setuids mount option broke
in [Samba]
|
Prev: [Samba] setuids mount option broke
Next: [Samba] ARGH... once again samba causes "permission" errors.
From: Muqtadir Kamal on 29 May 2010 03:40 hi i am newly in linux i am using Centos 5.5, I need help to create LDAP+Samba for windows clients, if any buddy have good stuff please send it to smkamal2001(a)gmail.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Scott Lovenberg on 29 May 2010 08:20 On Sat, May 29, 2010 at 8:11 AM, Scott Lovenberg <scott.lovenberg(a)gmail.com>wrote: > >> The client code has been moved out of the samba package recently. In the > current release of the client (the client is now released separately from > the samba suite, but the two aren't in sync yet) the setuid functionality is > deprecated (but can still be enabled at compile time). At the moment the > option is being called 'legacy'; I don't know if the functionality is being > dropped or upgraded/redesigned, though. > > Sorry, I should have been more clear about this. I'm referring to the mount.cifs (cifs-utils) part of the client, not the whole samba client. -- Peace and Blessings, -Scott. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Derek Simkowiak on 29 May 2010 16:10
> /Does it work if you change 'setuids' to 'suid'?/ No. Using "suid", the behavior is identical as "setuids". I was hoping to use either Samba over SSH, or else sshfs (Fuse), for mounting these remote home dirs using SSH. But Samba's "setuids" option is broke, and sshfs doesn't even have that option. Thus, I was forced to set up an OpenVPN server and mount the homes with NFS over OpenVPN. NFS sucks, and I hope the setuids option comes back. Getting offtopic, but for the archives: I had to use the NFS mount options "soft,udp,retrans=0" so that I could log in if the VPN went down. With those options, there's only a ~4 second delay before the NFS gives up with an error. If you leave set it to "tcp", your SSH shell will lock up for 5 minutes (when you log in and it tries to read ~/.bashrc), another 5 minutes if you accidentally type "ls", and another 5 minutes if you hit [TAB] and it tries to do command-line completion for you. You can tweak your TCP timeouts, but do you really want to tweak TCP settings just to make NFS fail in a reasonable fashion (and thus possibly break everything else)? And if you leave it at the default "hard" instead of "soft", the system will lock up indefinitely when you log in (trying to read ~/.bashrc). I love OpenVPN, but installing, configuring, generating certs, copying certs to the client, testing, setting up monitoring, etc. was a couple hours of work, compared to 5 minutes setting up an SSH tunnel with my pre-existing key... and yet, OpenVPN was still less work than trying to tunnel NFS over SSH (thanks to dynamic RPC ports, lockd, etc.). Thanks, Derek On 05/29/2010 05:11 AM, Scott Lovenberg wrote: > > > On Fri, May 28, 2010 at 4:12 PM, Derek Simkowiak <dereks(a)realloc.net > <mailto:dereks(a)realloc.net>> wrote: > > I can mount it using these options in /etc/fstab... note the use > of "setuids" here: > > //cst6/testhome /testhome cifs > iocharset=utf8,credentials=/root/cst6_password.txt,setuids 0 0 > > Does it work if you change 'setuids' to 'suid'? > > Is there anything else I can try? Looking at this earlier post, > it seems like maybe "setuids" is not even a supported option > anymore...? > > http://lists.samba.org/archive/linux-cifs-client/2010-March/005600.html > > The client code has been moved out of the samba package recently. In > the current release of the client (the client is now released > separately from the samba suite, but the two aren't in sync yet) the > setuid functionality is deprecated (but can still be enabled at > compile time). At the moment the option is being called 'legacy'; I > don't know if the functionality is being dropped or > upgraded/redesigned, though. > > > -- > Peace and Blessings, > -Scott. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |