Bug ID 1199973
Summary Regression: samba update to 4.15.7+git.376 broke Nautilus share access for NT1 protocol
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.3
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Samba
Assignee samba-maintainers@SuSE.de
Reporter martin.wilck@suse.com
QA Contact samba-maintainers@SuSE.de
Found By ---
Blocker --- 

We've got an old NAS server that requires the "NT1" protocol. We can connect
using "client min protocol = NT1" in /etc/samba/smb.conf. This used to work
also with Nautilus and it's smb:// URI scheme, until the last update of
samba-client.

Since the update to samba-client 4.15.7+git.376.dd43aca9ab2, accessing shares
via nautilus  doesn't work any more. Nautilus opens a pop-up showing "invalid
argument". In the previous version 4.15.4+git.324.8332acf1a63, Nautilus would
show a password prompt and connect successfully with the right password. The
password prompt is never shown with 4.15.7+git.376.

But I can still connect via command line:

# smbclient -d5 //nasobem.local/josefine -U josefine
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
doing parameter workgroup = MITTAGSTUNDE
doing parameter passdb backend = tdbsam
doing parameter printing = cups
doing parameter printcap name = cups
doing parameter printcap cache time = 750
doing parameter cups options = raw
doing parameter map to guest = Bad User
doing parameter logon path = \\%L\profiles\.msprofile
doing parameter logon home = \\%L\%U\.9xprofile
doing parameter logon drive = P:
doing parameter usershare allow guests = No
doing parameter client min protocol = NT1
pm_process() returned Yes
added interface wlan0 ip=fd00::5430:8914:8532:921b bcast=
netmask=ffff:ffff:ffff:ffff::
added interface wlan0 ip=fd00::a395:90ab:5502:d78a bcast=
netmask=ffff:ffff:ffff:ffff::
added interface wlan0 ip=192.168.1.36 bcast=192.168.1.255 netmask=255.255.255.0
Password for [MITTAGSTUNDE\josefine]:
Client started (version
4.15.7-git.376.dd43aca9ab2150300.3.32.1-SUSE-oS15.0-x86_64).
Opening cache file at /var/lib/samba/lock/gencache.tdb
sitename_fetch: No stored sitename for realm ''
namecache_fetch: name nasobem.local#20 found.
Connecting to 192.168.1.169 at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1,
TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0,
IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072,
SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1,
TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[NT1] against server[nasobem.local]
cli_session_creds_prepare_krb5: Doing kinit for josefine@MITTAGSTUNDE to access
nasobem.local
Kinit for josefine@MITTAGSTUNDE to access nasobem.local failed: Cannot find KDC
for requested realm
cli_session_setup_spnego_send: Connect to nasobem.local as
josefine@MITTAGSTUNDE using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
gensec_spnego_client_negTokenInit_start: Server claims it's principal name is
NONE
Starting GENSEC submechanism gse_krb5
smb_gss_krb5_import_cred ccache[MEMORY:cliconnect] failed with [Es wurden keine
Anmeldedaten ���bergeben oder die Anmeldedaten waren nicht verf���gbar bzw. ein
Zugriff darauf nicht m���glich.: kein Anmeldedatenzwischenspeicher gefunden] -the
caller may retry after a kinit.
Failed to start GENSEC client mech gse_krb5: NT_STATUS_INTERNAL_ERROR
Starting GENSEC submechanism ntlmssp
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_TARGET_TYPE_SERVER
  NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  NTLMSSP_NEGOTIATE_TARGET_INFO
  NTLMSSP_NEGOTIATE_VERSION
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  NTLMSSP_NEGOTIATE_VERSION
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  NTLMSSP_NEGOTIATE_VERSION
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  NTLMSSP_NEGOTIATE_VERSION
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
 session setup ok
 tconx ok
Try "help" to get a list of possible commands.
smb: \>

You are receiving this mail because: