's going on on the wire with the SMB sessions.

I also wonder whether the server may be presenting share-level security
mounts, but that would be very odd for a server as new as win2k3.

-- 
Jeff Layton <jlayton at redhat.com>