ANNOUNCE: cifs-utils release 5.6 is ready for download

Jeff Layton jlayton at
Thu Jul 26 08:55:40 MDT 2012

Hash: SHA1

Time for another cifs-utils release!


* binaries are now built by default with PIE and RELRO support for
  better protection against exploits

* better debugging and warnings for cifs.upcall and cifscreds

* better integration with systemd by having mount.cifs use
  systemd-ask-password if it's appropriate and available

git:        git://

Detailed list of changes since 5.5:

commit df561d40947e0b520deb48e1a4749afe9787949a
Author: Jeff Layton <jlayton at>
Date:   Fri Jun 1 13:56:21 2012 -0400

    autoconf: set version to 5.5.1 for interim builds
    Signed-off-by: Jeff Layton <jlayton at>

commit 74edf24d9780900f3ce15d2403c6e331b031d454
Author: Jeff Layton <jlayton at>
Date:   Thu Jun 14 10:59:18 2012 -0400

    automake: revert -Werror by default
    I think in hindsight, that adding -Werror by default was a mistake.
    cifs-utils is built in a wide range of environments and tools, and it's
    very difficult to eliminate all of the possible warnings.
    Let's go ahead and remove it and reduce the steady trickle of patches
    that are simply to silence obscure warnings.
    Cc: Suresh Jayaraman <sjayaraman at>
    Signed-off-by: Jeff Layton <jlayton at>

commit 0eb3daa4b17ee64b464594f1a5d413ecb364957c
Author: Jeff Layton <jlayton at>
Date:   Thu Jun 14 10:59:18 2012 -0400

    mount.cifs: set rc to 0 in libcap toggle_dac_capability
    Thus spake Jochen:
    The mount.cifs program from the cifs-utils package 5.5 did not work on
    my Linux system. It just exited without an error message and did not
    mount anything.
    I think, when this variable rc is now used in this function, it has also
    to be properly initialized there.
    Reported-by: Jochen Roderburg <roderburg at>
    Signed-off-by: Jeff Layton <jlayton at>

commit b7bea5254443cb121b0cf03a64b123b85d7f9fbb
Author: Jeff Layton <jlayton at>
Date:   Thu Jun 14 11:05:43 2012 -0400

    cifs.upcall: more debug logging for krb5 upcalls
    While helping to track down a configuration problem, I found this
    little bit of extra debug logging to be helpful. Might as well
    make it part of the stock binary.
    Signed-off-by: Jeff Layton <jlayton at>

commit a8611e25d44211cd57a91dce4fe7d7a7ad7534d4
Author: Jeff Layton <jlayton at>
Date:   Fri Jul 6 11:48:18 2012 -0400

    replace: remove bzero() redefinition from replace.h
    I borrowed replace.h from samba when I split off the package, and we
    have a ton of definitions in there that we don't really need.  This is
    one of them and it causes a warning when we build on RHEL5.
    Reported-by: Andreas Schneider <asn at>
    Signed-off-by: Jeff Layton <jlayton at>

commit 233e17db8ef7edba1fea660e076a03a56b0117d2
Author: Jeff Layton <jlayton at>
Date:   Mon Jul 9 14:12:33 2012 -0400

    autoconf: add --enable-pie and --enable-relro
    -pie and -fpie enable the building of position-independent executables,
    and -Wl,-z,relro turns on read-only relocation support in gcc. These
    options are important for security purposes to guard against possible
    buffer overflows that lead to exploits.
    Follow the example of samba here and enable these by default, but add
    configure options that allow people to turn them off at build-time if
    We may also want to eventually add checks to ensure that the compiler
    and linker understand these options, but I'll wait until we have some
    evidence that it's needed before I expend the effort.
    Reported-by: Andreas Schneider <asn at>
    Signed-off-by: Jeff Layton <jlayton at>

commit ced19dedc0fa7b36087b8eaeef6a6a9dc76aa55e
Author: Andreas Schneider <asn at>
Date:   Mon Jul 9 22:21:04 2012 -0400

    autoconf: Fix building with autoconf version older than 2.60.
    AC_PROG_SED is only avaliable in recent autoconf versions.
    Use AC_CHECK_PROG instead if AC_PROG_SED is not present.
    Signed-off-by: Andreas Schneider <asn at>

commit 4e264031d0da7d3f2a287337e86b623e814f5c56
Author: Ankit Jain <jankit at>
Date:   Wed Jul 18 06:47:07 2012 -0400

    mount.cifs: Use systemd's mechanism for getting password, if present.
    If systemd is running and /bin/systemd-ask-password if available,
    then use that else fallback on getpass(..).
    And add a --enable-systemd configure option, which defaults to yes.
    Signed-off-by: Ankit Jain <jankit at>

commit 877701f3cc23df3cb2a293c060bdbf05a87bff6a
Author: Luk Claes <luk at>
Date:   Thu Jul 19 09:27:01 2012 -0400

    mount.cifs: Use errno instead of having unknown error
    When access() fails, use errno for a sensible error message.
    Signed-off-by: Luk Claes <luk at>

commit c44d290f3b5f221e7617bdb409bb8e44ceafef3e
Author: Jeff Layton <jlayton at>
Date:   Fri Jul 20 10:30:50 2012 -0400

    cifscreds: add a check and warnings for session keyring problems
    Many distros do not call into pam_keyinit to set up the session keyring
    properly at login time. When cifscreds add is used in such a session,
    the kernel will spawn a new session keyring in which to install the
    credentials. That keyring will then go away once the cifscreds process
    Check for this situation by looking to see if the session and
    user-session keyrings are the same. Throw a warning if so, and add some
    verbiage to the cifscreds manpage that explains the issue. Also, if
    the session keyring can't be queried for any reason, then cause the
    program to error out.
    Acked-by: David Howells <dhowells at>
    Reported-by: Milan Knížek <knizek.confy at>
    Signed-off-by: Jeff Layton <jlayton at>

commit 9449c2ac7419ef45fc08f7d4a654c100ee26fa17
Author: Jeff Layton <jlayton at>
Date:   Thu Jul 26 10:41:24 2012 -0400

    autoconf: set version to 5.6
    Signed-off-by: Jeff Layton <jlayton at>
Version: GnuPG v2.0.18 (GNU/Linux)


More information about the samba-technical mailing list