Jeff Layton píše v Pá 06. 07. 2012 v 14:15 -0400: Hello Jeff, > On Wed, 04 Jul 2012 20:52:17 +0200 > Milan Knížek <knizek.confy@xxxxxxxxx> wrote: > > To move on for multiuser: adding the credentials to the keyring: > > [user1@client /]$ cifscreds add server > > and typing in the password. > > > > (Similarly for user2.) > > > > When I remount the same share with "multiuser" option with the > > credentials of user1, the share is accessible only by the root user, the > > users user1 and user2 cannot list the mount point (cannot access /mnt: > > Permission denied) > > > > Can you clarify exactly what you did above? How, exactly did you > remount the share? I actually unmounted and mounted again with the extra "multiuser" option. > > Adding cifscreds has exit code 0. Running "cifscreds clearall" results > > in "You have no stashed cifs credentials. If you want to add them use: > > cifscreds add" and exit code 1. That's weird. > > > > After you do the "cifscreds add", if you then do a "keyctl show" does > it show the cifs keys attached to your session keyring? > > One thing that may be biting you: cifscreds attaches the keys to the > session keyring. If you do the "add" in one session and then try to > access from another, it won't work since the keys just aren't present. > The fact that "clearall" doesn't find any creds leads me to suspect > that's what's going on here. > > The scope of a "session" in keys parlance is unfortunately somewhat > poorly defined, but you basically need to do the "cifscreds add" from > each login. A graphical login on the console would be a single session > however. Hm, I will need to read more on the keyrings in kernel... Anyway, here are some details: [root@client /]# su - zmrzlinka [zmrzlinka@client ~]$ keyctl show Session Keyring 14048542 --alswrv 1001 -1 keyring: _uid_ses.1001 320075663 --alswrv 1001 -1 \_ keyring: _uid.1001 [zmrzlinka@client ~]$ cifscreds add -u zmrzlinka toillet Password: [blabla] [zmrzlinka@client ~]$ keyctl show Session Keyring 14048542 --alswrv 1001 -1 keyring: _uid_ses.1001 320075663 --alswrv 1001 -1 \_ keyring: _uid.1001 It does not seem to change anything. Is there a way how to add the key to the keyring using "keyctl" instead of "cifscreds" (for testing purposes)? Regards, Milan -- http://milan-knizek.net -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
