[Samba] Assistance needed on using mount.smbfs (cifs) to
authenticate to samba server with encrypt passwords = No.
Günter Kukkukk
linux at kukkukk.com
Sat Nov 22 02:27:14 GMT 2008
Am Freitag, 21. November 2008 schrieb Richard Nelson:
> On Thu, Nov 20, 2008 at 9:51 PM, Günter Kukkukk <linux at kukkukk.com> wrote:
> > Am Mittwoch, 19. November 2008 schrieb Richard Nelson:
> >> Greetings,
> >>
> >> I am working on getting mount.cifs version: 1.11-3.2.4 on debian to
> >> mount a share on a samba server Version 3.0.13-1.1-SUSE on SuSe. This
> >> was working on older debian systems, but upon upgrading some of the
> >> systems to Lenny I am now having trouble mounting shares. Again, this
> >> was working and I have smbfs installed on the systems (which is what I
> >> used before).
> >>
> >> The samba server is set to have encrypt passwords = No and I am
> >> basically authenticating from /etc/passwd+shadow (no smbpasswd file).
> >> The setup is still working fine on non upgraded systems. Only on the
> >> newly upgraded systems is the mounting not working.
> >>
> >> The kernel on the clients do have CONFIG_CIFS_WEAK_PW_HASH=y
> >>
> >> Below is some dmesg info after running the mount.cifs with various /
> >> proc/fs/cifs/SecurityFlags:
> >> mount.smbfs //172.16.0.8/tech ./mymount -ouser=tech
> >>
>
> SNIP
>
> >>
> >> Any thoughts welcome. Many thanks.
> >
>
> Greetings,
>
>
> > I'm not sure whether the following hints will also work with older cifs
> > versions, it worked here with the recent git tree.
> >
> > 1.) use 'modprobe cifs' to load the kernel module
>
> Yes it is loaded.
>
> > 2.) use 'echo 0x20 > /proc/fs/cifs/SecurityFlags' (also try 0x27)
>
> Ok I have output below.
>
> > 3.) mount by using the "sec=lanman" option,
> > e.g. mount -t cifs //server/share /mount/point -o cred=/path/to/creds_file,sec=lanman
> >
>
> With mount -t cifs //172.16.0.8/tech ./mymount -ouser=tech,sec=lanman
>
> [698499.794951] fs/cifs/cifs_debug.c: sec flags 0x20
> [698499.794958] fs/cifs/cifs_debug.c: packet signing disabled
>
> [698534.544307] fs/cifs/cifsfs.c: Devname: //172.16.0.8/tech flags: 64
> [698534.544316] fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 4
> with uid: 0
> [698534.544325] fs/cifs/connect.c: Username: tech
> [698534.544328] fs/cifs/connect.c: UNC: \\172.16.0.8\tech ip: 172.16.0.8
> [698534.544339] fs/cifs/connect.c: Socket created
> [698534.545059] fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo
> 0x7fffffff
> [698534.545066] fs/cifs/transport.c: Sending smb of length 68
> [698534.552075] fs/cifs/connect.c: Existing smb sess not found
> [698534.552088] fs/cifs/cifssmb.c: secFlags 0x10
> [698534.552093] fs/cifs/transport.c: For smb_command 114
> [698534.552096] fs/cifs/transport.c: Sending smb of length 78
> [698534.552325] fs/cifs/connect.c: Demultiplex PID: 7365
> [698534.552337] fs/cifs/connect.c: rfc1002 length 0x82000004
> [698534.552339] fs/cifs/connect.c: Good RFC 1002 session rsp
> [698534.552804] fs/cifs/connect.c: rfc1002 length 0x55
> [698534.552820] fs/cifs/cifssmb.c: Dialect: 2
> [698534.552822] CIFS VFS: Server requests plain text password but
> client support disabled
> [698534.552826] fs/cifs/cifssmb.c: Signing disabled
> [698534.552828] fs/cifs/cifssmb.c: negprot rc 0
> [698534.552830] fs/cifs/connect.c: Security Mode: 0x1 Capabilities:
> 0xe3fd TimeAdjust: 21600
> [698534.552833] fs/cifs/sess.c: sess setup type 1
> [698534.552838] fs/cifs/sess.c: Negotiating LANMAN setting up strings
> [698534.552842] fs/cifs/transport.c: For smb_command 115
> [698534.552845] fs/cifs/transport.c: Sending smb: total_len 142
