I think I see the source of the problem.... When I do this:
# sudo strace -fo/tmp/a -p $$ & # sudo mount -t cifs -o username=me,rw,uid=me,gid=mygroup,port=445,sec=krb5,creduid=/tmp/krb5cc_1000 \\\\server.example.com\\home\\me /mnt/me mount error(22): Invalid argument Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) # kill %1 # grep krb5cc /tmp/a 8619 access("/tmp/krb5cc_1000", R_OK) = 0 8619 open("/tmp/krb5cc_1000", O_RDONLY) = 3 # grep ' mount(' /tmp/a 8618 mount("\\\\server.example.com\\home\\me", ".", "cifs", 0, "ip=1.2.3.4,unc=\\\\server.example."...) = -1 EINVAL (Invalid argument) # dmesg | grep CIFS [ 4634.121902] CIFS: Unknown mount option "creduid=/tmp/krb5cc_1000" When I don't used 'creduid=', the mount command returns: mount error(126): Required key not available Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and the strace output shows that it doesn't try accessing /tmp/krb5cc_* at all. When I instead try 'cruid=1000', the same error occurs, and again, no /tmp/krb5cc_* files are being accessed. In short, I think that either the cifs kernel module needs to allow the creduid option, or the mount.cifs program needs to strip it out before calling mount(). After that, I don't know what else has to happen; perhaps both creduid= and cruid= need to be specified? Or perhaps creduid= needs to be renamed to kccf= (kerberos cached credentials file, a name pulled out of a hat)? Hopefully someone finally makes cifs+kerberos work from /etc/fstab or /etc/pam.d so that it can be mounted when I log in, without having to enter my password again. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/676525 Title: mount.cifs cannot mount with kerberos To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/676525/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs