Auto sync2gitlab import of cifs-utils-7.0-1.el8.src.rpm

This commit is contained in:
CentOS Sources 2023-02-04 08:09:36 +00:00
parent 72edd06d1e
commit dbd812e5f9
28 changed files with 70 additions and 3122 deletions

1
.gitignore vendored
View File

@ -1 +1,2 @@
/cifs-utils-6.8.tar.bz2 /cifs-utils-6.8.tar.bz2
/cifs-utils-7.0.tar.bz2

View File

@ -0,0 +1,55 @@
From 17162396d9ace9396c27826f1c62719186e29ae9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Filipensk=C3=BD?= <pfilipensky@samba.org>
Date: Fri, 20 Jan 2023 20:53:44 +0100
Subject: [PATCH] Use explicit #!/usr/bin/python3
---
checkopts | 2 +-
smb2-quota | 2 +-
smb2-secdesc | 2 +-
smbinfo | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/checkopts b/checkopts
index 88e70b1..00c4cfd 100755
--- a/checkopts
+++ b/checkopts
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/python3
#
# Script to check for inconsistencies between documented mount options
# and implemented kernel options.
diff --git a/smb2-quota b/smb2-quota
index 6d0b8a3..49207c7 100755
--- a/smb2-quota
+++ b/smb2-quota
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python3
# coding: utf-8
#
# smb2-quota is a cmdline tool to display quota information for the
diff --git a/smb2-secdesc b/smb2-secdesc
index 5886091..534dd92 100755
--- a/smb2-secdesc
+++ b/smb2-secdesc
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python3
# coding: utf-8
import array
diff --git a/smbinfo b/smbinfo
index 73c5bb3..766024e 100755
--- a/smbinfo
+++ b/smbinfo
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/python3
# -*- coding: utf-8 -*-
#
# smbinfo is a cmdline tool to query SMB-specific file and fs
--
2.38.1

File diff suppressed because it is too large Load Diff

View File

@ -1,39 +0,0 @@
From f701927118c7c0833751e610c3fd45504c47ef08 Mon Sep 17 00:00:00 2001
From: Aurelien Aptel <aaptel@suse.com>
Date: Tue, 15 May 2018 10:40:48 +0200
Subject: [PATCH 02/36] mount.cifs.rst: document new (no)handlecache mount
option
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Steve French <smfrench@gmail.com>
Reviewed-by: Pavel Shilovsky <piastryyy@gmail.com>
(cherry picked from commit bfcbfaa27a6bcfea3d463e793feff5a983f344a5)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index c0f0bdb..405c459 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -237,6 +237,16 @@ cache=arg
The default in kernels prior to 3.7 was ``loose``. As of kernel 3.7 the
default is ``strict``.
+handlecache
+ (default) In SMB2 and above, the client often has to open the root
+ of the share (empty path) in various places during mount, path
+ revalidation and the statfs(2) system call. This option cuts
+ redundant round trip traffic (opens and closes) by simply keeping
+ the directory handle for the root around once opened.
+
+nohandlecache
+ Disable caching of the share root directory handle.
+
directio
Do not do inode data caching on files opened on this mount. This
precludes mmaping files on this mount. In some cases with fast
--
1.8.3.1

View File

@ -1,32 +0,0 @@
From 9caa0b96b49cb38b8ed7c4c05b3f517ae0313991 Mon Sep 17 00:00:00 2001
From: Kenneth Dsouza <kdsouza@redhat.com>
Date: Fri, 13 Jul 2018 23:49:59 +0530
Subject: [PATCH 03/36] manpage: update mount.cifs manpage with info about rdma
option
Signed-off-by: Kenneth Dsouza <kdsouza@redhat.com>
(cherry picked from commit 03a3296c79f8195f94c43a3b4feb09df75d9b90e)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 405c459..56c1bf9 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -403,6 +403,11 @@ echo_interval=n
If this option is not given then the default value of 60 seconds is used.
The minimum tunable value is 1 second and maximum can go up to 600 seconds.
+rdma
+ Use to connect to SMB Direct, only applicable when specified with
+ vers=3 or vers=3.x.
+ Here 3.x can be 3.0, 3.02 or 3.1.1.
+
serverino
Use inode numbers (unique persistent file identifiers) returned by the
server instead of automatically generating temporary inode numbers on
--
1.8.3.1

View File

@ -1,263 +0,0 @@
From 0c846b0201e7d74186a10facfed222596a0d1d50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Aptel?= <aaptel@suse.com>
Date: Tue, 10 Jul 2018 17:50:42 +0200
Subject: [PATCH 04/36] checkopts: add python script to cross check mount
options
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
(cherry picked from commit 97209a56d13b8736579a58cccf00d2da4e4a0e5a)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
checkopts | 240 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 240 insertions(+)
create mode 100755 checkopts
diff --git a/checkopts b/checkopts
new file mode 100755
index 0000000..26ca271
--- /dev/null
+++ b/checkopts
@@ -0,0 +1,240 @@
+#!/usr/bin/env python3
+#
+# Script to check for inconsistencies between documented mount options
+# and implemented kernel options.
+# Copyright (C) 2018 Aurelien Aptel (aaptel@suse.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import sys
+import re
+import subprocess
+import argparse
+from pprint import pprint as P
+
+def extract_canonical_opts(s):
+ """
+ Return list of option names present in s.
+ e.g "opt1=a|opt2=d" => ["opt1", "opt2"])
+ """
+ opts = s.split("|")
+ res = []
+ for o in opts:
+ x = o.split("=")
+ res.append(x[0])
+ return res
+
+def extract_kernel_opts(fn):
+ STATE_BASE = 0
+ STATE_DEF = 1
+ STATE_USE = 2
+ STATE_EXIT = 3
+
+ state = STATE_BASE
+ fmt2enum = {}
+ enum2code = {}
+ code = ''
+ current_opt = ''
+ rx = RX()
+
+ def code_add(s):
+ if current_opt != '':
+ if current_opt not in enum2code:
+ enum2code[current_opt] = ''
+ enum2code[current_opt] += s
+
+ with open(fn) as f:
+ for s in f.readlines():
+ if state == STATE_EXIT:
+ break
+
+ elif state == STATE_BASE:
+ if rx.search(r'cifs_mount_option_tokens.*\{', s):
+ state = STATE_DEF
+ elif rx.search(r'^cifs_parse_mount_options', s):
+ state = STATE_USE
+
+ elif state == STATE_DEF:
+ if rx.search(r'(Opt_[a-zA-Z0-9_]+)\s*,\s*"([^"]+)"', s):
+ fmt = rx.group(2)
+ opts = extract_canonical_opts(fmt)
+ assert(len(opts) == 1)
+ name = opts[0]
+ fmt2enum[name] = {'enum':rx.group(1), 'fmt':fmt}
+ elif rx.search(r'^};', s):
+ state = STATE_BASE
+
+ elif state == STATE_USE:
+ if rx.search(r'^\s*case (Opt_[a-zA-Z0-9_]+)', s):
+ current_opt = rx.group(1)
+ elif current_opt != '' and rx.search(r'^\s*default:', s):
+ state = STATE_EXIT
+ else:
+ code_add(s)
+ return fmt2enum, enum2code
+
+def chomp(s):
+ if s[-1] == '\n':
+ return s[:-1]
+ return s
+
+def extract_man_opts(fn):
+ STATE_EXIT = 0
+ STATE_BASE = 1
+ STATE_OPT = 2
+
+ state = STATE_BASE
+ rx = RX()
+ opts = {}
+
+ with open(fn) as f:
+ for s in f.readlines():
+ if state == STATE_EXIT:
+ break
+
+ elif state == STATE_BASE:
+ if rx.search(r'^OPTION', s):
+ state = STATE_OPT
+
+ elif state == STATE_OPT:
+ if rx.search('^[a-z]', s) and len(s) < 50:
+ s = chomp(s)
+ names = extract_canonical_opts(s)
+ for name in names:
+ opts[name] = s
+ elif rx.search(r'^[A-Z]+', s):
+ state = STATE_EXIT
+ return opts
+
+def format_code(s):
+ # remove common indent in the block
+ min_indent = None
+ for ln in s.split("\n"):
+ indent = 0
+ for c in ln:
+ if c == '\t': indent += 1
+ else: break
+ if min_indent is None:
+ min_indent = indent
+ elif indent > 0:
+ min_indent = min(indent, min_indent)
+ out = ''
+ lines = s.split("\n")
+ if lines[-1].strip() == '':
+ lines.pop()
+ for ln in lines:
+ out += "| %s\n" % ln[min_indent:]
+ return out
+
+def sortedset(s):
+ return sorted(list(s), key=lambda x: re.sub('^no', '', x))
+
+def opt_neg(opt):
+ if opt.startswith("no"):
+ return opt[2:]
+ else:
+ return "no"+opt
+
+def main():
+ ap = argparse.ArgumentParser(description="Cross-check mount options from cifs.ko/man page")
+ ap.add_argument("cfile", help="path to connect.c")
+ ap.add_argument("rstfile", help="path to mount.cifs.rst")
+ args = ap.parse_args()
+
+ fmt2enum, enum2code = extract_kernel_opts(args.cfile)
+ manopts = extract_man_opts(args.rstfile)
+
+ kernel_opts_set = set(fmt2enum.keys())
+ man_opts_set = set(manopts.keys())
+
+ def opt_alias_is_doc(o):
+ enum = fmt2enum[o]['enum']
+ aliases = []
+ for k,v in fmt2enum.items():
+ if k != o and v['enum'] == enum:
+ if opt_is_doc(k):
+ return k
+ return None
+
+ def opt_exists(o):
+ return o in fmt2enum
+
+ def opt_is_doc(o):
+ return o in manopts
+
+
+ print('UNDOCUMENTED OPTIONS')
+ print('====================')
+
+ undoc_opts = kernel_opts_set - man_opts_set
+ # group opts and their negations together
+ for opt in sortedset(undoc_opts):
+ fmt = fmt2enum[opt]['fmt']
+ enum = fmt2enum[opt]['enum']
+ code = format_code(enum2code[enum])
+ neg = opt_neg(opt)
+
+ if enum == 'Opt_ignore':
+ print("# skipping %s (Opt_ignore)\n"%opt)
+ continue
+
+ if opt_exists(neg) and opt_is_doc(neg):
+ print("# skipping %s (%s is documented)\n"%(opt, neg))
+ continue
+
+ alias = opt_alias_is_doc(opt)
+ if alias:
+ print("# skipping %s (alias %s is documented)\n"%(opt, alias))
+ continue
+
+ print('OPTION %s ("%s" -> %s):\n%s'%(opt, fmt, enum, code))
+
+ print('')
+ print('DOCUMENTED BUT NON-EXISTING OPTIONS')
+ print('===================================')
+
+ unex_opts = man_opts_set - kernel_opts_set
+ # group opts and their negations together
+ for opt in sortedset(unex_opts):
+ fmt = manopts[opt]
+ print('OPTION %s ("%s")' % (opt, fmt))
+
+
+ print('')
+ print('NEGATIVE OPTIONS WITHOUT POSITIVE')
+ print('=================================')
+
+ for opt in sortedset(kernel_opts_set):
+ if not opt.startswith('no'):
+ continue
+
+ neg = opt[2:]
+ if not opt_exists(neg):
+ print("OPTION %s exists but not %s"%(opt,neg))
+
+# little helper to test AND store result at the same time so you can
+# do if/elsif easily instead of nesting them when you need to do
+# captures
+class RX:
+ def __init__(self):
+ pass
+ def search(self, rx, s, flags=0):
+ self.r = re.search(rx, s, flags)
+ return self.r
+ def group(self, n):
+ return self.r.group(n)
+
+if __name__ == '__main__':
+ main()
--
1.8.3.1

View File

@ -1,221 +0,0 @@
From e1e36b41e779d241cc1ff0e2f6f90b630b1e3d14 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Aptel?= <aaptel@suse.com>
Date: Tue, 10 Jul 2018 17:50:43 +0200
Subject: [PATCH 05/36] mount.cifs.rst: document missing options, correct wrong
ones
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
(cherry picked from commit 7325a01abc529d68756bae90cf23233392626939)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 111 ++++++++++++++++++++++++++++++++++++++++-----------------
1 file changed, 79 insertions(+), 32 deletions(-)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 56c1bf9..13b3a1e 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -123,6 +123,11 @@ forcegid
of the gid= option. See the section on `FILE AND DIRECTORY OWNERSHIP
AND PERMISSIONS`_ below for more information.
+idsfromsid
+ Extract uid/gid from special SID instead of mapping it. See the
+ section on `FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS`_ below for
+ more information.
+
port=arg
sets the port number on which the client will attempt to contact the
CIFS server. If this value is specified, look for an existing
@@ -133,8 +138,9 @@ port=arg
try to connect on port 445 first and then port 139 if that
fails. Return an error if both fail.
-servernetbiosname=arg
- Specify the server netbios name (RFC1001 name) to use when attempting
+
+netbiosname=arg
+ Specify the client netbios name (RFC1001 name) to use when attempting
to setup a session to the server. Although rarely needed for mounting
to newer servers, this option is needed for mounting to some older
servers (such as OS/2 or Windows 98 and Windows ME) since when
@@ -143,7 +149,8 @@ servernetbiosname=arg
characters long and is usually uppercased.
servern=arg
- Synonym for ``servernetbiosname``
+ Similarl to ``netbiosname`` except it specifies the netbios name of
+ the server instead of the client.
netbiosname=arg
When mounting to servers via port 139, specifies the RFC1001 source
@@ -166,6 +173,10 @@ ip=arg|addr=arg
domain=arg|dom=arg|workgroup=arg
sets the domain (workgroup) of the user.
+domainauto
+ When using NTLMv2 authentification and not providing a domain via
+ ``domain``, guess the domain from the server NTLM challenge.
+
guest
don't prompt for a password.
@@ -237,6 +248,9 @@ cache=arg
The default in kernels prior to 3.7 was ``loose``. As of kernel 3.7 the
default is ``strict``.
+nostrictsync
+ Do not flush to the server on fsync().
+
handlecache
(default) In SMB2 and above, the client often has to open the root
of the share (empty path) in various places during mount, path
@@ -247,32 +261,6 @@ handlecache
nohandlecache
Disable caching of the share root directory handle.
-directio
- Do not do inode data caching on files opened on this mount. This
- precludes mmaping files on this mount. In some cases with fast
- networks and little or no caching benefits on the client (e.g. when
- the application is doing large sequential reads bigger than page size
- without rereading the same data) this can provide better performance
- than the default behavior which caches reads (readahead) and writes
- (writebehind) through the local Linux client pagecache if oplock
- (caching token) is granted and held. Note that direct allows write
- operations larger than page size to be sent to the server. On some
- kernels this requires the cifs.ko module to be built with the
- ``CIFS_EXPERIMENTAL`` configure option.
-
- This option is will be deprecated in 3.7. Users should use
- ``cache=none`` instead on more recent kernels.
-
-strictcache
- Use for switching on strict cache mode. In this mode the client reads
- from the cache all the time it has *Oplock Level II* , otherwise -
- read from the server. As for write - the client stores a data in the
- cache in *Exclusive Oplock* case, otherwise - write directly to the
- server.
-
- This option is will be deprecated in 3.7. Users should use
- ``cache=strict`` instead on more recent kernels.
-
rwpidforward
Forward pid of a process who opened a file to any read or write
operation on that file. This prevent applications like wine(1) from
@@ -283,7 +271,7 @@ mapchars
including the colon, question mark, pipe, asterik, greater than and
less than characters) to the remap range (above 0xF000), which also
allows the CIFS client to recognize files created with such characters
- by Windows's POSIX emulation. This can also be useful when mounting to
+ by Windows's Services for Mac. This can also be useful when mounting to
most versions of Samba (which also forbids creating and opening files
whose names contain any of these seven characters). This has no effect
if the server does not support Unicode on the wire. Please note that
@@ -293,6 +281,10 @@ mapchars
nomapchars
(default) Do not translate any of these seven characters.
+mapposix
+ Translate reserved characters similarly to ``mapchars`` but use the
+ mapping from Microsoft "Services For Unix".
+
intr
currently unimplemented.
@@ -370,12 +362,42 @@ seal
Request encryption at the SMB layer. Encryption is only supported in
SMBv3 and above. The encryption algorithm used is AES-128-CCM.
+rdma
+ Connect directly to the server using SMB Direct via a RDMA adapter.
+
+resilienthandles
+ Enable resilient handles. If the server supports it, keep opened
+ files across reconenctions. Requires SMB2.1.
+
+noresilienthandles
+ (default) Disable resilient handles.
+
+persistenthandles
+ Enable persistent handles. If the server supports it, keep opened
+ files across reconnections. Persistent handles are also valid across
+ servers in a cluser and have stronger guarantees than resilient
+ handles. Requires SMB3 or above.
+
+nopersistenthandles
+ (default) Disable persistent handles.
+
+snapshot=time
+ Mount a specific snapshot of the remote share. ``time`` must be a
+ positive integer identifying the snapshot requested.
+
nobrl
Do not send byte range lock requests to the server. This is necessary
for certain applications that break with cifs style mandatory byte
range locks (and most cifs servers do not yet support requesting
advisory byte range locks).
+forcemandatorylock
+ Do not use POSIX locks even when available via unix
+ extensions. Always use cifs style mandatory locks.
+
+locallease
+ Check cache leases locally instead of querying the server.
+
sfu
When the CIFS Unix Extensions are not negotiated, attempt to create
device files and fifos in a format compatible with Services for Unix
@@ -431,8 +453,12 @@ noserverino
See section `INODE NUMBERS`_ for more information.
-nounix
- Disable the CIFS Unix Extensions for this mount. This can be useful in
+unix|linux
+ (default) Enable Unix Extensions for this mount. Requires CIFS
+ (vers=1.0) or SMB3.1.1 (vers=3.1.1) and a server supporting them.
+
+nounix|nolinux
+ Disable the Unix Extensions for this mount. This can be useful in
order to turn off multiple settings at once. This includes POSIX acls,
POSIX locks, POSIX paths, symlink support and retrieving
uids/gids/mode from the server. This can also be useful to work around
@@ -444,6 +470,23 @@ nouser_xattr
Do not allow getfattr/setfattr to get/set xattrs, even if server would
support it otherwise. The default is for xattr support to be enabled.
+nodfs
+ Do not follow Distributed FileSystem referals. IO on a file not
+ stored on the server will fail instead of connecting to the target
+ server transparently.
+
+noautotune
+ Use fixed size for kernel recv/send socket buffers.
+
+nosharesock
+ Do not try to reuse sockets if the system is already connected to
+ the server via an existing mount point. This will make the client
+ always make a new connection to the server no matter what he is
+ already connected to.
+
+noblocksend
+ Send data on the socket using non blocking operations (MSG_DONTWAIT flag).
+
rsize=bytes
Maximum amount of data that the kernel will request in a read request
in bytes. Prior to kernel 3.2.0, the default was 16k, and the maximum
@@ -472,6 +515,10 @@ wsize=bytes
this value isn't specified or it's greater or equal than the existing
one.
+max_credits=n
+ Maximum credits the SMB2 client can have. Default is 32000. Must be
+ set to a number between 20 and 60000.
+
fsc
Enable local disk caching using FS-Cache for CIFS. This option could
be useful to improve performance on a slow link, heavily loaded server
--
1.8.3.1

View File

@ -1,69 +0,0 @@
From 5cff08c4ac6bcb43ac2bc371db189a88c53c8326 Mon Sep 17 00:00:00 2001
From: Aurelien Aptel <aaptel@suse.com>
Date: Wed, 8 Aug 2018 11:38:15 +0200
Subject: [PATCH 06/36] checkopts: report duplicated options in man page
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
(cherry picked from commit 77b028c11fee787d1235a08fd06c8b60d20eb9c0)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
checkopts | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/checkopts b/checkopts
index 26ca271..88e70b1 100755
--- a/checkopts
+++ b/checkopts
@@ -98,9 +98,12 @@ def extract_man_opts(fn):
state = STATE_BASE
rx = RX()
opts = {}
+ ln = 0
with open(fn) as f:
for s in f.readlines():
+ ln += 1
+
if state == STATE_EXIT:
break
@@ -113,7 +116,9 @@ def extract_man_opts(fn):
s = chomp(s)
names = extract_canonical_opts(s)
for name in names:
- opts[name] = s
+ if name not in opts:
+ opts[name] = []
+ opts[name].append({'ln':ln, 'fmt':s})
elif rx.search(r'^[A-Z]+', s):
state = STATE_EXIT
return opts
@@ -174,6 +179,14 @@ def main():
def opt_is_doc(o):
return o in manopts
+ print('DUPLICATED DOC OPTIONS')
+ print('======================')
+
+ for opt in sortedset(man_opts_set):
+ if len(manopts[opt]) > 1:
+ lines = ", ".join([str(x['ln']) for x in manopts[opt]])
+ print("OPTION %-20.20s (lines %s)"%(opt, lines))
+ print()
print('UNDOCUMENTED OPTIONS')
print('====================')
@@ -208,8 +221,8 @@ def main():
unex_opts = man_opts_set - kernel_opts_set
# group opts and their negations together
for opt in sortedset(unex_opts):
- fmt = manopts[opt]
- print('OPTION %s ("%s")' % (opt, fmt))
+ man = manopts[opt][0]
+ print('OPTION %s ("%s") line %d' % (opt, man['fmt'], man['ln']))
print('')
--
1.8.3.1

