Cannot mount cifs shares as normal user on directories not owned by the user

Bug #106146 reported by striscio
28
This bug affects 2 people
Affects Status Importance Assigned to Milestone
samba
Fix Released
Medium
samba (Debian)
Fix Released
Unknown
samba (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

I can't set a cifs share user mountable. I read on man (8) mount.cifs that I have to set mount.cifs setuid root.
I set it with a
chmod +s /sbin/mount.cifs
but I cant get the share mounted as normal user nor invoking mount.cifs nor via fstab entry.
This is very annoying. Anyone else is experiencing this?

Revision history for this message
striscio (gianpaolo-racca) wrote :

I forgot to report the erro message I get:
mount error: permission denied or not superuser and mount.cifs not installed SUID
but:

gianpaolo@pequod:~$ ls -l `which mount.cifs`
-rwsr-sr-x 1 root root 19832 2007-02-06 02:36 /sbin/mount.cifs

which seems to setuid

Revision history for this message
striscio (gianpaolo-racca) wrote :

Solved!
A normal user bust own the mount point to be able to mount cifs shares, even if mount.cifs is setuid.
See
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403700
for details
IMHO if a share is defined as user mountable in fstab it should be mounted despite the owner of the mount point (given write permission on the mount point, of course).
In any case the error message is misleading.
HTH

Revision history for this message
Ralph Janke (txwikinger) wrote :

Thanks for your bug report.

I confirm the bug due to the existence of the upstream bug report.

I don't think it is a bug, but a design decision as mentioned in the upstream bug report.

I think this should be decided according to the decision made in the upstream bug report, and rejected if it is rejected there.

Changed in samba:
assignee: nobody → rjanke
status: Unconfirmed → Confirmed
Changed in samba:
status: Unknown → Fix Released
Revision history for this message
Ralph Janke (txwikinger) wrote :

This issue is accepted and fix in upstream debian.

Changed in samba:
assignee: rjanke → nobody
Revision history for this message
striscio (gianpaolo-racca) wrote : Re: [Bug 106146] Re: Cannot mount cifs shares as normal user

On 4/24/07, txwikinger <email address hidden> wrote:
> This issue is accepted and fix in upstream debian.
>

I had a look at debian bug tracking system,
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403700) but I didn't
find any change to that bug.
Could you point me to some more information about the fix?

Revision history for this message
Sridhar Dhanapalan (sridhar) wrote : Re: Cannot mount cifs shares as normal user

IMHO the Debian bug report was prematurely closed. Cifs should be able to be mounted just like any other FS. So if I have a cifs entry in fstab with the option 'users', I should be able to mount/umount as a normal user, regardless of who owns the mount point. That is how it works with other filesystems, so why should it be any different for cifs?

Revision history for this message
Sergey V. Udaltsov (sergey-udaltsov) wrote :

Same problem here on gutsy/ppc64

Revision history for this message
Mathias Gug (mathiaz) wrote :

According to this thread http://marc.info/?l=linux-fsdevel&m=113288468305873&w=2, there is security risk in enabling a non-root user to mount a cifs share to a mount point that don't own.

The behavior is different from nfs because nfs mounting is directly handled by the mount command, whereas cifs mounts are handled by an external binary (mount.cifs).

OTHO the error message is not that good and may be improved.

Changed in samba:
importance: Undecided → Low
status: Confirmed → Triaged
Changed in samba:
status: Unknown → Confirmed
Revision history for this message
DonQuichote (r-launchpad-w-p-dds-nl) wrote :

I had the problem that I could mount the shares through /etc/fstab, but did not have the rights on them afterwards, even though I owned the mount points. I solved it by adding "uid=<username>" to the fstab lines.

Hope this helps.

Revision history for this message
Jack Hanison (jack-hanison) wrote :

The upstream bug logged against the CifsVFS module within samba https://bugzilla.samba.org/show_bug.cgi?id=1617 has not been updated in nearly two years. I've pinged a comment on that bug to enquire as to the status.

My suggestion is that if the upstream bug is not fixed, a Ubuntu patch should be built into the ubuntu distributed version that implements C. Russell Lehman's proposed fix (as per the bug report in samba's bugzilla).

Revision history for this message
Christian Perrier (bubulle) wrote : Re: [Bug 106146] Re: Cannot mount cifs shares as normal user on directories not owned by the user

Quoting Jack Hanison (<email address hidden>):
> The upstream bug logged against the CifsVFS module within samba
> https://bugzilla.samba.org/show_bug.cgi?id=1617 has not been updated in
> nearly two years. I've pinged a comment on that bug to enquire as to the
> status.

Please also note that this bug is recorded in Debian BTS as #177584.

If someone knows how to link Ubuntu bugs and Debian bugs, please do
it..:-)

I would personnally vote against applying a fix for this if it doesn't
get upstream's approval.

For Debian's samba packages, we always avoid applying changes that
aren't motivated by something specific to the distribution...and I'd
suggest the Ubuntu packagers to apply the same policy (as of now,
Ubuntu packages are as close as possible to Debian ones).

Steve Langasek (vorlon)
Changed in samba:
status: Fix Released → Unknown
Changed in samba:
status: Unknown → Confirmed
Changed in samba:
status: Confirmed → Fix Released
Changed in samba (Debian):
status: Confirmed → Fix Released
Changed in samba:
importance: Unknown → Medium
Revision history for this message
Chuck Short (zulcss) wrote :

This is fixed in 3.5.0 and above.

Changed in samba (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.