[Samba] all connections closed if user gives wrong pwd (#long posting inside)

Thomas Anglmaier ta at peek-a-boo.at
Wed Jun 3 10:29:29 GMT 2009 

Hi list,

i have a problem mounting shares on a single client with diffrent usernames. if any user on the client gives a wrong password all existing cifs mounts are closed by the server.

Since this problem occured in a productive environment i set up a testing env and tried to keep it as easy as can be:

Servername: serverA
Servicename1: home1
Servicename2: home2

Clientname: clientA

Username1: tom
Username2: max

Linux Distribution (Server+Client): Red Hat Enterprise Linux Server release 5.3 (Tikanga)
Kernel (Server+Client): 2.6.18-128.1.10.el5 (also tested on: 2.6.26-2 and 2.6.18-92.1.18.el5)
Samba version: 3.0.33-3.7.el5 (also tested on: 3.2.5)
cifs module version: 1.54RH (also tested on: 1.53 and 1.50cRH)

I can reproduce this issue on Debian, SuSE and Redhat Linux. (these are the ones i've tested)


Here is what the users do:

.) ssh root at clientA
.) mount -t cifs -o user=tom //serverA/home1 /mnt/1/
        #users gives correct password and "home1" gets mounted just fine
.) mount -t cifs -o user=max //tofo1/home2 /mnt/2
        #user gives correct password and "home2" gets mounted just fine
        #but if user "max" gives a wrong password all existing connections are closed by the server


screendump of the above sequence:
###############################################
[root at clientA ~]# df -ha
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1             7.6G  2.4G  4.8G  34% /
proc                     0     0     0   -  /proc
sysfs                    0     0     0   -  /sys
devpts                   0     0     0   -  /dev/pts
tmpfs                 125M     0  125M   0% /dev/shm
none                     0     0     0   -  /proc/sys/fs/binfmt_misc
sunrpc                   0     0     0   -  /var/lib/nfs/rpc_pipefs

[root at clientA ~]#  mount -t cifs -o user=tom //serverA/home1 /mnt/1/
Password:       #correct password given

[root at clientA ~]# df -ha
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1             7.6G  2.4G  4.8G  34% /
proc                     0     0     0   -  /proc
sysfs                    0     0     0   -  /sys
devpts                   0     0     0   -  /dev/pts
tmpfs                 125M     0  125M   0% /dev/shm
none                     0     0     0   -  /proc/sys/fs/binfmt_misc
sunrpc                   0     0     0   -  /var/lib/nfs/rpc_pipefs
//serverA/home1         7.6G  2.5G  4.8G  35% /mnt/1

root at clientA ~]#  mount -t cifs -o user=max //serverA/home2 /mnt/2
Password:       #wrong password given
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

[root at clientA ~]# df -ha
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1             7.6G  2.4G  4.8G  34% /
proc                     0     0     0   -  /proc
sysfs                    0     0     0   -  /sys
devpts                   0     0     0   -  /dev/pts
tmpfs                 125M     0  125M   0% /dev/shm
none                     0     0     0   -  /proc/sys/fs/binfmt_misc
sunrpc                   0     0     0   -  /var/lib/nfs/rpc_pipefs
//serverA/home1         0.0K  0.0K  0.0K   -  /mnt/1

[root at clientA ~]# stat /mnt/1
stat: cannot stat `/mnt/1': Input/output error
[root at clientA ~]#
#####################################################

#/etc/samba/smb.conf
[global]
        workgroup = MYGROUP
        server string = Samba Server Version %v
        log file = /var/log/samba/tst.log
        log level = 3
        security = user
        passdb backend = tdbsam
[home1]
        comment = Public Stuff
        path = /home/1
        write list = tom max hugo
        browsable = yes
        [home2]
        comment = Public Stuff
        path = /home/2
        write list = tom max hugo
        browsable = yes


#/var/log/samba/tst.log
[2009/06/03 14:37:02, 2] auth/auth.c:check_ntlm_password(319)
  check_ntlm_password:  Authentication for user [max] -> [max] FAILED with error NT_STATUS_WRONG_PASSWORD
[2009/06/03 14:37:02, 3] smbd/error.c:error_packet_set(106)
  error packet at smbd/sesssetup.c(1501) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
[2009/06/03 14:37:02, 3] smbd/process.c:timeout_processing(1329)
  timeout_processing: End of file from client (client has disconnected).
[2009/06/03 14:37:02, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/06/03 14:37:02, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/06/03 14:37:02, 1] smbd/service.c:close_cnum(1230)
  192.168.0.21 (192.168.0.21) closed connection to service home1
[2009/06/03 14:37:02, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to home1
[2009/06/03 14:37:02, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/06/03 14:37:02, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2009/06/03 14:37:02, 3] smbd/server.c:exit_server_common(768)




For me this looks like as smb closes the connection to home1 "gracefully". As it would be usual behaviour.
I am really stuck on this issue since i've allready tried everything that hops to my mind.

Hopefully someone can point me in the right direction or has had a similar problem.

Please bear with my english. It's not my mother tongue.

Thanks in advance
Thomas

More information about the samba mailing list