Jeff Layton
2012-Oct-10 00:51 UTC
[Samba] ANNOUNCE: cifs-utils release 5.6 is ready for download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Time for another cifs-utils release!
Nothing terribly earth shattering here. Some distros (like Fedora) are
moving krb5 credcaches out of /tmp by default. Users of these distros
will definitely want to upgrade.
Highlights:
* Fixes for mounting with '/' in usernames with sec=krb5
* Support for DIR: type krb5 ccaches
* support for "nofail" option in mount.cifs
webpage: https://wiki.samba.org/index.php/LinuxCIFS_utils
tarball: ftp://ftp.samba.org/pub/linux-cifs/cifs-utils/
git: git://git.samba.org/cifs-utils.git
gitweb: http://git.samba.org/?p=cifs-utils.git;a=summary
Detailed list of changes since 5.6:
commit 692842e34c1f2fcc84b6b64136f5e28dd7062f46
Author: Jeff Layton <jlayton at samba.org>
Date: Tue Aug 7 11:06:41 2012 -0400
autoconf: set version to 5.6.1 for interim builds
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 569cfcb3a467dfdf967a36ed6f7896559edab2ba
Author: Jeff Layton <jlayton at samba.org>
Date: Tue Aug 7 11:11:26 2012 -0400
mount.cifs: deprecate the DOMAIN/username%password username syntax
mount.cifs has in the past allowed users to specify a username using
the above syntax, which would populate the domain and password fields
with the different pieces.
Unfortunately, there are cases where it is legit to have a '/' in a
username. krb5 SPNs generally contain a '/' and we have no clear way
to distinguish between the two.
I don't see any real value in keeping that syntax allowed. It's no
easier than specifying "pass=" and "domain=" on the
command line. Ditto
for credential files.
Begin the transition away from that syntax by adding a warning message
that support for it will be removed in 5.9.
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 3a965467611637ca05bcd55460ff69fec6ad8be7
Author: Jeff Layton <jlayton at samba.org>
Date: Tue Aug 7 11:52:15 2012 -0400
mount.cifs: handle username= differently depending on sec= option
This patch is intended as a temporary workaround for krb5 users that need
to specify usernames with '/' in them. I intend to remove this hack
from
mount.cifs once the legacy username handling code is removed.
The idea here is to save off the raw username string while we're parsing
options. If the mount options specify "sec=krb5" or
"sec=krb5i" then
we'll not do the legacy username parsing and will instead just pass in
the username string as-is.
Obviously, this is a nasty hack and we don't really want to carry this
in perpetuity, so this can go away once the "legacy" username
parsing
has gone away.
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 377898e63a8689b0e8c5c656ce9cfa98223cf74b
Author: Jeff Layton <jlayton at samba.org>
Date: Tue Aug 21 15:18:54 2012 -0400
cifs-utils: fix up references to getcifsacl and setcifsacl files
When I moved the manpages for this to section 1, I missed some references
to them. Also, get rid of the unneeded clean-local-aclprogs makefile target.
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit d006986221b7f1aad50e894851dc573650b7611c
Author: Nalin Dahyabhai <nalin at redhat.com>
Date: Thu Aug 23 11:14:45 2012 -0400
cifs.upcall: also consider DIR:-type ccaches
If we encounter a subdirectory while scanning a directory for a user's
ccache, check if it's a "DIR" ccache. Otherwise, continue as
before,
checking if it's a "FILE" ccache if it looks like a regular
file.
commit ca0894e40480a9115c6bad670149b075646ead2c
Author: Nalin Dahyabhai <nalin at redhat.com>
Date: Thu Aug 23 11:14:56 2012 -0400
cifs.upcall: scan /run/user/${UID} for ccaches, too
When scanning for credential caches, check the user's directory under
/run/user first, then fall back to /tmp as we have previously. Because
we now call find_krb5_cc() twice (once for each directory), we move its
state to be outside of the function. We also add a substitution
mechanism to make the process of resolving the location of the user's
home directory before searching it a bit more explicable.
commit 72bce53289d939c3539b7d3cb957b748a4b1d2ec
Author: Jeff Layton <jlayton at samba.org>
Date: Thu Aug 23 07:46:40 2012 -0400
cifs.upcall: use strncmp in scandir filter function
We want to require that the filename begins with the correct string,
not just that it contains it somewhere.
