[Samba] What in samba 4.1 prevents a '/' share?

L.P.H. van Belle belle at bazuin.nl
Mon Jan 6 01:27:03 MST 2014


ok, try the following. 

mount like this : 
sudo mount -t cifs //netbios-servername/my-share /media/mount-point -o credentials=/root/.smbcredentials,iocharset=utf8,file_mode=0777,dir_mode=0777,sec=ntlmssp  

edit my /root/.smbcredentials to:
username=my-user
password=my-password
domain=my-domain

set rights on the file
sudo chmod 400 /root/.smbcredentials 


Look at the last option of the mount line.. 
people report sucess with  sec=ntlmssp  and  sec=ntlmv2 

if above does'nt work, i suggest try a 3.2 kernel. 
then im out of options. 

Gr. 

Louis




>-----Oorspronkelijk bericht-----
>Van: drankinatty at suddenlinkmail.com 
>[mailto:samba-bounces at lists.samba.org] Namens David C. Rankin
>Verzonden: maandag 6 januari 2014 3:34
>Aan: samba
>Onderwerp: Re: [Samba] What in samba 4.1 prevents a '/' share?
>
>On 01/02/2014 03:11 AM, L.P.H. van Belle wrote:
>> ow and what i just found.  ( yes your on arch linux, but ) 
>> here is some good info you can try also. 
>> https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1113395 
>> 
>> read #12 and #13 
>> 
>> Greetz, 
>> 
>> Louis
>
>Louis,
>
>  Thank you again. When I first saw your post here I thought 
>"He did it! He
>found the answer!", but I think there must be more to it. This 
>does look like we
>are on the right track though. Another part of the problem is 
>the kernel (see:
>#15 in 
>https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1113395)
>Apparently, Linux 3.8 dropped support for ntlm. But the tests 
>with sec=ntlmv2
>should have gotten around that... Also, the 3.3.6 boxes are 
>all kernel <3.8 so
>ntlm still worked fine. On the server that is giving us issues we have:
>
>[19:45 phoinix:/home/david] # uname -r
>3.12.6-1-ARCH
>
>  I have tried the traditional value of 0x7 for 
>/proc/fs/cifs/SecurityFlags, but
>it makes no difference with not being able to mount my '/' share:
>
>[19:34 phoinix:/home/david] # echo 0x7 >/proc/fs/cifs/SecurityFlags
>[19:36 phoinix:/home/david] # cat /proc/fs/cifs/SecurityFlags
>0x7
>
>  Then on my 3.3.6 box (/proc/fs/cifs/SecurityFlags doesn't 
>exist), I tried
>mounting normally:
>
>19:36 providence:~> sudo mount.cifs //phoinix/config /mnt/phx-cfg/ -o
>username=david,uid=1000,credentials=/home/david/.dcr/mountcfile,noperm
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>19:37 providence:~> sudo mount.cifs //phoinix/config /mnt/phx-cfg -o
>username=david,uid=1000,credentials=/home/david/.dcr/mountcfile
,noperm,sec=ntlmv2
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>19:40 providence:~> sudo mount -t cifs //phoinix/config /mnt/phx-cfg -o
>username=david,sec=ntlmv2
>Password for david@//phoinix/config:
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>19:41 providence:~> sudo mount -t cifs //phoinix/config /mnt/phx-cfg -o
>username="RLFPLLC\david",sec=ntlmv2
>Password for david@//phoinix/config:
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>
>  In your last thread about whether 'smbpasswd -e' or 
>'smbpasswd -a' was used,
>you noted the password prompt contained an '@' when not using 
>a credentials= file:
>
>Password for david@//phoinix/config:
>
>  That is something I cannot explain -- but I do not think it 
>is the issue:
>
>19:50 providence:~> sudo umount /mnt/phx-david
>19:51 providence:~> sudo mount -t cifs //phoinix/david 
>/mnt/phx-david -o
>username=david
>Password for david@//phoinix/david:
>
>  It all worked just fine. The problem is still limited to the 
>'/' share.
>Checking what mount reports for the shares successfully 
>mounted, I don't see
>anything out of the ordinary. Maybe you do?
>
>19:54 providence:~> mount
><snip>
>//phoinix/samba on /mnt/phx type cifs
>(rw,relatime,vers=1.0,sec=ntlm,cache=loose,unc=\\phoinix\samba,
username=david,uid=1000,forceuid,gid=0,noforcegid,
>addr=192.168.7.16,unix,posixpaths,serverino,acl,noperm,
>rsize=1048576,wsize=65536,actimeo=1)
>//phoinix/david on /mnt/phx-david type cifs
>(rw,relatime,vers=1.0,sec=ntlm,cache=loose,unc=\\phoinix\david,
username=david,uid=1000,forceuid,gid=0,noforcegid,
>addr=192.168.7.16,unix,posixpaths,serverino,acl,noperm,
>rsize=1048576,wsize=65536,actimeo=1)
>
>  Does there appear to be anything in the way the working 
>shares get mounted
>that might indicate why the '/' share is being blocked? (just 
>a thought)
>
>  I did a test on the server phoinix (smbd 4.1.3) to see what 
>security mechanism
>it was reporting instead of "..sec=ntlm,cache=loose.." as 
>reported on the kernel
><3.8 boxes. Mounting the '/' share from a 3.3.6 box 'mount' 
>reported no security
>information at all:
>
>//providence/config on /mnt/pv-cfg type cifs
>(rw,relatime,vers=1.0,cache=strict,username=david,domain=WORKGROUP,
>uid=1000,forceuid,gid=0,noforcegid,addr=192.168.7.124,unix,posixpaths,
>serverino,acl,noperm,rsize=1048576,wsize=65536,actimeo=1)
>
>  It does however report ..cache=strict,..,domain=WORKGROUP, I 
>guess as a result
>of being in standalone configuration. I'm not sure that makes 
>any difference
>though...
>
>  So I'm back to square 1. I had high hopes that 'echo 0x7
>>/proc/fs/cifs/SecurityFlags' would fix the issue, but it 
>would seem -- more
>learning is needed. What other ideas do you have? Does the 
>smbpasswd -a instead
>of -e make any difference?
>
>  Thank you again for your help!
>
>-- 
>David C. Rankin, J.D.,P.E.
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>



More information about the samba mailing list