[Pkg-samba-maint] Bug#967972: cifs-utils: fails to mount filesystem when keyutils is not installed
Jonathon Reinhart
jonathon.reinhart at gmail.com
Mon Jun 7 05:33:05 BST 2021
Some sources incorrectly indicate that keyutils is only needed with
DFS, but keyutils is also needed when using CIFS w/ Kerberos
authentication.
When trying to mount a CIFS share using kerberos (sec=krb5), the
kernel invokes /sbin/request-key to request a key from userspace. Then
cifs.upcall (from cifs-utils) is executed to handle the SPNEGO
authentication.
If keyutils is not installed, then /sbin/request-key is absent, and
the kernel is completely silent about this.
[ +0.497021] CIFS VFS: Send error in SessSetup = -2
[ +0.000992] CIFS VFS: cifs_mount failed w/return code = -2
Thus, I strongly agree with the proposal for cifs-utils to *Recommend*
keyutils, rather than merely *Suggesting* it.
More information about the Pkg-samba-maint
mailing list