View File

@ -1,161 +0,0 @@
From 4641bf62ceab8ed86e55c422f0dc7819972f14b6 Mon Sep 17 00:00:00 2001
From: Aurelien Aptel <aaptel@suse.com>
Date: Wed, 8 Aug 2018 11:38:16 +0200
Subject: [PATCH 07/36] mount.cifs.rst: more cleanups
* remove duplicates (netbiosname, rdma)
* remove snapshot
* document nostrictsync, domain, domainauto better
* point to vers= when talking about version requirements
* typos
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
(cherry picked from commit 06503ef4490a3dde4e8297cf1c5cb336ba43aafa)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 61 ++++++++++++++++++++++++++++------------------------------
1 file changed, 29 insertions(+), 32 deletions(-)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 13b3a1e..3504477 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -138,25 +138,20 @@ port=arg
try to connect on port 445 first and then port 139 if that
fails. Return an error if both fail.
-
netbiosname=arg
- Specify the client netbios name (RFC1001 name) to use when attempting
- to setup a session to the server. Although rarely needed for mounting
+ When mounting to servers via port 139, specifies the RFC1001 source
+ name to use to represent the client netbios machine during the netbios
+ session initialization.
+
+servern=arg
+ Similar to ``netbiosname`` except it specifies the netbios name of
+ the server instead of the client. Although rarely needed for mounting
to newer servers, this option is needed for mounting to some older
servers (such as OS/2 or Windows 98 and Windows ME) since when
connecting over port 139 they, unlike most newer servers, do not
support a default server name. A server name can be up to 15
characters long and is usually uppercased.
-servern=arg
- Similarl to ``netbiosname`` except it specifies the netbios name of
- the server instead of the client.
-
-netbiosname=arg
- When mounting to servers via port 139, specifies the RFC1001 source
- name to use to represent the client netbios machine name when doing
- the RFC1001 netbios session initialize.
-
file_mode=arg
If the server does not support the CIFS Unix extensions this overrides
the default file mode.
@@ -171,11 +166,14 @@ ip=arg|addr=arg
rarely needs to be specified by the user.
domain=arg|dom=arg|workgroup=arg
- sets the domain (workgroup) of the user.
+ Sets the domain (workgroup) of the user. If no domains are given,
+ the empty domain will be used. Use ``domainauto`` to automatically
+ guess the domain of the server you are connecting to.
domainauto
- When using NTLMv2 authentification and not providing a domain via
+ When using NTLM authentication and not providing a domain via
``domain``, guess the domain from the server NTLM challenge.
+ This behavior used to be the default on kernels older than 2.6.36.
guest
don't prompt for a password.
@@ -249,7 +247,14 @@ cache=arg
default is ``strict``.
nostrictsync
- Do not flush to the server on fsync().
+ Do not ask the server to flush on fsync().
+ Some servers perform non-buffered writes by default in which case
+ flushing is redundant. In workloads where a client is performing a
+ lot of small write + fsync combinations and where network latency is
+ much higher than the server latency, this brings a 2x performance
+ improvement.
+ This option is also a good candidate in scenarios where we want
+ performance over consistency.
handlecache
(default) In SMB2 and above, the client often has to open the root
@@ -359,15 +364,16 @@ sec=arg
automatically if it's enabled in */proc/fs/cifs/SecurityFlags*.
seal
- Request encryption at the SMB layer. Encryption is only supported in
- SMBv3 and above. The encryption algorithm used is AES-128-CCM.
+ Request encryption at the SMB layer. The encryption algorithm used
+ is AES-128-CCM. Requires SMB3 or above (see ``vers``).
rdma
- Connect directly to the server using SMB Direct via a RDMA adapter.
+ Connect directly to the server using SMB Direct via a RDMA
+ adapter. Requires SMB3 or above (see ``vers``).
resilienthandles
Enable resilient handles. If the server supports it, keep opened
- files across reconenctions. Requires SMB2.1.
+ files across reconnections. Requires SMB2.1 (see ``vers``).
noresilienthandles
(default) Disable resilient handles.
@@ -375,16 +381,12 @@ noresilienthandles
persistenthandles
Enable persistent handles. If the server supports it, keep opened
files across reconnections. Persistent handles are also valid across
- servers in a cluser and have stronger guarantees than resilient
- handles. Requires SMB3 or above.
+ servers in a cluster and have stronger guarantees than resilient
+ handles. Requires SMB3 or above (see ``vers``).
nopersistenthandles
(default) Disable persistent handles.
-snapshot=time
- Mount a specific snapshot of the remote share. ``time`` must be a
- positive integer identifying the snapshot requested.
-
nobrl
Do not send byte range lock requests to the server. This is necessary
for certain applications that break with cifs style mandatory byte
@@ -396,7 +398,7 @@ forcemandatorylock
extensions. Always use cifs style mandatory locks.
locallease
- Check cache leases locally instead of querying the server.
+ Check cached leases locally instead of querying the server.
sfu
When the CIFS Unix Extensions are not negotiated, attempt to create
@@ -425,11 +427,6 @@ echo_interval=n
If this option is not given then the default value of 60 seconds is used.
The minimum tunable value is 1 second and maximum can go up to 600 seconds.
-rdma
- Use to connect to SMB Direct, only applicable when specified with
- vers=3 or vers=3.x.
- Here 3.x can be 3.0, 3.02 or 3.1.1.
-
serverino
Use inode numbers (unique persistent file identifiers) returned by the
server instead of automatically generating temporary inode numbers on
@@ -471,7 +468,7 @@ nouser_xattr
support it otherwise. The default is for xattr support to be enabled.
nodfs
- Do not follow Distributed FileSystem referals. IO on a file not
+ Do not follow Distributed FileSystem referrals. IO on a file not
stored on the server will fail instead of connecting to the target
server transparently.
--
1.8.3.1

