Product SiteDocumentation Site

1.22. cifs-utils

1.22.1. RHBA-2011:0380: bug fix update

An updated cifs-utils package that fixes a bug is now available for Red Hat Enterprise Linux 6.
The Server Message Block (SMB), also known as Common Internet File System (CIFS), is a standard file-sharing protocol widely deployed on Windows machines. The tools included in this package work in conjunction with support in the kernel to allow users to mount a SMB/CIFS share onto a client, and use it as if it were a standard Linux file system.
This update fixes the following bug:
  • Due to an error in the cifs.upcall utility, Generic Security Services Application Program Interface (GSSAPI) channel bindings in Kerberos authentication messages were not set properly. This would cause some servers to reject authentication requests. Consequent to this, an attempt to mount a CIFS share with the security mode set to "krb5" could fail with the following error: 
    mount error(5): Input/output error
    This update corrects the cifs.upcall utility to set the GSSAPI channel bindings properly, and such CIFS shares can now be mounted as expected. (BZ#668366)
All users of cifs-utils are advised to upgrade to this updated package, which resolves this issue.

1.22.2. RHBA-2011:0569: bug fix update

An updated cifs-utils package that fixes five bugs is available.
The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. This package contains tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a SMB/CIFS share onto a client and use it as if it were a standard Linux file system.
The cifs-utils package has been updated to the latest upstream version. Bugs fixed in this updated package include:
  • While trying to mount a share (DFS or 'classic') with Kerberos, a "mount error(5): Input/output error" occurred due to a problem with the MIT krb5 libraries. cifs.upcall now sets the GSSAPI checksum properly in SPNEGO blobs. This is necessary for proper interoperability with EMC servers when using krb5 authentication, and allows for a successful mount . (BZ#645127)
  • When mounting a share as root with kerberos, cifs.upcall used the ticket of root (/tmp/krb5cc_0) instead the one of the user specified with 'uid=' or 'user='. This was due to the --legacy-uid command line option for cifs.upcall not being properly implemented. This patch ensures that this option can be properly implemented, allowing successful mounting of a share as root with kerberos. (BZ#667382)
  • When two CIFS shares were mounted on the same server, each for a different user who had valid krb5 credentials, only the one mounted first could access the data. This was because cifs had a built in design limitation of a single set of credentials per mount. That limitation caused the implementation of a number of hacks to deal with it. With this patch mount.cifs now supports the 'cruid=' mount option, fixing this issue. (BZ#669377)
  • mount.cifs did not handle numeric uid=, gid=, or cruid= options correctly, and would often return an error when they were specified. With this patch, a check is run to see if any error occurred by setting errno to 0 before the conversion. If an error occurs, the broken value is treated as a name, allowing it to be correctly handled. Additionaly, this path fixes a compiler warning about cruid being uninitialized. (BZ#696951)
  • In order to update the man pages and include a couple small patches, cifs-utils has been rebased to 4.8.1. (BZ#658981)
All users who are using the cifs file system should update to this new package in order to take advantage of these bug fixes.