samba - Nov 2010 - Friend's post in moderation queue for a week... why so long, please? And getting "permission denied" trying to mount an SMB share

Hi. A friend of mine (Jim Fancher) is having trouble with his Samba
install on CentOS Linux.  I suggested he ask on the Samba users
mailing list.  He joined the list and posted, and got an autoreply
saying his message is being held for moderation.  That was a week ago
(Mon, Nov 22nd).  Nothing since.  I see other posts coming through
since then, so wondering why his message got delayed.  It was not
rejected, just being held for moderation?

In the meantime, I'm posting the question on his behalf:

I?ve got two very vanilla installs of centos one 5.5 the other 5.4.
The 5.4 is the ?server? and the 5.5 is the client. I have set up a SMB
share on the server and I am trying to mount that share from the
client. I get error 13 permission denied. When I check the messages I
see that the server is requesting the password as plain text but the
client is not configured that way. When I cat
/proc/fs/cifs/SecurityFlags I get 0x7. The docs list the default as
0x07007. If I open the file with a binary editor I see? nothing. There
is nothing in the file.

Is there some other method to edit the security flags file? I see may
use plaintext passwords as 0x00020 in the mount.cifs doc but no
instructions on how to change the flag. Even more curiously these
files seem to be continuously updated as they (all of the flag files
in that directory) have current timestamps.  The permissions on the
files are all set ass read only and even if I went in and changed the
contents it is not clear that it wouldn?t be immediately overwritten
by something else.

This seems to be related to other problems I have had with SMB shares.
Is there some other security console where these protocol policies are
managed?  Thanks

On Mon, Nov 29, 2010 at 11:45 AM, Aleksey Tsalolikhin
<atsaloli.tech at gmail.com> wrote:
> Hi. A friend of mine (Jim Fancher) is having trouble with his Samba
> install on CentOS Linux. ?I suggested he ask on the Samba users
> mailing list. ?He joined the list and posted, and got an autoreply
> saying his message is being held for moderation. ?That was a week ago
> (Mon, Nov 22nd). ?Nothing since. ?I see other posts coming through
> since then, so wondering why his message got delayed. ?It was not
> rejected, just being held for moderation?
Could anybody shed light on this for me, please?

Best,
Aleksey

Hi

On 29 November 2010 21:45, Aleksey Tsalolikhin <atsaloli.tech at
gmail.com> wrote:
[...]
> In the meantime, I'm posting the question on his behalf:
>
> I?ve got two very vanilla installs of centos one 5.5 the other 5.4.
> The 5.4 is the ?server? and the 5.5 is the client. I have set up a SMB
> share on the server and I am trying to mount that share from the
> client. I get error 13 permission denied. When I check the messages I
> see that the server is requesting the password as plain text but the
> client is not configured that way. When I cat
> /proc/fs/cifs/SecurityFlags I get 0x7. The docs list the default as
> 0x07007. If I open the file with a binary editor I see? nothing. There
> is nothing in the file.
Files in /proc are not real files, but just a way for the kernel to
provide some way for you to see what it's doing or tweak things.

See e.g. http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/proc.html
for more details.
> Is there some other method to edit the security flags file? I see may
The way you "edit" files in proc is simply by doing:
echo newvalue >/proc/blah

but, you can only do this if the file is writable.  And if it's not
writable you cannot simply chmod u+w it.  If it's not writable it is
because the kernel does not accept direct modifications of that value.
> use plaintext passwords as 0x00020 in the mount.cifs doc but no
> instructions on how to change the flag. Even more curiously these
> files seem to be continuously updated as they (all of the flag files
> in that directory) have current timestamps. ?The permissions on the
> files are all set ass read only and even if I went in and changed the
> contents it is not clear that it wouldn?t be immediately overwritten
> by something else.
This is explained by the fact that /proc is a sort of virtual
filesystem as explained by the link above.
> This seems to be related to other problems I have had with SMB shares.
> Is there some other security console where these protocol policies are
> managed? ?Thanks
You might want to ask on the linux-cifs mailing list, since it seems
you're asking about mount.cifs.

http://vger.kernel.org/vger-lists.html#linux-cifs

See also:

http://www.samba.org/linux-cifs/cifs-utils/

-- 
Michael Wood <esiotrot at gmail.com>