Bug 523173 - Setting lower samba security for CIFS does not work anymore
Summary: Setting lower samba security for CIFS does not work anymore
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 11
Hardware: x86_64
OS: Linux
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2009-09-14 11:37 UTC by Panos Kavalagios
Modified: 2009-09-30 08:23 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-09-29 14:34:12 UTC

Attachments (Terms of Use)

Description Panos Kavalagios 2009-09-14 11:37:43 UTC
Description of problem: You cannot set the plain text password flag for mounting samba shares of an old samba server that does not supports password encryption.

Version-Release number of selected component (if applicable): kernel-

How reproducible: Start a 2.6.30 kernel and issue an echo command to alter the security flags of CIFS. It worked fine till 2.6.29.

Steps to Reproduce:
1. echo '0x30' > /proc/fs/cifs/SecurityFlags
Actual results:
echo: write error: Invalid argument
cat /proc/fs/cifs/SecurityFlags

Expected results: "cat /proc/fs/cifs/SecurityFlags" should have reported the new security flags and you should have been able to mount samba shares supporting only plain text passwords (CIFS_WEAK_PW_HASH).

Additional info: A workaround would be to compile an old samba version that supports smbfs. You may also need smbfs support on your kernel, since fedora default kernel does not support smbfs.

Comment 1 Chuck Ebbert 2009-09-15 05:29:46 UTC
If you are only using plaintext, this should work:

 echo '0x20' > /proc/fs/cifs/SecurityFlags

This problem was caused by:

That added ntlmssp support to the flags (0x80) but seems to have inadvertently removed lanman (0x10).

Comment 2 Chuck Ebbert 2009-09-15 05:47:59 UTC
Should be fixed in

Comment 3 Panos Kavalagios 2009-09-15 07:08:02 UTC

  The flag 0x20 is accepted, but my mount attempt returns:

mount error(95): Operation not supported
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

Comment 4 Fedora Update System 2009-09-25 16:02:09 UTC
kernel- has been submitted as an update for Fedora 11.

Comment 5 Fedora Update System 2009-09-29 14:33:24 UTC
kernel- has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 6 Panos Kavalagios 2009-09-30 08:23:15 UTC
Indeed, I've updated my kernel today and it works fine. I can access again old Solaris samba shares using plain text passwords. Thank you very much!

Note You need to log in before you can comment on or make changes to this bug.