Post new topic   Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
Author Message
manulOffline
Post subject: samba mount.cifs and sec=ntlm for kernels 3.8 [Solved]  PostPosted: 14.03.2013, 23:44



Joined: 2010-09-13
Posts: 96

Status: Offline
I cannot mount a samba share with kernel 3.8-2.slh.2-aptosid-amd64 via mount.cifs.

Have two up-to date aptosid computers in the same LAN (laptop and PC).
PC is running kernel 3.7-6.slh.2-aptosid-amd64.
Laptop is running kernel 3.8-2.slh.2-aptosid-amd64.

The share I want to connect to, is a (cheap) NAS device in the same network (all I can do to manage NAS device is to access it via some pretty bogus web interface).

Laptop (3.8-2.slh.2-aptosid-amd64) cannot connect:
      Code:
root@siddie-new:/home/manul# ping 192.168.167.195 -c 1
PING 192.168.167.195 (192.168.167.195) 56(84) bytes of data.
64 bytes from 192.168.167.195: icmp_req=1 ttl=64 time=2.12 ms

--- 192.168.167.195 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 2.124/2.124/2.124/0.000 ms
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# uname -a
Linux siddie-new 3.8-2.slh.2-aptosid-amd64 #1 SMP PREEMPT Tue Mar 5 01:42:14 UTC 2013 x86_64 GNU/Linux
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount -t cifs 192.168.167.195:/public/ /mnt/NAS/ --verbose -o defaults,rw,guest,uid=manul,gid=manul
mount.cifs kernel mount options: ip=192.168.167.195,unc=\\192.168.167.195\public,guest,uid=1000,gid=1000,user=,pass=********
mount error(5): Input/output error
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount | grep 195
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# tail -n 1 /var/log/messages
Mar 14 19:17:39 siddie-new kernel: [  406.037204] CIFS: the value of the unc= mount option does not match the device string. Using the unc= option for now. In 3.10, that option will be ignored and the contents of the device string will be used instead. ((null) != \\192.168.167.195\public)
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# infobash -v
Host/Kernel/OS  "siddie-new" running Linux 3.8-2.slh.2-aptosid-amd64 x86_64 [ aptosid 2011-01 Γῆρας - kde-lite - (201102051540) ]
CPU Info        4x Intel Core i3 U 330 @ clocked at [ 666.000 MHz ]
Videocard       Intel Core Processor Integrated Graphics Controller     [  ]
Processes 151 | Uptime 7min | Memory 575.8/1864.0MB | HDD Size 500GB (5%used) | Client Shell | Infobash v3.46
root@siddie-new:/home/manul#
root@siddie-new:/home/manul#


Note the mount error(5): Input/output error; and the weirdo error it spits in messages log.
I also tried the \\192.168.167.195\public (as opposed to 192.168.167.195:/public/) but get the same result.

NOTE: smb using browsing shares via Dolphin GUI at the same laptop DOES work (but is terribly slow - it has always been so slow though).
Only mount.cifs from shell does not.

---

At the same time, PC (3.7-6.slh.2-aptosid-amd64) mounts it normally with exactly the same command:

      Code:
root@siduxbox:~# ping 192.168.167.195 -c 1
PING 192.168.167.195 (192.168.167.195) 56(84) bytes of data.
64 bytes from 192.168.167.195: icmp_req=1 ttl=64 time=1.92 ms

--- 192.168.167.195 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.926/1.926/1.926/0.000 ms
root@siduxbox:~#
root@siduxbox:~# uname -a
Linux siduxbox 3.7-6.slh.2-aptosid-amd64 #1 SMP PREEMPT Fri Feb 8 02:02:54 UTC 2013 x86_64 GNU/Linux
root@siduxbox:~#
root@siduxbox:~# mount -t cifs 192.168.167.195:/public/ /mnt/NAS/ --verbose -o defaults,rw,guest,uid=manul,gid=manul
mount.cifs kernel mount options: ip=192.168.167.195,unc=\\192.168.167.195\public,guest,uid=1000,gid=1000,user=,pass=********
root@siduxbox:~#
root@siduxbox:~# mount | grep 195
192.168.167.195:/public/ on /mnt/NAS type cifs (rw,relatime,vers=1.0,sec=ntlm,cache=strict,unc=\\192.168.167.195\public,uid=1000,forceuid,gid=1000,forcegid,addr=192.168.167.195,unix,serverino,rsize=61440,wsize=65536,actimeo=1)
root@siduxbox:~#                                                                                                                                                       
root@siduxbox:~# infobash -v                                                                                                                                           
Host/Kernel/OS  "siduxbox" running Linux 3.7-6.slh.2-aptosid-amd64 x86_64 [ sidux 2009-03 Μώμος - kde-lite - (200911110039) ]                                           
CPU Info        2x AMD Athlon 64 X2 Dual Core 5200+ clocked at [ 1000.000 MHz ]                                                                                         
Videocard       NVIDIA C77 [GeForce 8200]  tty resolution ( 168x47 )                                                                                                   
Processes 165 | Uptime 2days | Memory 2650.6/3707.9MB | HDD Size 1660GB (40%used) | Runlevel 5 | Client Shell | Infobash v3.46                                         
root@siduxbox:~#


Let me know if I can provide more information.


Last edited by manul on 16.03.2013, 17:27; edited 1 time in total
 
 View user's profile Send private message  
Reply with quote Back to top
slhOffline
Post subject: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosid-amd64  PostPosted: 15.03.2013, 01:19



Joined: 2010-08-25
Posts: 761

Status: Offline
mount.cifs over here works with the current kernel. while not impossible "mount error(5): Input/output error" doesn't exactly sound like a kernel issue either… Please install the currently kernel on your second PC (keep the old one, of course) and check if it continued working there.
 
 View user's profile Send private message  
Reply with quote Back to top
manulOffline
Post subject: Re: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosid-am  PostPosted: 15.03.2013, 07:36



Joined: 2010-09-13
Posts: 96

Status: Offline
      slh wrote:
mount.cifs over here works with the current kernel. while not impossible "mount error(5): Input/output error" doesn't exactly sound like a kernel issue either… Please install the currently kernel on your second PC (keep the old one, of course) and check if it continued working there.


I just booted the 1st PC (laptop) using a 3.7 kernel I have from before in grub (nothing else changed) - and it works as you can see:
      Code:

root@siddie-new:/home/manul#
root@siddie-new:/home/manul# uname -a
Linux siddie-new 3.7-7.slh.1-aptosid-amd64 #1 SMP PREEMPT Tue Feb 12 22:59:25 UTC 2013 x86_64 GNU/Linux
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount -t cifs 192.168.167.195:/public/ /mnt/NAS/ --verbose -o defaults,rw,guest,uid=manul,gid=manul
mount.cifs kernel mount options: ip=192.168.167.195,unc=\\192.168.167.195\public,guest,uid=1000,gid=1000,user=,pass=********
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount | grep 195
192.168.167.195:/public/ on /mnt/NAS type cifs (rw,relatime,vers=1.0,sec=ntlm,cache=strict,unc=\\192.168.167.195\public,uid=1000,forceuid,gid=1000,forcegid,addr=192.168.167.195,unix,serverino,rsize=61440,wsize=65536,actimeo=1)
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# infobash -v
Host/Kernel/OS  "siddie-new" running Linux 3.7-7.slh.1-aptosid-amd64 x86_64 [ aptosid 2011-01 Γῆρας - kde-lite - (201102051540) ]
CPU Info        4x Intel Core i3 U 330 @ clocked at [ 666.000 MHz ]
Videocard       Intel Core Processor Integrated Graphics Controller     [  ]
Processes 162 | Uptime 2min | Memory 587.6/1863.9MB | HDD Size 500GB (5%used) | Client Shell | Infobash v3.46
root@siddie-new:/home/manul#
root@siddie-new:/home/manul#


So it is kernel-related: reproducible each time when I boot with 3.8 - it does not work; when I boot with 3.7 - it does (nothing else changes meanwhile, same PC) - just reboots.

I have no idea what is under the hood of the NAS server device (what version of samba server etc).

I can try same thing with the 2nd PC - but with kernel 3.8 I have no monitor on it (see the next topic about nouveau), so I need to install 3.8 first, and then test via ssh.

Is there any way to "debug" mount.cifs to find out more details about what exactly makes it fail with 3.8.
 
 View user's profile Send private message  
Reply with quote Back to top
manulOffline
Post subject: Re: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosid-am  PostPosted: 15.03.2013, 17:54



Joined: 2010-09-13
Posts: 96

Status: Offline
      slh wrote:
mount.cifs over here works with the current kernel. while not impossible "mount error(5): Input/output error" doesn't exactly sound like a kernel issue either… Please install the currently kernel on your second PC (keep the old one, of course) and check if it continued working there.


Done (verified via ssh due to lack of monitor on this kernel).

So mount.cifs fails when I boot with current kernel, on my second PC as well:

      Code:
root@siduxbox:~# mount -t cifs 192.168.167.195:/public/ /mnt/NAS/ --verbose -o defaults,rw,guest,uid=manul,gid=manul
mount.cifs kernel mount options: ip=192.168.167.195,unc=\\192.168.167.195\public,guest,uid=1000,gid=1000,user=,pass=********
mount error(5): Input/output error
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
root@siduxbox:~#
root@siduxbox:~# tail -n 1 /var/log/messages
Mar 15 13:50:17 siduxbox kernel: [   95.546680] CIFS: the value of the unc= mount option does not match the device string. Using the unc= option for now. In 3.10, that option will be ignored and the contents of the device string will be used instead. ((null) != \\192.168.167.195\public)                                                 
root@siduxbox:~#                                                                                                                                                       
root@siduxbox:~# uname -a                                                                                                                                               
Linux siduxbox 3.8-2.slh.5-aptosid-amd64 #1 SMP PREEMPT Wed Mar 13 01:51:10 UTC 2013 x86_64 GNU/Linux                                                                   
root@siduxbox:~#                                                                                                                                                       
root@siduxbox:~# infobash -v
Host/Kernel/OS  "siduxbox" running Linux 3.8-2.slh.5-aptosid-amd64 x86_64 [ sidux 2009-03 Μώμος - kde-lite - (200911110039) ]
CPU Info        2x AMD Athlon 64 X2 Dual Core 5200+ clocked at [ 1000.000 MHz ]
Videocard       NVIDIA C77 [GeForce 8200]  tty resolution ( 168x47 )
Processes 132 | Uptime 2min | Memory 126.5/3708.1MB | HDD Size 1660GB (40%used) | Runlevel 5 | Client Shell | Infobash v3.46
root@siduxbox:~#
 
 View user's profile Send private message  
Reply with quote Back to top
manulOffline
Post subject: RE: Re: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosi  PostPosted: 16.03.2013, 16:59



Joined: 2010-09-13
Posts: 96

Status: Offline
I was able to use a workaround for the mount.cifs issue with 3.8 kernels, by providing explicitly the mount option "sec=ntlm".

I came to this result by comparing the live options of "mount" output string of the already successfully mounted share under 3.7 kernel; and then testing with providing these options explicitly to mount.cifs command while under 3.8 kernel.

See below:

      Code:

root@siddie-new:/home/manul# uname -a
Linux siddie-new 3.8-2.slh.5-aptosid-amd64 #1 SMP PREEMPT Wed Mar 13 01:51:10 UTC 2013 x86_64 GNU/Linux
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount -t cifs 192.168.167.195:/public/ /mnt/NAS/ --verbose -o defaults,rw,guest,uid=manul,gid=manul
mount.cifs kernel mount options: ip=192.168.167.195,unc=\\192.168.167.195\public,guest,uid=1000,gid=1000,user=,pass=********
mount error(5): Input/output error
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount | grep 195
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount -t cifs 192.168.167.195:/public/ /mnt/NAS/ --verbose -o defaults,rw,guest,uid=manul,gid=manul,sec=ntlm
mount.cifs kernel mount options: ip=192.168.167.195,unc=\\192.168.167.195\public,guest,sec=ntlm,uid=1000,gid=1000,user=,pass=********
root@siddie-new:/home/manul#
root@siddie-new:/home/manul# mount | grep 195
192.168.167.195:/public/ on /mnt/NAS type cifs (rw,relatime,vers=1.0,sec=ntlm,cache=strict,unc=\\192.168.167.195\public,uid=1000,forceuid,gid=1000,forcegid,addr=192.168.167.195,unix,serverino,rsize=61440,wsize=65536,actimeo=1)
root@siddie-new:/home/manul#


