Jeff Layton
2012-Oct-10 00:51 UTC
[Samba] ANNOUNCE: cifs-utils release 5.6 is ready for download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Time for another cifs-utils release! Nothing terribly earth shattering here. Some distros (like Fedora) are moving krb5 credcaches out of /tmp by default. Users of these distros will definitely want to upgrade. Highlights: * Fixes for mounting with '/' in usernames with sec=krb5 * Support for DIR: type krb5 ccaches * support for "nofail" option in mount.cifs webpage: https://wiki.samba.org/index.php/LinuxCIFS_utils tarball: ftp://ftp.samba.org/pub/linux-cifs/cifs-utils/ git: git://git.samba.org/cifs-utils.git gitweb: http://git.samba.org/?p=cifs-utils.git;a=summary Detailed list of changes since 5.6: commit 692842e34c1f2fcc84b6b64136f5e28dd7062f46 Author: Jeff Layton <jlayton at samba.org> Date: Tue Aug 7 11:06:41 2012 -0400 autoconf: set version to 5.6.1 for interim builds Signed-off-by: Jeff Layton <jlayton at samba.org> commit 569cfcb3a467dfdf967a36ed6f7896559edab2ba Author: Jeff Layton <jlayton at samba.org> Date: Tue Aug 7 11:11:26 2012 -0400 mount.cifs: deprecate the DOMAIN/username%password username syntax mount.cifs has in the past allowed users to specify a username using the above syntax, which would populate the domain and password fields with the different pieces. Unfortunately, there are cases where it is legit to have a '/' in a username. krb5 SPNs generally contain a '/' and we have no clear way to distinguish between the two. I don't see any real value in keeping that syntax allowed. It's no easier than specifying "pass=" and "domain=" on the command line. Ditto for credential files. Begin the transition away from that syntax by adding a warning message that support for it will be removed in 5.9. Signed-off-by: Jeff Layton <jlayton at samba.org> commit 3a965467611637ca05bcd55460ff69fec6ad8be7 Author: Jeff Layton <jlayton at samba.org> Date: Tue Aug 7 11:52:15 2012 -0400 mount.cifs: handle username= differently depending on sec= option This patch is intended as a temporary workaround for krb5 users that need to specify usernames with '/' in them. I intend to remove this hack from mount.cifs once the legacy username handling code is removed. The idea here is to save off the raw username string while we're parsing options. If the mount options specify "sec=krb5" or "sec=krb5i" then we'll not do the legacy username parsing and will instead just pass in the username string as-is. Obviously, this is a nasty hack and we don't really want to carry this in perpetuity, so this can go away once the "legacy" username parsing has gone away. Signed-off-by: Jeff Layton <jlayton at samba.org> commit 377898e63a8689b0e8c5c656ce9cfa98223cf74b Author: Jeff Layton <jlayton at samba.org> Date: Tue Aug 21 15:18:54 2012 -0400 cifs-utils: fix up references to getcifsacl and setcifsacl files When I moved the manpages for this to section 1, I missed some references to them. Also, get rid of the unneeded clean-local-aclprogs makefile target. Signed-off-by: Jeff Layton <jlayton at samba.org> commit d006986221b7f1aad50e894851dc573650b7611c Author: Nalin Dahyabhai <nalin at redhat.com> Date: Thu Aug 23 11:14:45 2012 -0400 cifs.upcall: also consider DIR:-type ccaches If we encounter a subdirectory while scanning a directory for a user's ccache, check if it's a "DIR" ccache. Otherwise, continue as before, checking if it's a "FILE" ccache if it looks like a regular file. commit ca0894e40480a9115c6bad670149b075646ead2c Author: Nalin Dahyabhai <nalin at redhat.com> Date: Thu Aug 23 11:14:56 2012 -0400 cifs.upcall: scan /run/user/${UID} for ccaches, too When scanning for credential caches, check the user's directory under /run/user first, then fall back to /tmp as we have previously. Because we now call find_krb5_cc() twice (once for each directory), we move its state to be outside of the function. We also add a substitution mechanism to make the process of resolving the location of