[Samba] Assistance needed on using mount.smbfs (cifs) to authenticate to samba server with encrypt passwords = No.

Günter Kukkukk linux at kukkukk.com
Sat Nov 22 02:27:14 GMT 2008 

Am Freitag, 21. November 2008 schrieb Richard Nelson:
> On Thu, Nov 20, 2008 at 9:51 PM, Günter Kukkukk <linux at kukkukk.com> wrote:
> > Am Mittwoch, 19. November 2008 schrieb Richard Nelson:
> >> Greetings,
> >>
> >> I am working on getting mount.cifs version: 1.11-3.2.4 on debian to
> >> mount a share on a samba server Version 3.0.13-1.1-SUSE on SuSe. This
> >> was working on older debian systems, but upon upgrading some of the
> >> systems to Lenny I am now having trouble mounting shares.  Again, this
> >> was working and I have smbfs installed on the systems (which is what I
> >> used before).
> >>
> >> The samba server is set to have encrypt passwords = No and I am
> >> basically authenticating from /etc/passwd+shadow (no smbpasswd file).
> >> The setup is still working fine on non upgraded systems. Only on the
> >> newly upgraded systems is the mounting not working.
> >>
> >> The kernel on the clients do have CONFIG_CIFS_WEAK_PW_HASH=y
> >>
> >> Below is some dmesg info after running the mount.cifs with various /
> >> proc/fs/cifs/SecurityFlags:
> >> mount.smbfs //172.16.0.8/tech ./mymount -ouser=tech
> >>
> 
> SNIP
> 
> >>
> >> Any thoughts welcome. Many thanks.
> >
> 
> Greetings,
> 
> 
> > I'm not sure whether the following hints will also work with older cifs
> > versions, it worked here with the recent git tree.
> >
> > 1.) use 'modprobe cifs' to load the kernel module
> 
> Yes it is loaded.
> 
> > 2.) use 'echo 0x20 > /proc/fs/cifs/SecurityFlags' (also try 0x27)
> 
> Ok I have output below.
> 
> > 3.) mount by using the "sec=lanman" option,
> >    e.g. mount -t cifs //server/share /mount/point -o cred=/path/to/creds_file,sec=lanman
> >
> 
> With mount -t cifs //172.16.0.8/tech ./mymount -ouser=tech,sec=lanman
> 
> [698499.794951]  fs/cifs/cifs_debug.c: sec flags 0x20
> [698499.794958]  fs/cifs/cifs_debug.c: packet signing disabled
> 
> [698534.544307]  fs/cifs/cifsfs.c: Devname: //172.16.0.8/tech flags: 64
> [698534.544316]  fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 4
> with uid: 0
> [698534.544325]  fs/cifs/connect.c: Username: tech
> [698534.544328]  fs/cifs/connect.c: UNC: \\172.16.0.8\tech ip: 172.16.0.8
> [698534.544339]  fs/cifs/connect.c: Socket created
> [698534.545059]  fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo
> 0x7fffffff
> [698534.545066]  fs/cifs/transport.c: Sending smb of length 68
> [698534.552075]  fs/cifs/connect.c: Existing smb sess not found
> [698534.552088]  fs/cifs/cifssmb.c: secFlags 0x10
> [698534.552093]  fs/cifs/transport.c: For smb_command 114
> [698534.552096]  fs/cifs/transport.c: Sending smb of length 78
> [698534.552325]  fs/cifs/connect.c: Demultiplex PID: 7365
> [698534.552337]  fs/cifs/connect.c: rfc1002 length 0x82000004
> [698534.552339]  fs/cifs/connect.c: Good RFC 1002 session rsp
> [698534.552804]  fs/cifs/connect.c: rfc1002 length 0x55
> [698534.552820]  fs/cifs/cifssmb.c: Dialect: 2
> [698534.552822]  CIFS VFS: Server requests plain text password but
> client support disabled
> [698534.552826]  fs/cifs/cifssmb.c: Signing disabled
> [698534.552828]  fs/cifs/cifssmb.c: negprot rc 0
> [698534.552830]  fs/cifs/connect.c: Security Mode: 0x1 Capabilities:
> 0xe3fd TimeAdjust: 21600
> [698534.552833]  fs/cifs/sess.c: sess setup type 1
> [698534.552838]  fs/cifs/sess.c: Negotiating LANMAN setting up strings
> [698534.552842]  fs/cifs/transport.c: For smb_command 115
> [698534.552845]  fs/cifs/transport.c: Sending smb:  total_len 142