The message
      Code:
Mar 16 12:42:53 siddie-new kernel: [   60.232144] CIFS: the value of the unc= mount option does not match the device string. Using the unc= option for now. In 3.10, that option will be ignored and the contents of the device string will be used instead. ((null) != \\192.168.167.195\public)

seems to be irrelevant, it shows in 3.8 kernel logs both upon successful and non-successful mount.


Now I am not sure whether this should be marked as "solved"?

man mount.cifs says:

      Code:
      sec=
           Security mode. Allowed values are:
           
           ·   none attempt to connection as a null user (no name)
           
           ·   krb5 Use Kerberos version 5 authentication
           
           ·   krb5i Use Kerberos authentication and forcibly enable packet signing
           
           ·   ntlm Use NTLM password hashing (default)
       
           ·   ntlmi Use NTLM password hashing and force packet signing
           
           ·   ntlmv2 Use NTLMv2 password hashing
           
           ·   ntlmv2i Use NTLMv2 password hashing and force packet signing
           
           ·   ntlmssp Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message
           
           ·   ntlmsspi Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
           
           If the server requires signing during protocol negotiation, then it may be enabled automatically. Packet signing may also be enabled automatically if
           it's enabled in /proc/fs/cifs/SecurityFlags.


Just in case, in same 3.8 kernel I have in /proc/fs/cifs/SecurityFlags

      Code:
root@siddie-new:/home/manul# cat /proc/fs/cifs/SecurityFlags
0x81
root@siddie-new:/home/manul#


As seen from above man page, sec=ntlm option should NOT be provided explicitly because it is supposed to be the default?

So while it works now, seems something still need be fixed - either manpage or the kernel driver?
 
 View user's profile Send private message  
Reply with quote Back to top
slhOffline
Post subject: RE: Re: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosi  PostPosted: 16.03.2013, 17:11



Joined: 2010-08-25
Posts: 761

Status: Offline
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=81bcd8b795229c70d7244898efe282846e3b14ce, so no bug but rather intended behaviour - although I would have expected a slightly more meaningful error message.
 
 View user's profile Send private message  
Reply with quote Back to top
manulOffline
Post subject: RE: Re: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosi  PostPosted: 16.03.2013, 17:20



Joined: 2010-09-13
Posts: 96

Status: Offline
Thanks slh.
Very good, but then should not the mount.cifs manpage be changed (and yes, more meaningful error message would be welcome)?
If this happens in production (after upgrade, say) it could be a pain in the a*.

Maybe it is at least worth to post it as a minor bugfix to debian kernel/cifs maintainers....

P.S. Now when I looked at the patch, it seems one had to be warned in the log of the previous kernels. Marking is solved (still not bad to change manpage to reflect the reality).
 
 View user's profile Send private message  
Reply with quote Back to top
slhOffline
Post subject: RE: Re: RE: mount.cifs issues with kernel 3.8-2.slh.2-aptosi  PostPosted: 16.03.2013, 18:23



Joined: 2010-08-25
Posts: 761

Status: Offline
manpages typically lag behind (and translations are even worse), especially during times of freeze (keep in mind that Debian wheezy will release with kernel 3.2).

Unfortunately especially embedded appliances using samba are still stuck on ancient samba 2.x versions, with limited (security) abilities.
 
 View user's profile Send private message  
Reply with quote Back to top
Display posts from previous:     
Jump to:  
All times are GMT - 12 Hours
Post new topic   Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
Powered by Zafenio