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit a0bf123541ec6fd53948f41f17c9dba5d6a43648
Author: Jeff Layton <jlayton at samba.org>
Date: Thu Aug 23 10:18:02 2012 -0400
mount.cifs: silence compiler warnings about ignoring return code
In this case we explicitly don't care what these functions return, so
declare a couple of unused variables to catch the results.
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 82f93c44343f281ce61f547ff8f9e5f79945cb20
Author: Jeff Layton <jlayton at samba.org>
Date: Wed Sep 12 07:49:44 2012 -0400
mount.cifs: running out of addresses is not a system error
This patch fixes a minor regression. It used to be that when the mount
helper would run out of addresses that it would return EX_FAIL to
userspace. It now returns EX_SYSERR which is incorrect. Reinstate
the correct error code.
Reported-by: Ales Zelinka <azelinka at redhat.com>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 67e0f46bfc39d280986f20c7074039151cb188ba
Author: Jeff Layton <jlayton at samba.org>
Date: Tue Sep 25 11:07:08 2012 -0400
manpage: clarify usage of the username= option
Specifying the username as "user=" can confuse some versions of
/bin/mount,
and cause it to append noexec to the mount string. Also, remove the blurb
about how cifs.ko will accept abbreviations -- it's just bad practice
since
it leads to these sorts of conflicts.
A wonderful example of this confusion was reported by Stefan here:
https://bugzilla.redhat.com/show_bug.cgi?id=860154
Reported-by: Stefan Walter <walteste at inf.ethz.ch>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 0705ac30ce5e8a7a7d72253d6ad6e79e73a2bfb0
Author: Jeff Layton <jlayton at samba.org>
Date: Mon Oct 8 06:44:49 2012 -0400
mount.cifs: implement the "nofail" option
The mount(8) manpage lists this as a fs-independent option:
nofail: Do not report errors for this device if it does not exist.
Implement that in mount.cifs by not returning an error if we were unable
to find a suitable address for the mount attempt.
Reported-by: Peter Trenholme <PTrenholme at gmail.com>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 8d70e81f0a486fc02ecb0fe38d61fd8f45b89772
Author: Jeff Layton <jlayton at samba.org>
Date: Tue Oct 9 15:21:33 2012 -0400
autoconf: set version to 5.7
Signed-off-by: Jeff Layton <jlayton at samba.org>
- --
Jeff Layton <jlayton at samba.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iQIcBAEBAgAGBQJQdMaJAAoJEAAOaEEZVoIV5N8QAI9t0QiE6BQMiQzF42TX4qWR
aP/JeSNTMpQhxFLrzCiSlz0zj/5AquzGSU3zrRF4HUKGrIIjT3vvjKNA6FSnA234
930B+jjKI1J5uEvBeQ6eCZwUaVPJq8FuFVe5XgZvKzdslYaFk3hjnrz3fqKT0HAh
Dp81pTe2/tD8hQpE4keuza4A3e+/UsdsuR9DX5NBbNKdTBdwIyE0jTEsvrOJ/2qk
FV2vyGV7mjeQVnjQTG/IsjPJA94Zr5VZhtKpLTRvzZ3W3rsEe8O1ZFu1LweJv6lm
1klX6zUX455JmHYzu/lA+TTc6hOiOVYf57+ZzAmLYX8datsgQbYLVR8fhSAgC/OZ
DxI1cmQLL2iq/bRbB6C/pcF7cwAzeQa+GclrscWFc0ZzKY4pepN98vlrMemRkvDk
hjgPbcU7PEblhegwYNo6OBTmXNF5q+uJ7EQdfQX0r6KwnVNXE37shHPk0PfSVL6/
r1Q/1BSJ0+j2HKe2i7Y5cJIEbZYjtV6vFCijBeghGbt4+4gHnj1sJn8HBB/1H+E/
mhdQkcKVaCTRriE4JZ6xMeBGgo4LHAjSGVuv1Xi4w2C2Hwhl7jZQnAiPUJgDOvpv
6Oqxshs1sU6iyy1cId+Gk7XqGoZXVd6LzKms3mwaK8tzYwONf9Y8ebs12j4e8WhV
6PGWfV2oblB1xqP5tfAo
=xI5l
-----END PGP SIGNATURE-----
Jeff Layton
2012-Oct-10 00:55 UTC
[Samba] ANNOUNCE: cifs-utils release *5.7* is ready for download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 9 Oct 2012 20:51:21 -0400 Jeff Layton <jlayton at samba.org> wrote:> Hash: SHA1 > > Time for another cifs-utils release! > > Nothing terribly earth shattering here. Some distros (like Fedora) are > moving krb5 credcaches out of /tmp by default. Users of these distros > will definitely want to upgrade. > > Highlights: > > * Fixes for mounting with '/' in usernames with sec=krb5 > > * Support for DIR: type krb5 ccaches > > * support for "nofail" option in mount.cifs > > webpage: https://wiki.samba.org/index.php/LinuxCIFS_utils > tarball: ftp://ftp.samba.org/pub/linux-cifs/cifs-utils/ > git: git://git.samba.org/cifs-utils.git > gitweb: http://git.samba.org/?p=cifs-utils.git;a=summary > > Detailed list of changes since 5.6: > > commit 692842e34c1f2fcc84b6b64136f5e28dd7062f46 > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 7 11:06:41 2012 -0400 > > autoconf: set version to 5.6.1 for interim builds > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 569cfcb3a467dfdf967a36ed6f7896559edab2ba > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 7 11:11:26 2012 -0400 > > mount.cifs: deprecate the DOMAIN/username%password username syntax > > mount.cifs has in the past allowed users to specify a username using > the above syntax, which would populate the domain and password fields > with the different pieces. > > Unfortunately, there are cases where it is legit to have a '/' in a > username. krb5 SPNs generally contain a '/' and we have no clear way > to distinguish between the two. > > I don't see any real value in keeping that syntax allowed. It's no > easier than specifying "pass=" and "domain=" on the command line. Ditto > for credential files. > > Begin the transition away from that syntax by adding a warning message > that support for it will be removed in 5.9. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 3a965467611637ca05bcd55460ff69fec6ad8be7 > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 7 11:52:15 2012 -0400 > > mount.cifs: handle username= differently depending on sec= option > > This patch is intended as a temporary workaround for krb5 users that need > to specify usernames with '/' in them. I intend to remove this hack from > mount.cifs once the legacy username handling code is removed. > > The idea here is to save off the raw username string while we're parsing > options. If the mount options specify "sec=krb5" or "sec=krb5i" then > we'll not do the legacy username parsing and will instead just pass in > the username string as-is. > > Obviously, this is a nasty hack and we don't really want to carry this > in perpetuity, so this can go away once the "legacy" username parsing > has gone away. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 377898e63a8689b0e8c5c656ce9cfa98223cf74b > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 21 15:18:54 2012 -0400 > > cifs-utils: fix up references to getcifsacl and setcifsacl files > > When I moved the manpages for this to section 1, I missed some references > to them. Also, get rid of the unneeded clean-local-aclprogs makefile target. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit d006986221b7f1aad50e894851dc573650b7611c > Author: Nalin Dahyabhai <nalin at redhat.com> > Date: Thu Aug 23 11:14:45 2012 -0400 > > cifs.upcall: also consider DIR:-type ccaches > > If we encounter a subdirectory while scanning a directory for a user's > ccache, check if it's a "DIR" ccache. Otherwise, continue as before, > checking if it's a "FILE" ccache if it looks like a regular file. > > commit ca0894e40480a9115c6bad670149b075646ead2c > Author: Nalin Dahyabhai <nalin at redhat.com> > Date: Thu Aug 23 11:14:56 2012 -0400 > > cifs.upcall: scan /run/user/${UID} for ccaches, too > > When scanning for credential caches, check the user's directory under > /run/user first, then fall back to /tmp as we have previously. Because > we now call find_krb5_cc() twice (once for each directory), we move its > state to be outside of the function. We also add a substitution > mechanism to make the process of resolving the location of the user's > home directory before searching it a bit more explicable. > > commit 72bce53289d939c3539b7d3cb957b748a4b1d2ec > Author: Jeff Layton <jlayton at samba.org> > Date: Thu Aug 23 07:46:40 2012 -0400 > > cifs.upcall: use strncmp in scandir filter function > > We want to require that the filename begins with the correct string, > not just that it contains it somewhere. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit a0bf123541ec6fd53948f41f17c9dba5d6a43648 > Author: Jeff Layton <jlayton at samba.org> > Date: Thu Aug 23 10:18:02 2012 -0400 > > mount.cifs: silence compiler warnings about ignoring return code > > In this case we explicitly don't care what these functions return, so > declare a couple of unused variables to catch the results. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 82f93c44343f281ce61f547ff8f9e5f79945cb20 > Author: Jeff Layton <jlayton at samba.org> > Date: Wed Sep 12 07:49:44 2012 -0400 > > mount.cifs: running out of addresses is not a system error > > This patch fixes a minor regression. It used to be that when the mount > helper would run out of addresses that it would return EX_FAIL to > userspace. It now returns EX_SYSERR which is incorrect. Reinstate > the correct error code. > > Reported-by: Ales Zelinka <azelinka at redhat.com> > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 67e0f46bfc39d280986f20c7074039151cb188ba > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Sep 25 11:07:08 2012 -0400 > > manpage: clarify usage of the username= option > > Specifying the username as "user=" can confuse some versions of /bin/mount, > and cause it to append noexec to the mount string. Also, remove the blurb > about how cifs.ko will accept abbreviations -- it's just bad practice since > it leads to these sorts of conflicts. > > A wonderful example of this confusion was reported by Stefan here: > > https://bugzilla.redhat.com/show_bug.cgi?id=860154 > > Reported-by: Stefan Walter <walteste at inf.ethz.ch> > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 0705ac30ce5e8a7a7d72253d6ad6e79e73a2bfb0 > Author: Jeff Layton <jlayton at samba.org> > Date: Mon Oct 8 06:44:49 2012 -0400 > > mount.cifs: implement the "nofail" option > > The mount(8) manpage lists this as a fs-independent option: > > nofail: Do not report errors for this device if it does not exist. > > Implement that in mount.cifs by not returning an error if we were unable > to find a suitable address for the mount attempt. > > Reported-by: Peter Trenholme <PTrenholme at gmail.com> > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 8d70e81f0a486fc02ecb0fe38d61fd8f45b89772 > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Oct 9 15:21:33 2012 -0400 > > autoconf: set version to 5.7 > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > - -- > Jeff Layton <jlayton at samba.org>Sigh... Obviously the Subject of the above message should have read 5.7... - -- Jeff Layton <jlayton at samba.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) iQIcBAEBAgAGBQJQdMdyAAoJEAAOaEEZVoIVHJoQALIEqqkOQoWplm0BG+VmOorq pBsDEgU+sjqfKfCJERbhGABSOqfzpNHshhuMlfVxaCPNCEaN3HGEjjl8w1GfLuMp 83SqO7EM4wjQQ2aQIWhSQ7AKB0yBheHi/8JgwrROJES8cslwt2EyLDexy5v/fWBC SllW5mWoRzPH7Fm/S+reeujRw6Z9F55zv2W1ifCCAPsfiXug6WkzJ7YSgcE0wtiR hKVFkJb96pdJPXHOtSPs9KapVv7VRh+7Tmbp8fK3k6ieBtOSpJWeny/neXLlxn3L Lytw5LTHd7vnahbUBKTluDjN2LBYHMaYN8O+cPB2UkJQFd5OilGZvIt96dkJAzcc t3AbHAwSaJBPh/fuDq2YYic7ArISXVrp3gCSMu+DtBkOE3MxqYuG4MMMQPj9uxfG r2XgQ0JcyBzH9nM+3/RMuXF1LEmSqa7DpXaFbAfAXkNAWMpfZKWWpD0i9pSVQ+61 QzyEXz+KyXxYPL2BpEEvezjSaJvGLjJg+2bJdLqmKtsJGuTVi0bjnGFG9Ap4VppX Kt/OP6wJOQPRVSe1+6XLMgfab1Ba/OD0zDG2Si0DeF4cmOs1CyYQ5dL8N4DMmZ4P dftdirnb+++zCIIvLUyhwEswU4FdgLHFyUuH+AeckWeWhS6euA8XH7P7MYyOA9Pa bT1ceyKiJARqjBA0m9nY =Md7S -----END PGP SIGNATURE-----
Maybe Matching Threads
- cifs-utils: regression in (mulituser?) mounting 'CIFS VFS: Send error in SessSetup = -126'
- cifs-utils: regression in (mulituser?) mounting 'CIFS VFS: Send error in SessSetup = -126'
- [PATCH] MAINTAINERS: Update my email address
- cifs-utils: regression in (mulituser?) mounting 'CIFS VFS: Send error in SessSetup = -126'
- ANNOUNCE: cifs-utils release 4.1 available for download