Re: [Samba] setuids mount option broke

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: [Samba] setuids mount option broke

Scott Lovenberg


On Fri, May 28, 2010 at 4:12 PM, Derek Simkowiak <[hidden email]> wrote:
  I can mount it using these options in /etc/fstab... note the use of "setuids" here:

//cst6/testhome /testhome cifs iocharset=utf8,credentials=/root/cst6_password.txt,setuids 0 0

Does it work if you change 'setuids' to 'suid'?

  Is there anything else I can try?  Looking at this earlier post, it seems like maybe "setuids" is not even a supported option anymore...?

http://lists.samba.org/archive/linux-cifs-client/2010-March/005600.html

The client code has been moved out of the samba package recently.  In the current release of the client (the client is now released separately from the samba suite, but the two aren't in sync yet) the setuid functionality is deprecated (but can still be enabled at compile time).  At the moment the option is being called 'legacy'; I don't know if the functionality is being dropped or upgraded/redesigned, though.


--
Peace and Blessings,
-Scott.


_______________________________________________
linux-cifs-client mailing list
[hidden email]
https://lists.samba.org/mailman/listinfo/linux-cifs-client
Reply | Threaded
Open this post in threaded view
|

Re: [Samba] setuids mount option broke

Scott Lovenberg


On Sat, May 29, 2010 at 8:11 AM, Scott Lovenberg <[hidden email]> wrote:

The client code has been moved out of the samba package recently.  In the current release of the client (the client is now released separately from the samba suite, but the two aren't in sync yet) the setuid functionality is deprecated (but can still be enabled at compile time).  At the moment the option is being called 'legacy'; I don't know if the functionality is being dropped or upgraded/redesigned, though.

Sorry, I should have been more clear about this.  I'm referring to the mount.cifs (cifs-utils) part of the client, not the whole samba client.



--
Peace and Blessings,
-Scott.


_______________________________________________
linux-cifs-client mailing list
[hidden email]
https://lists.samba.org/mailman/listinfo/linux-cifs-client
Reply | Threaded
Open this post in threaded view
|

Re: [Samba] setuids mount option broke

Derek Simkowiak-3
In reply to this post by Scott Lovenberg
> Does it work if you change 'setuids' to 'suid'?

    No.  Using "suid", the behavior is identical as "setuids".

    I was hoping to use either Samba over SSH, or else sshfs (Fuse), for mounting these remote home dirs using SSH.  But Samba's "setuids" option is broke, and sshfs doesn't even have that option.  Thus, I was forced to set up an OpenVPN server and mount the homes with NFS over OpenVPN.  NFS sucks, and I hope the setuids option comes back. 

    Getting offtopic, but for the archives: I had to use the NFS mount options "soft,udp,retrans=0" so that I could log in if the VPN went down.  With those options, there's only a ~4 second delay before the NFS gives up with an error.  If you leave set it to "tcp", your SSH shell will lock up for 5 minutes (when you log in and it tries to read ~/.bashrc), another 5 minutes if you accidentally type "ls", and another 5 minutes if you hit [TAB] and it tries to do command-line completion for you.  You can tweak your TCP timeouts, but do you really want to tweak TCP settings just to make NFS fail in a reasonable fashion (and thus possibly break everything else)?  And if you leave it at the default "hard" instead of "soft", the system will lock up indefinitely when you log in (trying to read ~/.bashrc).

    I love OpenVPN, but installing, configuring, generating certs, copying certs to the client, testing, setting up monitoring, etc. was a couple hours of work, compared to 5 minutes setting up an SSH tunnel with my pre-existing key... and yet, OpenVPN was still less work than trying to tunnel NFS over SSH (thanks to dynamic RPC ports, lockd, etc.).


Thanks,
Derek

On 05/29/2010 05:11 AM, Scott Lovenberg wrote:


On Fri, May 28, 2010 at 4:12 PM, Derek Simkowiak <[hidden email]> wrote:
  I can mount it using these options in /etc/fstab... note the use of "setuids" here:

//cst6/testhome /testhome cifs iocharset=utf8,credentials=/root/cst6_password.txt,setuids 0 0

Does it work if you change 'setuids' to 'suid'?

  Is there anything else I can try?  Looking at this earlier post, it seems like maybe "setuids" is not even a supported option anymore...?

http://lists.samba.org/archive/linux-cifs-client/2010-March/005600.html

The client code has been moved out of the samba package recently.  In the current release of the client (the client is now released separately from the samba suite, but the two aren't in sync yet) the setuid functionality is deprecated (but can still be enabled at compile time).  At the moment the option is being called 'legacy'; I don't know if the functionality is being dropped or upgraded/redesigned, though.


--
Peace and Blessings,
-Scott.



_______________________________________________
linux-cifs-client mailing list
[hidden email]
https://lists.samba.org/mailman/listinfo/linux-cifs-client