[Samba] Different behavior when client uses "sec=none" and when provides bad user (mapped to guest)
Carlos Alberto Balseiro Mayi
balseiro at balseiro.org.es
Sat Jan 18 11:40:19 UTC 2025
Thanks a lot for your analysis. I just wanted to add that I think we are
not using at all? The client is an embedded Linux/FPGA machine and it
doesn't have mount.cifs . I think it is using
https://wiki.samba.org/index.php/LinuxCIFSKernel . It comes default with
kernel 5.15 but I tried with a 6.10 and same problem happens.
Best Regards,
Carlos A. Balseiro
El 2025-01-18 11:32, Rowland Penny via samba escribió:
> On Sat, 18 Jan 2025 11:04:21 +0100
> Carlos Alberto Balseiro Mayi via samba <samba at lists.samba.org> wrote:
>
>> mount -t cifs //192.168.1.4/descargas/MiSTer /media/fat/cifs -o
>> username=badusertest
>
> When you run the above command (by the way, mount.cifs has nothing to
> do with Samba), the mount command sends the user 'badusertest' and as
> that user does not exist, Samba maps it the 'guest' user and allows
> access to the 'descargas' share because you have 'map to guest = Bad
> User' in global and 'guest ok = Yes' in the share.
>
>> mount -t cifs //192.168.1.4/descargas/MiSTer /media/fat/cifs -o
>> sec=none
>
> When you send 'sec=none', no username is sent, now I do not know what
> is doing it (it could be the mount program, Samba or something Truenas
> has added), but something is using the username 'nobody' and that name
> does exist and so it isn't getting mapped to the guest user (even
> though it is the 'guest' user) and is denied access.
>
> I do not know how long this has been going on (I personally have never
> used 'sec=none') and, if it is a bug, I have no idea what needs fixing,
> Samba, cifs-utils or Truenas.
>
> Rowland
More information about the samba
mailing list