Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
mount.cifs broken [Solved]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
grooveman
l33t
l33t


Joined: 24 Feb 2003
Posts: 989

PostPosted: Wed Sep 19, 2012 4:49 pm    Post subject: mount.cifs broken [Solved] Reply with quote

Hi,

I have a share from a win7 box on the network that I have been using for years. I upgraded yesterday, and now it is inaccessible to my normal (non-root) user.

here is my entry in my fstab:
Code:
//10.99.99.199/gman            /home/gman/win7 cifs   user,_netdev,noperm,uid=gman,noauto,user=gman,dir_mode=0700,file_mode=0700,credentials=/etc/smbpwds,rsize=130048,wsize=57344 1 2


When trying to mount via the command line:
Code:
mount /home/gman/win7
This program is not installed setuid root -  "user" CIFS mounts not supported.


So, I setuid /sbin/mount.cifs
Code:
chmod 4700 /sbin/mount.cfs

or
Code:
chmod +us /sbin/mount/cifs


Now I get:
Code:
Unable to set current process capabilities: Operation not permitted
error 2 (No such file or directory) opening credential file /etc/smbpwds


I have no idea what the top line means, and I cannot find anything meaningful when I google search it.
The second line is utter bullshit, because /etc/smbpwds is there. I have even tried chmoding it to 666, it doesn't make a difference what the perms are.

Is this a bug, or have they changed mount.cifs again? Is there something I can do to fix this?

Thank you!

G
_________________
To look without without looking within is like looking without without looking at all.


Last edited by grooveman on Tue Dec 04, 2012 4:52 am; edited 1 time in total
Back to top
View user's profile Send private message
grooveman
l33t
l33t


Joined: 24 Feb 2003
Posts: 989

PostPosted: Thu Sep 20, 2012 2:30 am    Post subject: Reply with quote

Upgraded cifs-utils to cifs-utils-5.6-r1, the problem still exists.

Downgraded to cifs-utils-5.4 and the problem disappeared. I cannot find anything on google or on the samba home page about this, so I'm thinking it is a bug...
_________________
To look without without looking within is like looking without without looking at all.
Back to top
View user's profile Send private message
grooveman
l33t
l33t


Joined: 24 Feb 2003
Posts: 989

PostPosted: Thu Sep 20, 2012 2:45 am    Post subject: Reply with quote

Filed Bug:
https://bugs.gentoo.org/show_bug.cgi?id=435570
_________________
To look without without looking within is like looking without without looking at all.
Back to top
View user's profile Send private message
maguire
Tux's lil' helper
Tux's lil' helper


Joined: 27 May 2004
Posts: 95
Location: Longmont, Colorado

PostPosted: Wed Oct 24, 2012 4:33 pm    Post subject: No response? Reply with quote

Thanks for filing the bug (I just ran into the same problem).

Does a bug like this usually go a month without any response or "confirmation"?

Bruce.
_________________
BillyBear: I'm scared Poncho.
Poncho: Bu!!sh!t. You ain't afraid of no man.
BillyBear: There's something out there waiting for us, and it ain't no man. We're all gonna die.
<ominous music>
<enter Hillary Clinton>
;-)
Back to top
View user's profile Send private message
javeree
Apprentice
Apprentice


Joined: 29 Jan 2006
Posts: 286

PostPosted: Wed Oct 24, 2012 6:02 pm    Post subject: Reply with quote

What are your use flag settings ?

I remember having some problems with caps that I could resolve by using the flags

net-fs/cifs-utils -caps caps-ng

(+caps did have a problem)
Back to top
View user's profile Send private message
alex.blackbit
Advocate
Advocate


Joined: 26 Jul 2005
Posts: 2395

PostPosted: Tue Dec 04, 2012 1:25 am    Post subject: Reply with quote

I can confirm that the solution of javeree works.
Back to top
View user's profile Send private message
grooveman
l33t
l33t


Joined: 24 Feb 2003
Posts: 989

PostPosted: Tue Dec 04, 2012 4:51 am    Post subject: Reply with quote

Yes, I have switched as well, makes me wonder why the default is not set that way...
_________________
To look without without looking within is like looking without without looking at all.
Back to top
View user's profile Send private message
Massimo B.
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1208
Location: PB, Germany

PostPosted: Mon Jan 14, 2013 12:21 pm    Post subject: Reply with quote

Using caps-ng instead of caps solved the problem:
Code:
[ebuild  N     ] sys-libs/libcap-ng-0.6.6  USE="-python -static-libs" 359 kB
[ebuild   R   ~] net-fs/cifs-utils-5.8-r1  USE="ads caps-ng* creds -caps* -upcall" 0 kB

But the setuid is still required and not yet done by the latest ebuild:
Code:
$ chmod u+s /sbin/mount.cifs
mode of ‘/sbin/mount.cifs’ changed from 0755 (rwxr-xr-x) to 4755 (rwsr-xr-x)

_________________
ppc:PowerBook5,8 15"(1440)-G4/1.67,2G | amd64:Acer Z5610 (Core2QuadQ8200),i5-3470 | amd64-prefix:OpenSuse | Lila-Theme
Back to top
View user's profile Send private message
grooveman
l33t
l33t


Joined: 24 Feb 2003
Posts: 989

PostPosted: Mon Jan 14, 2013 7:35 pm    Post subject: Reply with quote

Quote:
But the setuid is still required and not yet done by the latest ebuild:
Code:
$ chmod u+s /sbin/mount.cifs
mode of ‘/sbin/mount.cifs’ changed from 0755 (rwxr-xr-x) to 4755 (rwsr-xr-x)


I don't expect that will ever happen, for security reasons. I think you will always have to do this manually.

But I am glad to hear you got it working :)
_________________
To look without without looking within is like looking without without looking at all.
Back to top
View user's profile Send private message
Kobboi
l33t
l33t


Joined: 29 Jul 2005
Posts: 655
Location: Belgium

PostPosted: Wed Mar 20, 2013 10:12 am    Post subject: Reply with quote

Could you explain the security issue? Note that /bin/mount is also setuid by default.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum