[Pkg-samba-maint] Bug#572691: samba shares can no longer be mounted by user
Tobias Frost
tobi at frost.de
Mon Apr 5 20:24:48 UTC 2010
Package: cifs-utils
Version: 2:4.1-1
Severity: normal
Read the instruction in NEWS, added a line to /etc/fstab.
moria:/home/tobi# ls -la /sbin/mount.cifs
-rwxr-xr-x 1 root root 27716 Mar 24 08:06 /sbin/mount.cifs
moria:/home/tobi# cat /etc/fstab # (remark: only last line given)
//smbserver/share /mnt/smb_share smbfs user,noexec,noauto 0 0
but (as normal user):
- not-having mount.cifs setuid:
tobi at moria:mount /mnt/smb_share
/sbin/mount.cifs: not installed setuid - "user" CIFS mounts not supported.
- when having setuid:
tobi at moria:mount /mnt/smb_share
This mount.cifs program has been built with the ability to run as a setuid root program disabled.
mount.cifs has not been well audited for security holes. Therefore the Samba team does not recommend installing it as a setuid root program.
So two observations:
1 - The hints in NEWS (at least the fstab hint) won't work. (Or you should be more elaborate)
2 - The programm actually tells me "first do that" and after doing that it tells me "you cannot do that". That should be probably filed as another bug.
(Well, as it is kind-of already filed: #576314 New upstream 4.2 version available, the whole problem should be gone soon...)
Thnx
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-trunk-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages cifs-utils depends on:
ii libc6 2.10.2-5 Embedded GNU C Library: Shared lib
ii libkeyutils1 1.2-12 Linux Key Management Utilities (li
ii libkrb5-3 1.8+dfsg~alpha1-5 MIT Kerberos runtime libraries
ii libtalloc2 2.0.1-1 hierarchical pool based memory all
ii samba-common 2:3.4.7~dfsg-1 common files used by both the Samb
cifs-utils recommends no packages.
Versions of packages cifs-utils suggests:
ii smbclient 2:3.4.7~dfsg-1 command-line SMB/CIFS clients for
-- no debconf information
More information about the Pkg-samba-maint
mailing list