[Samba] What in samba 4.1 prevents a '/' share?
L.P.H. van Belle
belle at bazuin.nl
Mon Jan 6 01:27:03 MST 2014
ok, try the following.
mount like this :
sudo mount -t cifs //netbios-servername/my-share /media/mount-point -o credentials=/root/.smbcredentials,iocharset=utf8,file_mode=0777,dir_mode=0777,sec=ntlmssp
edit my /root/.smbcredentials to:
username=my-user
password=my-password
domain=my-domain
set rights on the file
sudo chmod 400 /root/.smbcredentials
Look at the last option of the mount line..
people report sucess with sec=ntlmssp and sec=ntlmv2
if above does'nt work, i suggest try a 3.2 kernel.
then im out of options.
Gr.
Louis
>-----Oorspronkelijk bericht-----
>Van: drankinatty at suddenlinkmail.com
>[mailto:samba-bounces at lists.samba.org] Namens David C. Rankin
>Verzonden: maandag 6 januari 2014 3:34
>Aan: samba
>Onderwerp: Re: [Samba] What in samba 4.1 prevents a '/' share?
>
>On 01/02/2014 03:11 AM, L.P.H. van Belle wrote:
>> ow and what i just found. ( yes your on arch linux, but )
>> here is some good info you can try also.
>> https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1113395
>>
>> read #12 and #13
>>
>> Greetz,
>>
>> Louis
>
>Louis,
>
> Thank you again. When I first saw your post here I thought
>"He did it! He
>found the answer!", but I think there must be more to it. This
>does look like we
>are on the right track though. Another part of the problem is
>the kernel (see:
>#15 in
>https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1113395)
>Apparently, Linux 3.8 dropped support for ntlm. But the tests
>with sec=ntlmv2
>should have gotten around that... Also, the 3.3.6 boxes are
>all kernel <3.8 so
>ntlm still worked fine. On the server that is giving us issues we have:
>
>[19:45 phoinix:/home/david] # uname -r
>3.12.6-1-ARCH
>
> I have tried the traditional value of 0x7 for
>/proc/fs/cifs/SecurityFlags, but
>it makes no difference with not being able to mount my '/' share:
>
>[19:34 phoinix:/home/david] # echo 0x7 >/proc/fs/cifs/SecurityFlags
>[19:36 phoinix:/home/david] # cat /proc/fs/cifs/SecurityFlags
>0x7
>
> Then on my 3.3.6 box (/proc/fs/cifs/SecurityFlags doesn't
>exist), I tried
>mounting normally:
>
>19:36 providence:~> sudo mount.cifs //phoinix/config /mnt/phx-cfg/ -o
>username=david,uid=1000,credentials=/home/david/.dcr/mountcfile,noperm
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>19:37 providence:~> sudo mount.cifs //phoinix/config /mnt/phx-cfg -o
>username=david,uid=1000,credentials=/home/david/.dcr/mountcfile
,noperm,sec=ntlmv2
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>19:40 providence:~> sudo mount -t cifs //phoinix/config /mnt/phx-cfg -o
>username=david,sec=ntlmv2
>Password for david@//phoinix/config:
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>19:41 providence:~> sudo mount -t cifs //phoinix/config /mnt/phx-cfg -o
>username="RLFPLLC\david",sec=ntlmv2
>Password for david@//phoinix/config:
>mount error(13): Permission denied
>Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>
> In your last thread about whether 'smbpasswd -e' or
>'smbpasswd -a' was used,
>you noted the password prompt contained an '@' when not using
>a credentials= file:
>
>Password for david@//phoinix/config:
>
> That is something I cannot explain -- but I do not think it
>is the issue:
>
>19:50 providence:~> sudo umount /mnt/phx-david
>19:51 providence:~> sudo mount -t cifs //phoinix/david
>/mnt/phx-david -o
>username=david
>Password for david@//phoinix/david:
>
> It all worked just fine. The problem is still limited to the
>'/' share.
>Checking what mount reports for the shares successfully
>mounted, I don't see
>anything out of the ordinary. Maybe you do?
>
>19:54 providence:~> mount
><snip>
>//phoinix/samba on /mnt/phx type cifs
>(rw,relatime,vers=1.0,sec=ntlm,cache=loose,unc=\\phoinix\samba,
username=david,uid=1000,forceuid,gid=0,noforcegid,
>addr=192.168.7.16,unix,posixpaths,serverino,acl,noperm,
>rsize=1048576,wsize=65536,actimeo=1)
>//phoinix/david on /mnt/phx-david type cifs
>(rw,relatime,vers=1.0,sec=ntlm,cache=loose,unc=\\phoinix\david,
username=david,uid=1000,forceuid,gid=0,noforcegid,
>addr=192.168.7.16,unix,posixpaths,serverino,acl,noperm,
>rsize=1048576,wsize=65536,actimeo=1)
>
> Does there appear to be anything in the way the working
>shares get mounted
>that might indicate why the '/' share is being blocked? (just
>a thought)
>
> I did a test on the server phoinix (smbd 4.1.3) to see what
>security mechanism
>it was reporting instead of "..sec=ntlm,cache=loose.." as
>reported on the kernel
><3.8 boxes. Mounting the '/' share from a 3.3.6 box 'mount'
>reported no security
>information at all:
>
>//providence/config on /mnt/pv-cfg type cifs
>(rw,relatime,vers=1.0,cache=strict,username=david,domain=WORKGROUP,
>uid=1000,forceuid,gid=0,noforcegid,addr=192.168.7.124,unix,posixpaths,
>serverino,acl,noperm,rsize=1048576,wsize=65536,actimeo=1)
>
> It does however report ..cache=strict,..,domain=WORKGROUP, I
>guess as a result
>of being in standalone configuration. I'm not sure that makes
>any difference
>though...
>
> So I'm back to square 1. I had high hopes that 'echo 0x7
>>/proc/fs/cifs/SecurityFlags' would fix the issue, but it
>would seem -- more
>learning is needed. What other ideas do you have? Does the
>smbpasswd -a instead
>of -e make any difference?
>
> Thank you again for your help!
>
>--
>David C. Rankin, J.D.,P.E.
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list