Bug 227973 - cifs does not allow null user names
cifs does not allow null user names
Status: CLOSED DUPLICATE of bug 238597
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jeff Layton
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-02-09 03:24 EST by Dax Kelson
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-09 09:42:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
proposed patch -- make sec=none force an anonymous mount (685 bytes, patch)
2007-05-03 14:35 EDT, Jeff Layton
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Samba Project 4039 None None None Never

  None (edit)
Description Dax Kelson 2007-02-09 03:24:22 EST
Description of problem:

If you create a Samba or Windows share with "guest ok = yes" you will be able to
mount it with smbfs but not cifs.

mount -t smbfs //station11.class2/tmp /mnt/tmp
Password: <enter>
Anonymous login successful

behind the scenes smbfs tries to login with username "nobody" then it retries
with a null username which works.

If you try with cifs you get:

mount -t cifs //station11.class2/tmp /mnt -o guest,sec=none
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

According to the Samba bug, the fix is in cifs-2.6.git branch which was merged
by Linus on Nov 3rd 2006 (and consequently is in the 2.6.20 kernel release).

Please back port this bug fix to the RHEL5 kernel.

The patch is here:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b0e0b5f1a22c20c0f127fb9b457136d6c3ca8ed;hp=895663cd92574367054e0eb604a7428852f359b8#patch2
Comment 1 Dax Kelson 2007-04-26 17:46:00 EDT
On testing it doesn't appear that patch fixed the problem. But maybe someone
else could check. It has been awhile.
Comment 2 Jeff Layton 2007-04-27 08:54:33 EDT
Yep, testing this on a F7 host gives me:

# mount /mnt/cifspub
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

So it looks like it's still an upstream bug. I suggest we work on fixing this
upstream first...

Mount options I'm using:

guest,domain=EXAMPLE,ro

Here's the mount syscall from mount.cifs. It looks like if you don't specify a
username you get "root":

mount("//dantu.rdu.redhat.com/public", "/mnt/cifspub", "cifs",
MS_RDONLY|MS_MANDLOCK,
"unc=//dantu.rdu.redhat.com\\public,ip=xxx.yyy.xxx.yyy,user=root,ver=1,ro,noauto,domain=EXAMPLE")
= -1 EACCES (Permission denied)

I'll have a look at some wire captures and see if I can tell what's happening...
Comment 3 Jeff Layton 2007-04-27 09:52:31 EDT
smbclient:

  0.015790 172.16.59.138 -> 172.16.57.196 SMB Session Setup AndX Request,
NTLMSSP_AUTH, User: EXAMPLE\guest
  0.020689 172.16.57.196 -> 172.16.59.138 SMB Session Setup AndX Response,
Error: STATUS_LOGON_FAILURE
  0.020810 172.16.59.138 -> 172.16.57.196 SMB Session Setup AndX Request, User:
anonymous
  0.021646 172.16.57.196 -> 172.16.59.138 SMB Session Setup AndX Response

CIFS client mount:

  0.012033 172.16.59.138 -> 172.16.57.196 SMB Session Setup AndX Request, User:
EXAMPLE\guest
  0.012471 172.16.57.196 -> 172.16.59.138 SMB Session Setup AndX Response,
Error: STATUS_LOGON_FAILURE

So smbclient tries to log in as user "EXAMPLE\guest" and fails and then retries
with user "anonymous". CIFS tries to just log in as EXAMPLE\guest and then gives up.

There also seem to be some differences in the session setup packet
(NTLMSSP_AUTH), but I'm not sure if that's significant.
Comment 4 Jeff Layton 2007-05-03 14:35:38 EDT
Created attachment 154058 [details]
proposed patch -- make sec=none force an anonymous mount

This is the proposed patch I've sent upstream. It makes sec=none override the
username passed from mount.cifs and force an anonymous mount. Awaiting feedback
from upstream at this point...
Comment 7 RHEL Product and Program Management 2007-05-07 07:44:02 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 9 Jeff Layton 2007-05-09 09:42:20 EDT
I'm planning a large update for 5.1 so closing this as a duplicate of that
tracker bug.


*** This bug has been marked as a duplicate of 238597 ***
Comment 10 Dax Kelson 2007-05-09 10:26:34 EDT
(In reply to comment #4)
> Created an attachment (id=154058) [edit]
> proposed patch -- make sec=none force an anonymous mount
> 
> This is the proposed patch I've sent upstream. It makes sec=none override the
> username passed from mount.cifs and force an anonymous mount. Awaiting feedback
> from upstream at this point...

Did you get any feedback from upstream?
Comment 11 Jeff Layton 2007-05-09 10:37:16 EDT
Yes. The patch was incorporated into Steve French's CIFS git tree, so I think
it'll go in as is.

Note You need to log in before you can comment on or make changes to this bug.