the user's home directory before searching it a bit more explicable. commit 72bce53289d939c3539b7d3cb957b748a4b1d2ec Author: Jeff Layton <jlayton at samba.org> Date: Thu Aug 23 07:46:40 2012 -0400 cifs.upcall: use strncmp in scandir filter function We want to require that the filename begins with the correct string, not just that it contains it somewhere. Signed-off-by: Jeff Layton <jlayton at samba.org> commit a0bf123541ec6fd53948f41f17c9dba5d6a43648 Author: Jeff Layton <jlayton at samba.org> Date: Thu Aug 23 10:18:02 2012 -0400 mount.cifs: silence compiler warnings about ignoring return code In this case we explicitly don't care what these functions return, so declare a couple of unused variables to catch the results. Signed-off-by: Jeff Layton <jlayton at samba.org> commit 82f93c44343f281ce61f547ff8f9e5f79945cb20 Author: Jeff Layton <jlayton at samba.org> Date: Wed Sep 12 07:49:44 2012 -0400 mount.cifs: running out of addresses is not a system error This patch fixes a minor regression. It used to be that when the mount helper would run out of addresses that it would return EX_FAIL to userspace. It now returns EX_SYSERR which is incorrect. Reinstate the correct error code. Reported-by: Ales Zelinka <azelinka at redhat.com> Signed-off-by: Jeff Layton <jlayton at samba.org> commit 67e0f46bfc39d280986f20c7074039151cb188ba Author: Jeff Layton <jlayton at samba.org> Date: Tue Sep 25 11:07:08 2012 -0400 manpage: clarify usage of the username= option Specifying the username as "user=" can confuse some versions of /bin/mount, and cause it to append noexec to the mount string. Also, remove the blurb about how cifs.ko will accept abbreviations -- it's just bad practice since it leads to these sorts of conflicts. A wonderful example of this confusion was reported by Stefan here: https://bugzilla.redhat.com/show_bug.cgi?id=860154 Reported-by: Stefan Walter <walteste at inf.ethz.ch> Signed-off-by: Jeff Layton <jlayton at samba.org> commit 0705ac30ce5e8a7a7d72253d6ad6e79e73a2bfb0 Author: Jeff Layton <jlayton at samba.org> Date: Mon Oct 8 06:44:49 2012 -0400 mount.cifs: implement the "nofail" option The mount(8) manpage lists this as a fs-independent option: nofail: Do not report errors for this device if it does not exist. Implement that in mount.cifs by not returning an error if we were unable to find a suitable address for the mount attempt. Reported-by: Peter Trenholme <PTrenholme at gmail.com> Signed-off-by: Jeff Layton <jlayton at samba.org> commit 8d70e81f0a486fc02ecb0fe38d61fd8f45b89772 Author: Jeff Layton <jlayton at samba.org> Date: Tue Oct 9 15:21:33 2012 -0400 autoconf: set version to 5.7 Signed-off-by: Jeff Layton <jlayton at samba.org> - -- Jeff Layton <jlayton at samba.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) iQIcBAEBAgAGBQJQdMaJAAoJEAAOaEEZVoIV5N8QAI9t0QiE6BQMiQzF42TX4qWR aP/JeSNTMpQhxFLrzCiSlz0zj/5AquzGSU3zrRF4HUKGrIIjT3vvjKNA6FSnA234 930B+jjKI1J5uEvBeQ6eCZwUaVPJq8FuFVe5XgZvKzdslYaFk3hjnrz3fqKT0HAh Dp81pTe2/tD8hQpE4keuza4A3e+/UsdsuR9DX5NBbNKdTBdwIyE0jTEsvrOJ/2qk FV2vyGV7mjeQVnjQTG/IsjPJA94Zr5VZhtKpLTRvzZ3W3rsEe8O1ZFu1LweJv6lm 1klX6zUX455JmHYzu/lA+TTc6hOiOVYf57+ZzAmLYX8datsgQbYLVR8fhSAgC/OZ DxI1cmQLL2iq/bRbB6C/pcF7cwAzeQa+GclrscWFc0ZzKY4pepN98vlrMemRkvDk hjgPbcU7PEblhegwYNo6OBTmXNF5q+uJ7EQdfQX0r6KwnVNXE37shHPk0PfSVL6/ r1Q/1BSJ0+j2HKe2i7Y5cJIEbZYjtV6vFCijBeghGbt4+4gHnj1sJn8HBB/1H+E/ mhdQkcKVaCTRriE4JZ6xMeBGgo4LHAjSGVuv1Xi4w2C2Hwhl7jZQnAiPUJgDOvpv 6Oqxshs1sU6iyy1cId+Gk7XqGoZXVd6LzKms3mwaK8tzYwONf9Y8ebs12j4e8WhV 6PGWfV2oblB1xqP5tfAo =xI5l -----END PGP SIGNATURE-----
Jeff Layton
2012-Oct-10 00:55 UTC
