similar to: ANNOUNCE: cifs-utils release 5.6 is ready for download

On Fri, 2017-02-10 at 11:15 -0600, Chad William Seys wrote: > Hi Jeff, > > > So we have a default credcache for the user for whom we are operating > > as, but we can't get the default principal name from it. My guess is > > that it's not finding the > > This mount is run by root UID=0 and seems to be find that credential > cache without problem (earlier

On Fri, 2017-02-10 at 14:14 -0500, Simo Sorce wrote: > On Fri, 2017-02-10 at 13:30 -0500, Jeff Layton wrote: > > On Fri, 2017-02-10 at 12:39 -0500, Jeff Layton wrote: > > > On Fri, 2017-02-10 at 11:15 -0600, Chad William Seys wrote: > > > > Hi Jeff, > > > > > > > > > So we have a default credcache for the user for whom we are > > >

Update MAINTAINERS and .mailmap with my @linaro.org address, since I don't have access to my @arm.com address anymore. Signed-off-by: Jean-Philippe Brucker <jean-philippe at linaro.org> --- .mailmap | 1 + MAINTAINERS | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.mailmap b/.mailmap index 0fef932de3db..8ce554b9c9f1 100644 --- a/.mailmap +++ b/.mailmap @@

On Fri, 2017-02-10 at 15:14 -0500, Simo Sorce wrote: > On Fri, 2017-02-10 at 14:29 -0500, Jeff Layton wrote: > > On Fri, 2017-02-10 at 14:14 -0500, Simo Sorce wrote: > > > On Fri, 2017-02-10 at 13:30 -0500, Jeff Layton wrote: > > > > On Fri, 2017-02-10 at 12:39 -0500, Jeff Layton wrote: > > > > > On Fri, 2017-02-10 at 11:15 -0600, Chad William Seys

This release is primarily a number of small bugfixes and cleanups. I wanted to do a release with those prior to the coming overhaul of mount.cifs to allow it to more safely be installed setuid root. There a couple of other noticeable changes too: - the version reported by all programs in the tarball now matches the VERSION define set by autoconf. That is, if someone runs "mount.cifs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nothing terribly earth-shattering in this release. We had a number of reports of build-breaking problems in version 5.4, mostly due to the fact that we now turn on -Werror by default, and a number of patches to fix them. I'm starting to have doubts as to whether it's a good idea to keep - -Werror in the default CFLAGS. This is built in a

On Thu, 2017-02-09 at 14:45 -0600, Chad William Seys wrote: > Hi Jeff, > Could you look at the following mailing list posting? > > https://lists.samba.org/archive/samba/2017-February/206468.html > > It looks like cifs.upcall has changed its behavior. As described in > that post, I can mount with root / kerberos, but then cannot access with > another user who has

Time for a new cifs-utils release! The main change in this release is a set of cleanups to cifs.upcall to make it more efficient and work better with alternate style credcaches. No longer does it blithely stumble around in /tmp looking for credcaches. We now just use the default credcache that to which the krb5.conf points. Go forth and download!

The main change in this release is to address some regressions that crept in when we switched to a scheme that does not rely on walking /tmp to look for credcaches. We now will use the information from the kernel about the initiating pid, reach into that task's environment and scrape out the $KRB5CCNAME variable. This can be problematic in setuid situations, so we avoid doing that for the

In the latest Fedora rawhide kernel in the repos, I'm seeing the following oops when mounting xfs. rc2-ish kernels seem to be fine: [ 64.669633] ------------[ cut here ]------------ [ 64.670008] kernel BUG at drivers/block/virtio_blk.c:172! [ 64.670008] invalid opcode: 0000 [#1] SMP [ 64.670008] Modules linked in: xfs libcrc32c snd_hda_codec_generic snd_hda_intel snd_hda_controller

In the latest Fedora rawhide kernel in the repos, I'm seeing the following oops when mounting xfs. rc2-ish kernels seem to be fine: [ 64.669633] ------------[ cut here ]------------ [ 64.670008] kernel BUG at drivers/block/virtio_blk.c:172! [ 64.670008] invalid opcode: 0000 [#1] SMP [ 64.670008] Modules linked in: xfs libcrc32c snd_hda_codec_generic snd_hda_intel snd_hda_controller

struct timespec64 has unused bits in the tv_nsec field that can be used for other purposes. In future patches, we're going to change how the inode->i_ctime is accessed in certain inodes in order to make use of them. In order to do that safely though, we'll need to eradicate raw accesses of the inode->i_ctime field from the kernel. Add new accessor functions for the ctime that we can

Chad reported that he was seeing a regression in cifs-utils-6.6. Prior to that, cifs.upcall was able to find credcaches in non-default FILE: locations, but with the rework of that code, that ability was lost. Unfortunately, the krb5 library design doesn't really take into account the fact that we might need to find a credcache in a process that isn't descended from the session. When the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Time for another cifs-utils release! Most of the patches in this release are for cifs.idmap, getcifsacl and setcifsacl. There were many bugs in those tools, so anyone that's deploying or using them is highly encouraged to upgrade. Highlights: * NFS-style device names are being deprecated in 6.0. Anyone using that sort of device name should

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 With the overhaul of the cifscreds utility, I figured this would be a good time to do a new release. Highlights: * admins can now tell cifs.upcall to use an alternate krb5.conf file * on remount, mount.cifs no longer adds a duplicate mtab entry * the cifscreds utility has seen a major overhaul to allow for multiuser mounts without krb5 auth

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 With the merge of the new plugin interface, it's probably a good time for a new cifs-utils release. Distro packagers should take special note of the changes with the new plugin interface since it has implications for how the tools are packaged. In particular, it's necessary to set a symlink to the plugin in the correct location

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This release contains a significant overhaul of mount.cifs that is intended to make it safer to install setuid root. With this release, setuid capability is no longer disabled by default. Among the changes are: - - mount.cifs now does privilege separation. It forks very early and the child drops privileges. Most of the mount option processing is

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The last release (4.7) was back in October. We've had a number of good fixes committed in the last few weeks, so it's a good time to cut a new release. Also, note that I've transplanted the cifs-utils manpage to the Samba Wiki. The old URL still works and redirects browsers to the new page. o hardcoded paths in the cifs.upcall manpage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This release is primarily to fix a few bugs that were introduced with the mount.cifs overhaul in the last release. Most of the problems were issues with the handling of capabilities that prevented credential files from being accessed when mount.cifs was run by root. There are a few other changes: - - credential files accept parameter names

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Things have been relatively quiet lately. Time for a release! Highlights: * A lot of manpage updates, additions and corrections * cifs.idmap can now map uid/gid to SID in addition to the other way around * getcifsacl/setcifsacl are now installed by default in /usr/bin instead of /usr/sbin. The manpages are now in section 1. * cifs.upcall has a