From 4523cc3044d1bc7fcf3d7fee75d62bc76b8e1abb Mon Sep 17 00:00:00 2001 From: Steve French Date: Mon, 30 Apr 2007 20:13:06 +0000 Subject: [CIFS] UID/GID override on CIFS mounts to Samba When CIFS Unix Extensions are negotiated we get the Unix uid and gid owners of the file from the server (on the Unix Query Path Info levels), but if the server's uids don't match the client uid's users were having to disable the Unix Extensions (which turned off features they still wanted). The changeset patch allows users to override uid and/or gid for file/directory owner with a default uid and/or gid specified at mount (as is often done when mounting from Linux cifs client to Windows server). This changeset also displays the uid and gid used by default in /proc/mounts (if applicable). Also cleans up code by adding some of the missing spaces after "if" keywords per-kernel style guidelines (as suggested by Randy Dunlap when he reviewed the patch). Signed-off-by: Steve French --- fs/cifs/README | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) (limited to 'fs/cifs/README') diff --git a/fs/cifs/README b/fs/cifs/README index 080c5eba112b..93fe3594274f 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -257,13 +257,19 @@ A partial list of the supported mount options follows: mount. domain Set the SMB/CIFS workgroup name prepended to the username during CIFS session establishment - uid If CIFS Unix extensions are not supported by the server - this overrides the default uid for inodes. For mounts to - servers which do support the CIFS Unix extensions, such - as a properly configured Samba server, the server provides - the uid, gid and mode. For servers which do not support - the Unix extensions, the default uid (and gid) returned on - lookup of existing files is the uid (gid) of the person + uid Set the default uid for inodes. For mounts to servers + which do support the CIFS Unix extensions, such as a + properly configured Samba server, the server provides + the uid, gid and mode so this parameter should not be + specified unless the server and clients uid and gid + numbering differ. If the server and client are in the + same domain (e.g. running winbind or nss_ldap) and + the server supports the Unix Extensions then the uid + and gid can be retrieved from the server (and uid + and gid would not have to be specifed on the mount. + For servers which do not support the CIFS Unix + extensions, the default uid (and gid) returned on lookup + of existing files will be the uid (gid) of the person who executed the mount (root, except when mount.cifs is configured setuid for user mounts) unless the "uid=" (gid) mount option is specified. For the uid (gid) of newly @@ -281,8 +287,7 @@ A partial list of the supported mount options follows: the client. Note that the mount.cifs helper must be at version 1.10 or higher to support specifying the uid (or gid) in non-numberic form. - gid If CIFS Unix extensions are not supported by the server - this overrides the default gid for inodes. + gid Set the default gid for inodes (similar to above). file_mode If CIFS Unix extensions are not supported by the server this overrides the default mode for file inodes. dir_mode If CIFS Unix extensions are not supported by the server -- cgit v1.2.3 From 8426c39c1289765a11fc9b9523212ed368ceebd8 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Sat, 5 May 2007 03:27:49 +0000 Subject: [CIFS] Make sec=none force an anonymous mount We had a customer report that attempting to make CIFS mount with a null username (i.e. doing an anonymous mount) doesn't work. Looking through the code, it looks like CIFS expects a NULL username from userspace in order to trigger an anonymous mount. The mount.cifs code doesn't seem to ever pass a null username to the kernel, however. It looks also like the kernel can take a sec=none option, but it only seems to look at it if the username is already NULL. This seems redundant and effectively makes sec=none useless. The following patch makes sec=none force an anonymous mount. Signed-off-by: Steve French --- fs/cifs/CHANGES | 4 +++- fs/cifs/README | 20 +++++++++++++++++--- fs/cifs/connect.c | 8 ++++---- 3 files changed, 24 insertions(+), 8 deletions(-) (limited to 'fs/cifs/README') diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 62dcf6325861..a9b6bc5157b8 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -6,7 +6,9 @@ handle DNS host to ipv6 name translation). Accept override of uid or gid on mount even when Unix Extensions are negotiated (it used to be ignored when Unix Extensions were ignored). This allows users to override the default uid and gid for files when they are certain that the uids or -gids on the server do not match those of the client. +gids on the server do not match those of the client. Make "sec=none" +mount override username (so that null user connection is attempted) +to match what documentation said. Version 1.48 ------------ diff --git a/fs/cifs/README b/fs/cifs/README index 93fe3594274f..80fcfb82eafd 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -472,7 +472,7 @@ including: -V print mount.cifs version -? display simple usage information -With recent 2.6 kernel versions of modutils, the version of the cifs kernel +With most 2.6 kernel versions of modutils, the version of the cifs kernel module can be displayed via modinfo. Misc /proc/fs/cifs Flags and Debug Info @@ -521,8 +521,22 @@ SecurityFlags Flags which control security negotiation and must use plaintext passwords 0x20020 (reserved for future packet encryption) 0x00040 -cifsFYI If set to one, additional debug information is - logged to the system error log. (default 0) +cifsFYI If set to non-zero value, additional debug information + will be logged to the system error log. This field + contains three flags controlling different classes of + debugging entries. The maximum value it can be set + to is 7 which enables all debugging points (default 0). + Some debugging statements are not compiled into the + cifs kernel unless CONFIG_CIFS_DEBUG2 is enabled in the + kernel configuration. cifsFYI may be set to one or + nore of the following flags (7 sets them all): + + log cifs informational messages 0x01 + log return codes from cifs entry points 0x02 + log slow responses (ie which take longer than one second) + CONFIG_CIFS_STATS2 must be enabled in .config 0x03 + + traceSMB If set to one, debug information is logged to the system error log with the start of smb requests and responses (default 0) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index cf40e245fcf4..216fb625843f 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1721,12 +1721,12 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, return -EINVAL; } - if (volume_info.username) { + if (volume_info.nullauth) { + cFYI(1,("null user")); + volume_info.username = NULL; + } else if (volume_info.username) { /* BB fixme parse for domain name here */ cFYI(1, ("Username: %s ", volume_info.username)); - - } else if (volume_info.nullauth) { - cFYI(1,("null user")); } else { cifserror("No username specified"); /* In userspace mount helper we can get user name from alternate -- cgit v1.2.3 From 0ec54aa8af5e6faa346aa55a1ad15ee6c25bb42d Mon Sep 17 00:00:00 2001 From: Steve French Date: Sat, 5 May 2007 22:08:06 +0000 Subject: [CIFS] Fix typo in cifs readme from previous commit Signed-off-by: Steve French --- fs/cifs/README | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'fs/cifs/README') diff --git a/fs/cifs/README b/fs/cifs/README index 80fcfb82eafd..4d01697722cc 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -533,8 +533,8 @@ cifsFYI If set to non-zero value, additional debug information log cifs informational messages 0x01 log return codes from cifs entry points 0x02 - log slow responses (ie which take longer than one second) - CONFIG_CIFS_STATS2 must be enabled in .config 0x03 + log slow responses (ie which take longer than 1 second) + CONFIG_CIFS_STATS2 must be enabled in .config 0x04 traceSMB If set to one, debug information is logged to the -- cgit v1.2.3