[Samba] ANNOUNCE: cifs-utils release *5.7* is ready for download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 9 Oct 2012 20:51:21 -0400 Jeff Layton <jlayton at samba.org> wrote:> Hash: SHA1 > > Time for another cifs-utils release! > > Nothing terribly earth shattering here. Some distros (like Fedora) are > moving krb5 credcaches out of /tmp by default. Users of these distros > will definitely want to upgrade. > > Highlights: > > * Fixes for mounting with '/' in usernames with sec=krb5 > > * Support for DIR: type krb5 ccaches > > * support for "nofail" option in mount.cifs > > webpage: https://wiki.samba.org/index.php/LinuxCIFS_utils > tarball: ftp://ftp.samba.org/pub/linux-cifs/cifs-utils/ > git: git://git.samba.org/cifs-utils.git > gitweb: http://git.samba.org/?p=cifs-utils.git;a=summary > > Detailed list of changes since 5.6: > > commit 692842e34c1f2fcc84b6b64136f5e28dd7062f46 > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 7 11:06:41 2012 -0400 > > autoconf: set version to 5.6.1 for interim builds > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 569cfcb3a467dfdf967a36ed6f7896559edab2ba > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 7 11:11:26 2012 -0400 > > mount.cifs: deprecate the DOMAIN/username%password username syntax > > mount.cifs has in the past allowed users to specify a username using > the above syntax, which would populate the domain and password fields > with the different pieces. > > Unfortunately, there are cases where it is legit to have a '/' in a > username. krb5 SPNs generally contain a '/' and we have no clear way > to distinguish between the two. > > I don't see any real value in keeping that syntax allowed. It's no > easier than specifying "pass=" and "domain=" on the command line. Ditto > for credential files. > > Begin the transition away from that syntax by adding a warning message > that support for it will be removed in 5.9. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 3a965467611637ca05bcd55460ff69fec6ad8be7 > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 7 11:52:15 2012 -0400 > > mount.cifs: handle username= differently depending on sec= option > > This patch is intended as a temporary workaround for krb5 users that need > to specify usernames with '/' in them. I intend to remove this hack from > mount.cifs once the legacy username handling code is removed. > > The idea here is to save off the raw username string while we're parsing > options. If the mount options specify "sec=krb5" or "sec=krb5i" then > we'll not do the legacy username parsing and will instead just pass in > the username string as-is. > > Obviously, this is a nasty hack and we don't really want to carry this > in perpetuity, so this can go away once the "legacy" username parsing > has gone away. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 377898e63a8689b0e8c5c656ce9cfa98223cf74b > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Aug 21 15:18:54 2012 -0400 > > cifs-utils: fix up references to getcifsacl and setcifsacl files > > When I moved the manpages for this to section 1, I missed some references > to them. Also, get rid of the unneeded clean-local-aclprogs makefile target. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit d006986221b7f1aad50e894851dc573650b7611c > Author: Nalin Dahyabhai <nalin at redhat.com> > Date: Thu Aug 23 11:14:45 2012 -0400 > > cifs.upcall: also consider DIR:-type ccaches > > If we encounter a subdirectory while scanning a directory for a user's > ccache, check if it's a "DIR" ccache. Otherwise, continue as before, > checking if it's a "FILE" ccache if it looks like a regular file. > > commit ca0894e40480a9115c6bad670149b075646ead2c > Author: Nalin Dahyabhai <nalin at redhat.com> > Date: Thu Aug 23 11:14:56 2012 -0400 > > cifs.upcall: scan /run/user/${UID} for ccaches, too > > When scanning for credential caches, check the user's directory under > /run/user first, then fall back to /tmp as we have previously. Because > we now call find_krb5_cc() twice (once for each directory), we move its > state to be outside of the function. We also add a substitution > mechanism to make the process of resolving the location of the user's > home directory before searching it a bit more explicable. > > commit 72bce53289d939c3539b7d3cb957b748a4b1d2ec > Author: Jeff Layton <jlayton at samba.org> > Date: Thu Aug 23 07:46:40 2012 -0400 > > cifs.upcall: use strncmp in scandir filter function > > We want to require that the filename begins with the correct string, > not just that it contains it somewhere. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit a0bf123541ec6fd53948f41f17c9dba5d6a43648 > Author: Jeff Layton <jlayton at samba.org> > Date: Thu Aug 23 10:18:02 2012 -0400 > > mount.cifs: silence compiler warnings about ignoring return code > > In this case we explicitly don't care what these functions return, so > declare a couple of unused variables to catch the results. > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 82f93c44343f281ce61f547ff8f9e5f79945cb20 > Author: Jeff Layton <jlayton at samba.org> > Date: Wed Sep 12 07:49:44 2012 -0400 > > mount.cifs: running out of addresses is not a system error > > This patch fixes a minor regression. It used to be that when the mount > helper would run out of addresses that it would return EX_FAIL to > userspace. It now returns EX_SYSERR which is incorrect. Reinstate > the correct error code. > > Reported-by: Ales Zelinka <azelinka at redhat.com> > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 67e0f46bfc39d280986f20c7074039151cb188ba > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Sep 25 11:07:08 2012 -0400 > > manpage: clarify usage of the username= option > > Specifying the username as "user=" can confuse some versions of /bin/mount, > and cause it to append noexec to the mount string. Also, remove the blurb > about how cifs.ko will accept abbreviations -- it's just bad practice since > it leads to these sorts of conflicts. > > A wonderful example of this confusion was reported by Stefan here: > > https://bugzilla.redhat.com/show_bug.cgi?id=860154 > > Reported-by: Stefan Walter <walteste at inf.ethz.ch> > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 0705ac30ce5e8a7a7d72253d6ad6e79e73a2bfb0 > Author: Jeff Layton <jlayton at samba.org> > Date: Mon Oct 8 06:44:49 2012 -0400 > > mount.cifs: implement the "nofail" option > > The mount(8) manpage lists this as a fs-independent option: > > nofail: Do not report errors for this device if it does not exist. > > Implement that in mount.cifs by not returning an error if we were unable > to find a suitable address for the mount attempt. > > Reported-by: Peter Trenholme <PTrenholme at gmail.com> > Signed-off-by: Jeff Layton <jlayton at samba.org> > > commit 8d70e81f0a486fc02ecb0fe38d61fd8f45b89772 > Author: Jeff Layton <jlayton at samba.org> > Date: Tue Oct 9 15:21:33 2012 -0400 > > autoconf: set version to 5.7 > > Signed-off-by: Jeff Layton <jlayton at samba.org> > > - -- > Jeff Layton <jlayton at samba.org>Sigh... Obviously the Subject of the above message should have read 5.7... - -- Jeff Layton <jlayton at samba.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) iQIcBAEBAgAGBQJQdMdyAAoJEAAOaEEZVoIVHJoQALIEqqkOQoWplm0BG+VmOorq pBsDEgU+sjqfKfCJERbhGABSOqfzpNHshhuMlfVxaCPNCEaN3HGEjjl8w1GfLuMp 83SqO7EM4wjQQ2aQIWhSQ7AKB0yBheHi/8JgwrROJES8cslwt2EyLDexy5v/fWBC SllW5mWoRzPH7Fm/S+reeujRw6Z9F55zv2W1ifCCAPsfiXug6WkzJ7YSgcE0wtiR hKVFkJb96pdJPXHOtSPs9KapVv7VRh+7Tmbp8fK3k6ieBtOSpJWeny/neXLlxn3L Lytw5LTHd7vnahbUBKTluDjN2LBYHMaYN8O+cPB2UkJQFd5OilGZvIt96dkJAzcc t3AbHAwSaJBPh/fuDq2YYic7ArISXVrp3gCSMu+DtBkOE3MxqYuG4MMMQPj9uxfG r2XgQ0JcyBzH9nM+3/RMuXF1LEmSqa7DpXaFbAfAXkNAWMpfZKWWpD0i9pSVQ+61 QzyEXz+KyXxYPL2BpEEvezjSaJvGLjJg+2bJdLqmKtsJGuTVi0bjnGFG9Ap4VppX Kt/OP6wJOQPRVSe1+6XLMgfab1Ba/OD0zDG2Si0DeF4cmOs1CyYQ5dL8N4DMmZ4P dftdirnb+++zCIIvLUyhwEswU4FdgLHFyUuH+AeckWeWhS6euA8XH7P7MYyOA9Pa bT1ceyKiJARqjBA0m9nY =Md7S -----END PGP SIGNATURE-----
Reasonably Related Threads
- cifs-utils: regression in (mulituser?) mounting 'CIFS VFS: Send error in SessSetup = -126'
- cifs-utils: regression in (mulituser?) mounting 'CIFS VFS: Send error in SessSetup = -126'
- [PATCH] MAINTAINERS: Update my email address
- cifs-utils: regression in (mulituser?) mounting 'CIFS VFS: Send error in SessSetup = -126'
- ANNOUNCE: cifs-utils release 4.1 available for download