> [698534.558690]  fs/cifs/connect.c: rfc1002 length 0x27
> [698534.558690]  fs/cifs/netmisc.c: Mapping smb error code 5 to POSIX err -13
> [698534.558690]  fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release
> [698534.558690]  fs/cifs/sess.c: ssetup rc from sendrecv2 is -13
> [698534.558690]  fs/cifs/sess.c: ssetup freeing small buf f6e9c740
> [698534.558690]  CIFS VFS: Send error in SessSetup = -13
> [698534.688079]  fs/cifs/connect.c: No session or bad tcon
> [698534.688088]  fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid
> = 4) rc = -13
> [698534.688091]  CIFS VFS: cifs_mount failed w/return code = -13
> 
> 
> 
> And
> 
> [698790.654395]  fs/cifs/cifs_debug.c: sec flags 0x27
> [698790.654395]  fs/cifs/cifs_debug.c: packet signing now required
> 
> [698799.968300]  fs/cifs/cifsfs.c: Devname: //172.16.0.8/tech flags: 64
> [698799.968300]  fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 5
> with uid: 0
> [698799.968300]  fs/cifs/connect.c: Username: tech
> [698799.968300]  fs/cifs/connect.c: UNC: \\172.16.0.8\tech ip: 172.16.0.8
> [698799.968300]  fs/cifs/connect.c: Socket created
> [698799.968603]  fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo
> 0x7fffffff
> [698799.968603]  fs/cifs/transport.c: Sending smb of length 68
> [698799.976084]  fs/cifs/connect.c: Existing smb sess not found
> [698799.976097]  fs/cifs/cifssmb.c: secFlags 0x10
> [698799.976103]  fs/cifs/transport.c: For smb_command 114
> [698799.976106]  fs/cifs/transport.c: Sending smb of length 78
> [698799.976387]  fs/cifs/connect.c: Demultiplex PID: 7371
> [698799.976401]  fs/cifs/connect.c: rfc1002 length 0x82000004
> [698799.976403]  fs/cifs/connect.c: Good RFC 1002 session rsp
> [698799.976786]  fs/cifs/connect.c: rfc1002 length 0x55
> [698799.976802]  fs/cifs/cifssmb.c: Dialect: 2
> [698799.976804]  CIFS VFS: Server requests plain text password but
> client support disabled
> [698799.976808]  fs/cifs/cifssmb.c: Signing disabled
> [698799.976810]  fs/cifs/cifssmb.c: negprot rc 0
> [698799.976813]  fs/cifs/connect.c: Security Mode: 0x1 Capabilities:
> 0xe3fd TimeAdjust: 21600
> [698799.976815]  fs/cifs/sess.c: sess setup type 1
> [698799.976821]  fs/cifs/sess.c: Negotiating LANMAN setting up strings
> [698799.976825]  fs/cifs/transport.c: For smb_command 115
> [698799.976828]  fs/cifs/transport.c: Sending smb:  total_len 142
> [698799.982255]  fs/cifs/connect.c: rfc1002 length 0x27
> [698799.982255]  fs/cifs/netmisc.c: Mapping smb error code 5 to POSIX err -13
> [698799.982255]  fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release
> [698799.982255]  fs/cifs/sess.c: ssetup rc from sendrecv2 is -13
> [698799.982255]  fs/cifs/sess.c: ssetup freeing small buf f6e9c200
> [698799.982255]  CIFS VFS: Send error in SessSetup = -13
> [698800.112083]  fs/cifs/connect.c: No session or bad tcon
> [698800.112091]  fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid
> = 5) rc = -13
> [698800.112094]  CIFS VFS: cifs_mount failed w/return code = -13
> 
> 
> > I had a short look at the recent git cifs sources. The current plaintext auth codepaths
> > seem to be a bit inconsistant and possibly not very well tested. (that auth type is
> > a bit outdated these days ...)
> >
> 
> Yes a bit outdated but still in use by me. :) I think it is supposed
> to work so I am in hopes someone will help out. At worse case I will
> move to a smbpasswd file but I would just assume stay in
> /etc/passwd+shadow.
> 
> > Cheers, Günter
> 
> Many thanks for your reply. Any further ideas would be appreciated.

please post the outcome of 'modinfo cifs', done on a failing client.
Cheers, Günter

More information about the samba mailing list