> [698534.558690] fs/cifs/connect.c: rfc1002 length 0x27
> [698534.558690] fs/cifs/netmisc.c: Mapping smb error code 5 to POSIX err -13
> [698534.558690] fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release
> [698534.558690] fs/cifs/sess.c: ssetup rc from sendrecv2 is -13
> [698534.558690] fs/cifs/sess.c: ssetup freeing small buf f6e9c740
> [698534.558690] CIFS VFS: Send error in SessSetup = -13
> [698534.688079] fs/cifs/connect.c: No session or bad tcon
> [698534.688088] fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid
> = 4) rc = -13
> [698534.688091] CIFS VFS: cifs_mount failed w/return code = -13
>
>
>
> And
>
> [698790.654395] fs/cifs/cifs_debug.c: sec flags 0x27
> [698790.654395] fs/cifs/cifs_debug.c: packet signing now required
>
> [698799.968300] fs/cifs/cifsfs.c: Devname: //172.16.0.8/tech flags: 64
> [698799.968300] fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 5
> with uid: 0
> [698799.968300] fs/cifs/connect.c: Username: tech
> [698799.968300] fs/cifs/connect.c: UNC: \\172.16.0.8\tech ip: 172.16.0.8
> [698799.968300] fs/cifs/connect.c: Socket created
> [698799.968603] fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo
> 0x7fffffff
> [698799.968603] fs/cifs/transport.c: Sending smb of length 68
> [698799.976084] fs/cifs/connect.c: Existing smb sess not found
> [698799.976097] fs/cifs/cifssmb.c: secFlags 0x10
> [698799.976103] fs/cifs/transport.c: For smb_command 114
> [698799.976106] fs/cifs/transport.c: Sending smb of length 78
> [698799.976387] fs/cifs/connect.c: Demultiplex PID: 7371
> [698799.976401] fs/cifs/connect.c: rfc1002 length 0x82000004
> [698799.976403] fs/cifs/connect.c: Good RFC 1002 session rsp
> [698799.976786] fs/cifs/connect.c: rfc1002 length 0x55
> [698799.976802] fs/cifs/cifssmb.c: Dialect: 2
> [698799.976804] CIFS VFS: Server requests plain text password but
> client support disabled
> [698799.976808] fs/cifs/cifssmb.c: Signing disabled
> [698799.976810] fs/cifs/cifssmb.c: negprot rc 0
> [698799.976813] fs/cifs/connect.c: Security Mode: 0x1 Capabilities:
> 0xe3fd TimeAdjust: 21600
> [698799.976815] fs/cifs/sess.c: sess setup type 1
> [698799.976821] fs/cifs/sess.c: Negotiating LANMAN setting up strings
> [698799.976825] fs/cifs/transport.c: For smb_command 115
> [698799.976828] fs/cifs/transport.c: Sending smb: total_len 142
> [698799.982255] fs/cifs/connect.c: rfc1002 length 0x27
> [698799.982255] fs/cifs/netmisc.c: Mapping smb error code 5 to POSIX err -13
> [698799.982255] fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release
> [698799.982255] fs/cifs/sess.c: ssetup rc from sendrecv2 is -13
> [698799.982255] fs/cifs/sess.c: ssetup freeing small buf f6e9c200
> [698799.982255] CIFS VFS: Send error in SessSetup = -13
> [698800.112083] fs/cifs/connect.c: No session or bad tcon
> [698800.112091] fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid
> = 5) rc = -13
> [698800.112094] CIFS VFS: cifs_mount failed w/return code = -13
>
>
> > I had a short look at the recent git cifs sources. The current plaintext auth codepaths
> > seem to be a bit inconsistant and possibly not very well tested. (that auth type is
> > a bit outdated these days ...)
> >
>
> Yes a bit outdated but still in use by me. :) I think it is supposed
> to work so I am in hopes someone will help out. At worse case I will
> move to a smbpasswd file but I would just assume stay in
> /etc/passwd+shadow.
>
> > Cheers, Günter
>
> Many thanks for your reply. Any further ideas would be appreciated.
please post the outcome of 'modinfo cifs', done on a failing client.
Cheers, Günter
More information about the samba
mailing list