Description of problem: If you create a Samba or Windows share with "guest ok = yes" you will be able to mount it with smbfs but not cifs. mount -t smbfs //station11.class2/tmp /mnt/tmp Password: <enter> Anonymous login successful behind the scenes smbfs tries to login with username "nobody" then it retries with a null username which works. If you try with cifs you get: mount -t cifs //station11.class2/tmp /mnt -o guest,sec=none mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) According to the Samba bug, the fix is in cifs-2.6.git branch which was merged by Linus on Nov 3rd 2006 (and consequently is in the 2.6.20 kernel release). Please back port this bug fix to the RHEL5 kernel. The patch is here: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b0e0b5f1a22c20c0f127fb9b457136d6c3ca8ed;hp=895663cd92574367054e0eb604a7428852f359b8#patch2
On testing it doesn't appear that patch fixed the problem. But maybe someone else could check. It has been awhile.
Yep, testing this on a F7 host gives me: # mount /mnt/cifspub mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) So it looks like it's still an upstream bug. I suggest we work on fixing this upstream first... Mount options I'm using: guest,domain=EXAMPLE,ro Here's the mount syscall from mount.cifs. It looks like if you don't specify a username you get "root": mount("//dantu.rdu.redhat.com/public", "/mnt/cifspub", "cifs", MS_RDONLY|MS_MANDLOCK, "unc=//dantu.rdu.redhat.com\\public,ip=xxx.yyy.xxx.yyy,user=root,ver=1,ro,noauto,domain=EXAMPLE") = -1 EACCES (Permission denied) I'll have a look at some wire captures and see if I can tell what's happening...
smbclient: 0.015790 172.16.59.138 -> 172.16.57.196 SMB Session Setup AndX Request, NTLMSSP_AUTH, User: EXAMPLE\guest 0.020689 172.16.57.196 -> 172.16.59.138 SMB Session Setup AndX Response, Error: STATUS_LOGON_FAILURE 0.020810 172.16.59.138 -> 172.16.57.196 SMB Session Setup AndX Request, User: anonymous 0.021646 172.16.57.196 -> 172.16.59.138 SMB Session Setup AndX Response CIFS client mount: 0.012033 172.16.59.138 -> 172.16.57.196 SMB Session Setup AndX Request, User: EXAMPLE\guest 0.012471 172.16.57.196 -> 172.16.59.138 SMB Session Setup AndX Response, Error: STATUS_LOGON_FAILURE So smbclient tries to log in as user "EXAMPLE\guest" and fails and then retries with user "anonymous". CIFS tries to just log in as EXAMPLE\guest and then gives up. There also seem to be some differences in the session setup packet (NTLMSSP_AUTH), but I'm not sure if that's significant.
Created attachment 154058 [details] proposed patch -- make sec=none force an anonymous mount This is the proposed patch I've sent upstream. It makes sec=none override the username passed from mount.cifs and force an anonymous mount. Awaiting feedback from upstream at this point...
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
I'm planning a large update for 5.1 so closing this as a duplicate of that tracker bug. *** This bug has been marked as a duplicate of 238597 ***
(In reply to comment #4) > Created an attachment (id=154058) [edit] > proposed patch -- make sec=none force an anonymous mount > > This is the proposed patch I've sent upstream. It makes sec=none override the > username passed from mount.cifs and force an anonymous mount. Awaiting feedback > from upstream at this point... Did you get any feedback from upstream?
Yes. The patch was incorporated into Steve French's CIFS git tree, so I think it'll go in as is.