cifs multiuser sends wrong uid:gid

steve <steve@xxxxxxxxxxxx> · Fri, 12 Apr 2013 11:20:15 +0200

Hi
samba 4.0.5
openSUSE 12.3 cifs-utils-5.9

I have a share:
[users]
path = /home/users
read only = No

I mount it as root:
h16:/tmp # kinit Administrator
Password for Administrator@xxxxxxxx:

hh16:/tmp # klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator@xxxxxxxx

Valid starting Expires Service principal
04/12/13 11:06:37 04/12/13 21:06:37 krbtgt/HH3.SITE@xxxxxxxx
renew until 04/13/13 11:06:30

hh16:/tmp # mount.cifs //hh16.hh3.site/users /mnt --verbose 
-osec=krb5,multiuser
mount.cifs kernel mount options: 
ip=192.168.1.16,unc=\\hh16.hh3.site\users,sec=krb5,multiuser,user=steve,pass=********

.
2013-04-12T11:05:49.678122+02:00 hh16 cifs.upcall: key description: 
cifs.spnego;0;0;3f000000;ver=0x2;host=hh16.hh3.site;ip4=192.168.1.16;sec=krb5;uid=0x0;creduid=0x0;user=steve;pid=0xaa9
2013-04-12T11:05:49.678807+02:00 hh16 cifs.upcall: ver=2
2013-04-12T11:05:49.678950+02:00 hh16 cifs.upcall: host=hh16.hh3.site
2013-04-12T11:05:49.681949+02:00 hh16 cifs.upcall: ip=192.168.1.16
2013-04-12T11:05:49.681974+02:00 hh16 cifs.upcall: sec=1
2013-04-12T11:05:49.681981+02:00 hh16 cifs.upcall: uid=0
2013-04-12T11:05:49.681986+02:00 hh16 cifs.upcall: creduid=0
2013-04-12T11:05:49.681991+02:00 hh16 cifs.upcall: user=steve
2013-04-12T11:05:49.682443+02:00 hh16 cifs.upcall: pid=2729
2013-04-12T11:05:49.683046+02:00 hh16 cifs.upcall: find_krb5_cc: scandir 
error on directory '/run/user/0': No such file or directory
2013-04-12T11:05:49.683488+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_1000
2013-04-12T11:05:49.683902+02:00 hh16 cifs.upcall: find_krb5_cc: 
/tmp/krb5cc_1000 is owned by 1000, not 0
2013-04-12T11:05:49.684385+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_3000034
2013-04-12T11:05:49.684779+02:00 hh16 cifs.upcall: find_krb5_cc: 
/tmp/krb5cc_3000034 is owned by 3000034, not 0
2013-04-12T11:05:49.685567+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_3000032
2013-04-12T11:05:49.686041+02:00 hh16 cifs.upcall: find_krb5_cc: 
/tmp/krb5cc_3000032 is owned by 3000032, not 0
2013-04-12T11:05:49.686352+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_0
2013-04-12T11:05:49.686638+02:00 hh16 cifs.upcall: find_krb5_cc: 
FILE:/tmp/krb5cc_0 is valid ccache
2013-04-12T11:05:49.686919+02:00 hh16 cifs.upcall: handle_krb5_mech: 
getting service ticket for hh16.hh3.site
2013-04-12T11:05:49.687248+02:00 hh16 cifs.upcall: handle_krb5_mech: 
obtained service ticket
2013-04-12T11:05:49.687523+02:00 hh16 cifs.upcall: Exit status 0

hh16:/tmp # su steve2
steve2@hh16:/tmp> kinit steve2
Password for steve2@xxxxxxxx:
steve2@hh16:/tmp> cd /mnt/steve2
steve2@hh16:/mnt/steve2> touch j
touch: cannot touch ‘j’: Permission denied
2
2013-04-12T11:10:48.599379+02:00 hh16 cifs.upcall: key description: 
cifs.spnego;3000034;20513;3f000000;ver=0x2;host=hh16.hh3.site;ip4=192.168.1.16;sec=krb5;uid=0x2dc6e2;creduid=0x2dc6e2;pid=0xb5a
2013-04-12T11:10:48.599412+02:00 hh16 cifs.upcall: ver=2
2013-04-12T11:10:48.601816+02:00 hh16 cifs.upcall: host=hh16.hh3.site
2013-04-12T11:10:48.601840+02:00 hh16 cifs.upcall: ip=192.168.1.16
2013-04-12T11:10:48.601847+02:00 hh16 cifs.upcall: sec=1
2013-04-12T11:10:48.601852+02:00 hh16 cifs.upcall: uid=3000034
2013-04-12T11:10:48.601857+02:00 hh16 cifs.upcall: creduid=3000034
2013-04-12T11:10:48.602956+02:00 hh16 cifs.upcall: pid=2906
2013-04-12T11:10:48.602978+02:00 hh16 cifs.upcall: find_krb5_cc: scandir 
error on directory '/run/user/3000034': No such file or directory
2013-04-12T11:10:48.603432+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_1000
2013-04-12T11:10:48.604677+02:00 hh16 cifs.upcall: find_krb5_cc: 
/tmp/krb5cc_1000 is owned by 1000, not 3000034
2013-04-12T11:10:48.605262+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_3000034
2013-04-12T11:10:48.605779+02:00 hh16 cifs.upcall: find_krb5_cc: 
FILE:/tmp/krb5cc_3000034 is valid ccache
2013-04-12T11:10:48.607568+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_3000032
2013-04-12T11:10:48.608414+02:00 hh16 cifs.upcall: find_krb5_cc: 
/tmp/krb5cc_3000032 is owned by 3000032, not 3000034
2013-04-12T11:10:48.608948+02:00 hh16 cifs.upcall: find_krb5_cc: 
considering /tmp/krb5cc_0
2013-04-12T11:10:48.609470+02:00 hh16 cifs.upcall: find_krb5_cc: 
/tmp/krb5cc_0 is owned by 0, not 3000034
2013-04-12T11:10:48.610854+02:00 hh16 cifs.upcall: handle_krb5_mech: 
getting service ticket for hh16.hh3.site
2013-04-12T11:10:48.615154+02:00 hh16 cifs.upcall: handle_krb5_mech: 
obtained service ticket
2013-04-12T11:10:48.615189+02:00 hh16 cifs.upcall: Exit status 0
hh16:/tmp #

That seems fine except that the wrong uid:gid has been sent to the mount 
for steve2 so he can't write to his cifs mounted folder.

To investigate this, I made his folder 0777 and then created a file in 
the share:

hh16:/home/users # chmod 0777 steve2/
hh16:/home/users # su steve2
steve2@hh16:/home/users> cd /mnt/steve2
steve2@hh16:/mnt/steve2> touch testfile
steve2@hh16:/mnt/steve2> ls -l
total 1024
-rw-r--r-- 1 steve2 Domain Users 0 Apr 12 09:58 j
-rwxrwxr-x+ 1 3000019 users 0 Apr 12 11:14 testfile

cifs has sent 3000019:100 as the uid:gid It should send 3000034:20513

Question:
- why is user=steve specified on the mount command? (I am unix user 
steve. steve2 is a domain user, but I'm doing the mount as root)
- What am I doing wrong?

Cheers,
Steve

--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html