I've found another interesting fact by searching the mount.cifs man
page, quote:
sec=
Security mode. Allowed values are:
· none - attempt to connection as a null user (no name)
· krb5 - Use Kerberos version 5 authentication
· krb5i - Use Kerberos authentication and forcibly enable
packet signing
· ntlm - Use NTLM password hashing
· ntlmi - Use NTLM password hashing and force packet
signing
· ntlmv2 - Use NTLMv2 password hashing
· ntlmv2i - Use NTLMv2 password hashing and force packet
signing
· ntlmssp - Use NTLMv2 password hashing encapsulated in Raw
NTLMSSP message
· ntlmsspi - Use NTLMv2 password hashing encapsulated in
Raw NTLMSSP message, and force packet signing
The default in mainline kernel versions prior to v3.8 was
sec=ntlm. In v3.8, the default was changed to sec=ntlmssp.
If the server requires signing during protocol negotiation,
then it may be enabled automatically. Packet signing may also be enabled
automatically if it's enabled in /proc/fs/cifs/SecurityFlags.
With this in mind, if I go ahead and change the mount to use vers=3.0 again and
add option sec=ntlmsspi it works like a charm, see below example:
//x.y.z.w/share /mnt/share cifs
vers=3.0,iocharset=utf8,noperm,rw,uid=root,file_mode=0660,dir_mode=0770,credentials=/credentials.file,sec=ntlmsspi
0 0
Above fix works on both Xenial (using 4.4.0-98-generic) and Trusty
(using 3.13.0-135-generic)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1729337
Title:
CIFS errors on 4.4.0-98, but not on 4.4.0-97 with same config
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Xenial:
In Progress
Bug description:
We have a cluster of servers that applied a security update overnight
and were unable to mount CIFS shares after upgrading to 4.4.0-98. The
same machines on 4.4.0-97 were fine the night before, and are fine
after downgrading. The only error message CIFS would report, even on
verbose, was:
[ 257.089876] CIFS VFS: validate protocol negotiate failed: -11
[ 257.089964] CIFS VFS: cifs_mount failed w/return code = -5
Rebooting did not help. Nor did attempting to mount the share
manually using mount -t cifs.
Here's the offending line from our /etc/fstab (with hostnames
sanitized):
//server/share /mnt/share cifs
rw,user,credentials=/etc/samba/credentials.share,uid=33,gid=33,file_mode=0770,dir_mode=0770
,exec,soft,noserverino,vers=3.0 0 0
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-98-generic 4.4.0-98.121
ProcVersionSignature: Ubuntu 4.4.0-98.121-generic 4.4.90
Uname: Linux 4.4.0-98-generic x86_64
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Nov 1 07:56 seq
crw-rw---- 1 root audio 116, 33 Nov 1 07:56 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.20.1-0ubuntu2.10
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq',
'/dev/snd/timer'] failed with exit code 1:
Date: Wed Nov 1 08:49:47 2017
HibernationDevice: RESUME=/dev/mapper/ubuntu--template--vg-swap_1
InstallationDate: Installed on 2016-12-16 (319 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64
(20160719)
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: VMware, Inc. VMware Virtual Platform
PciMultimedia:
ProcFB: 0 svgadrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-98-generic
root=/dev/mapper/ubuntu--template--vg-root ro
RelatedPackageVersions:
linux-restricted-modules-4.4.0-98-generic N/A
linux-backports-modules-4.4.0-98-generic N/A
linux-firmware 1.157.13
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 09/21/2015
dmi.bios.vendor: Phoenix Technologies LTD
dmi.bios.version: 6.00
dmi.board.name: 440BX Desktop Reference Platform
dmi.board.vendor: Intel Corporation
dmi.board.version: None
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 1
dmi.chassis.vendor: No Enclosure
dmi.chassis.version: N/A
dmi.modalias:
dmi:bvnPhoenixTechnologiesLTD:bvr6.00:bd09/21/2015:svnVMware,Inc.:pnVMwareVirtualPlatform:pvrNone:rvnIntelCorporation:rn440BXDesktopReferencePlatform:rvrNone:cvnNoEnclosure:ct1:cvrN/A:
dmi.product.name: VMware Virtual Platform
dmi.product.version: None
dmi.sys.vendor: VMware, Inc.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1729337/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
