[opensuse] CIFS - where/how is /proc/fs/cifs/SecurityFlags set?
All, I have run into a mount.cifs issue (I'm chasing on the samba list) One question that arose is the setting of /proc/fs/cifs/SecurityFlags. In openSuSE, the value is set to 0x7. Where/how is that set? From the kernel fs/cifs/README, I know the components are: may use packet signing 0x00001 must use packet signing 0x01001 may use NTLM (most common password hash) 0x00002 must use NTLM 0x02002 may use NTLMv2 0x00004 must use NTLMv2 0x04004 may use Kerberos security 0x00008 must use Kerberos 0x08008 may use lanman (weak) password hash 0x00010 must use lanman password hash 0x10010 may use plaintext passwords 0x00020 must use plaintext passwords 0x20020 (reserved for future packet encryption) 0x00040 Where do I look to find out how opensuse comes up with 0x7? The default is reported as 0x07007, but I get: sudo cat /proc/fs/cifs/SecurityFlags 0x7 Maybe the anding or adding of the flags is what I'm messing up. What say the gurus? (Lars?) -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
В Пн, 06/01/2014 в 17:23 -0600, David C. Rankin пишет:
All,
I have run into a mount.cifs issue (I'm chasing on the samba list) One question that arose is the setting of /proc/fs/cifs/SecurityFlags. In openSuSE, the value is set to 0x7. Where/how is that set? From the kernel fs/cifs/README, I know the components are:
may use packet signing 0x00001 must use packet signing 0x01001 may use NTLM (most common password hash) 0x00002 must use NTLM 0x02002 may use NTLMv2 0x00004 must use NTLMv2 0x04004 may use Kerberos security 0x00008 must use Kerberos 0x08008 may use lanman (weak) password hash 0x00010 must use lanman password hash 0x10010 may use plaintext passwords 0x00020 must use plaintext passwords 0x20020 (reserved for future packet encryption) 0x00040
Where do I look to find out how opensuse comes up with 0x7? The default is reported as 0x07007,
By whom? fs/cifs/cifsglob.h:#define CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_NTLMSSP)
but I get:
sudo cat /proc/fs/cifs/SecurityFlags 0x7
Maybe the anding or adding of the flags is what I'm messing up. What say the gurus? (Lars?)
-- David C. Rankin, J.D.,P.E.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/06/2014 10:13 PM, Andrey Borzenkov wrote:
By whom?
fs/cifs/cifsglob.h:#define CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_NTLMSSP)
Andrey, Thank you! That was it. If you check 'cat /proc/fs/cifs/SecurityFlags' you will find 0x85 which is the current default: CIFSSEC_MAY_SIGN 0x00001 CIFSSEC_MAY_NTLMV2 0x00004 CIFSSEC_MAY_NTLMSSP 0x00080 /* raw ntlmssp with ntlmv2 */ ------- 0x00085 for older version it was most likely: CIFSSEC_MAY_SIGN 0x00001 CIFSSEC_MAY_NTLM 0x00002 CIFSSEC_MAY_NTLMV2 0x00004 ------- 0x00007 -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Andrey Borzenkov -
David C. Rankin