View File

@ -1,27 +0,0 @@
From 3d47c844a7b69a1c9f96289e44d92343653d05f4 Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Fri, 17 Aug 2018 11:08:58 -0700
Subject: [PATCH 08/36] mount.cifs.rst: document vers=3 mount option
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
(cherry picked from commit 439cd76f72a2dd3c65fd7d30ece460cde6b9675d)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 3504477..6587e16 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -592,6 +592,7 @@ vers=arg
- 2.1 - The SMBv2.1 protocol that was introduced in Microsoft Windows 7 and Windows Server 2008R2.
- 3.0 - The SMBv3.0 protocol that was introduced in Microsoft Windows 8 and Windows Server 2012.
- 3.1.1 or 3.11 - The SMBv3.1.1 protocol that was introduced in Microsoft Windows Server 2016.
+ - 3 - The SMBv3.0 protocol version and above.
Note too that while this option governs the protocol version used, not
all features of each version are available.
--
1.8.3.1

View File

@ -1,27 +0,0 @@
From ac92f498e11b61def574fe858e6346bf8f2bad25 Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Fri, 17 Aug 2018 11:13:45 -0700
Subject: [PATCH 09/36] mount.cifs.rst: document vers=3.02 mount option
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
(cherry picked from commit 3c7e8c3663f50c2d2df6158cc4d22c4fccdc8ae8)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 6587e16..a0faf7f 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -591,6 +591,7 @@ vers=arg
different dialect (2.000) that is not supported.
- 2.1 - The SMBv2.1 protocol that was introduced in Microsoft Windows 7 and Windows Server 2008R2.
- 3.0 - The SMBv3.0 protocol that was introduced in Microsoft Windows 8 and Windows Server 2012.
+ - 3.02 - The SMBv3.0.2 protocol that was introduced in Microsoft Windows 8.1 and Windows Server 2012R2.
- 3.1.1 or 3.11 - The SMBv3.1.1 protocol that was introduced in Microsoft Windows Server 2016.
- 3 - The SMBv3.0 protocol version and above.
--
1.8.3.1

View File

@ -1,216 +0,0 @@
From bc41dbe55098629101fbf286755e123c9a2b6b77 Mon Sep 17 00:00:00 2001
From: Paulo Alcantara <paulo@paulo.ac>
Date: Wed, 13 Feb 2019 16:09:41 -0200
Subject: [PATCH 10/36] cifs: Allow DNS resolver key to expire
This patch introduces a new '--expire' option that allows the user to
set a timeout value for the dns resolver key -- which is typically
useful for hostnames that may get their ip addresses changed under
long running mounts.
The default timeout value is set to 10 minutes.
Signed-off-by: Paulo Alcantara <palcantara@suse.de>
(cherry picked from commit b101af793c8415f298072d06841a278df0368bc3)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
cifs.upcall.c | 82 +++++++++++++++++++++++++++++++++++++++---------------
cifs.upcall.rst.in | 5 +++-
2 files changed, 64 insertions(+), 23 deletions(-)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index 89563fd..c92ee62 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -63,6 +63,8 @@
static krb5_context context;
static const char *prog = "cifs.upcall";
+#define DNS_RESOLVER_DEFAULT_TIMEOUT 600 /* 10 minutes */
+
typedef enum _sectype {
NONE = 0,
KRB5,
@@ -749,19 +751,48 @@ decode_key_description(const char *desc, struct decoded_args *arg)
return retval;
}
-static int cifs_resolver(const key_serial_t key, const char *key_descr)
+static int setup_key(const key_serial_t key, const void *data, size_t datalen)
+{
+ int rc;
+
+ rc = keyctl_instantiate(key, data, datalen, 0);
+ if (rc) {
+ switch (errno) {
+ case ENOMEM:
+ case EDQUOT:
+ rc = keyctl_clear(key);
+ if (rc) {
+ syslog(LOG_ERR, "%s: keyctl_clear: %s",
+ __func__, strerror(errno));
+ return rc;
+ }
+ rc = keyctl_instantiate(key, data, datalen, 0);
+ break;
+ default:
+ ;
+ }
+ }
+ if (rc) {
+ syslog(LOG_ERR, "%s: keyctl_instantiate: %s",
+ __func__, strerror(errno));
+ }
+ return rc;
+}
+
+static int cifs_resolver(const key_serial_t key, const char *key_descr,
+ const char *key_buf, unsigned expire_time)
{
int c;
struct addrinfo *addr;
char ip[INET6_ADDRSTRLEN];
void *p;
- const char *keyend = key_descr;
+ const char *keyend = key_buf;
/* skip next 4 ';' delimiters to get to description */
for (c = 1; c <= 4; c++) {
keyend = index(keyend + 1, ';');
if (!keyend) {
syslog(LOG_ERR, "invalid key description: %s",
- key_descr);
+ key_buf);
return 1;
}
}
@@ -787,15 +818,21 @@ static int cifs_resolver(const key_serial_t key, const char *key_descr)
return 1;
}
- /* setup key */
- c = keyctl_instantiate(key, ip, strlen(ip) + 1, 0);
- if (c == -1) {
- syslog(LOG_ERR, "%s: keyctl_instantiate: %s", __func__,
+ /* needed for keyctl_set_timeout() */
+ request_key("keyring", key_descr, NULL, KEY_SPEC_THREAD_KEYRING);
+
+ c = setup_key(key, ip, strlen(ip) + 1);
+ if (c) {
+ freeaddrinfo(addr);
+ return 1;
+ }
+ c = keyctl_set_timeout(key, expire_time);
+ if (c) {
+ syslog(LOG_ERR, "%s: keyctl_set_timeout: %s", __func__,
strerror(errno));
freeaddrinfo(addr);
return 1;
}
-
freeaddrinfo(addr);
return 0;
}
@@ -864,7 +901,7 @@ lowercase_string(char *c)
static void usage(void)
{
- fprintf(stderr, "Usage: %s [ -K /path/to/keytab] [-k /path/to/krb5.conf] [-E] [-t] [-v] [-l] key_serial\n", prog);
+ fprintf(stderr, "Usage: %s [ -K /path/to/keytab] [-k /path/to/krb5.conf] [-E] [-t] [-v] [-l] [-e nsecs] key_serial\n", prog);
}
static const struct option long_options[] = {
@@ -874,6 +911,7 @@ static const struct option long_options[] = {
{"trust-dns", 0, NULL, 't'},
{"keytab", 1, NULL, 'K'},
{"version", 0, NULL, 'v'},
+ {"expire", 1, NULL, 'e'},
{NULL, 0, NULL, 0}
};
@@ -897,13 +935,15 @@ int main(const int argc, char *const argv[])
char *env_cachename = NULL;
krb5_ccache ccache = NULL;
struct passwd *pw;
+ unsigned expire_time = DNS_RESOLVER_DEFAULT_TIMEOUT;
+ const char *key_descr = NULL;
hostbuf[0] = '\0';
memset(&arg, 0, sizeof(arg));
openlog(prog, 0, LOG_DAEMON);
- while ((c = getopt_long(argc, argv, "cEk:K:ltv", long_options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "cEk:K:ltve:", long_options, NULL)) != -1) {
switch (c) {
case 'c':
/* legacy option -- skip it */
@@ -931,6 +971,9 @@ int main(const int argc, char *const argv[])
rc = 0;
printf("version: %s\n", VERSION);
goto out;
+ case 'e':
+ expire_time = strtoul(optarg, NULL, 10);
+ break;
default:
syslog(LOG_ERR, "unknown option: %c", c);
goto out;
@@ -965,9 +1008,12 @@ int main(const int argc, char *const argv[])
syslog(LOG_DEBUG, "key description: %s", buf);
- if ((strncmp(buf, "cifs.resolver", sizeof("cifs.resolver") - 1) == 0) ||
- (strncmp(buf, "dns_resolver", sizeof("dns_resolver") - 1) == 0)) {
- rc = cifs_resolver(key, buf);
+ if (strncmp(buf, "cifs.resolver", sizeof("cifs.resolver") - 1) == 0)
+ key_descr = ".cifs.resolver";
+ else if (strncmp(buf, "dns_resolver", sizeof("dns_resolver") - 1) == 0)
+ key_descr = ".dns_resolver";
+ if (key_descr) {
+ rc = cifs_resolver(key, key_descr, buf, expire_time);
goto out;
}
@@ -1193,16 +1239,8 @@ retry_new_hostname:
memcpy(&(keydata->data) + keydata->sesskey_len,
secblob.data, secblob.length);
- /* setup key */
- rc = keyctl_instantiate(key, keydata, datalen, 0);
- if (rc == -1) {
- syslog(LOG_ERR, "keyctl_instantiate: %s", strerror(errno));
- goto out;
- }
+ rc = setup_key(key, keydata, datalen);
- /* BB: maybe we need use timeout for key: for example no more then
- * ticket lifietime? */
- /* keyctl_set_timeout( key, 60); */
out:
/*
* on error, negatively instantiate the key ourselves so that we can
diff --git a/cifs.upcall.rst.in b/cifs.upcall.rst.in
index 1b8df3f..08ce324 100644
--- a/cifs.upcall.rst.in
+++ b/cifs.upcall.rst.in
@@ -13,7 +13,7 @@ SYNOPSIS
cifs.upcall [--trust-dns|-t] [--version|-v] [--legacy-uid|-l]
[--krb5conf=/path/to/krb5.conf|-k /path/to/krb5.conf]
- [--keytab=/path/to/keytab|-K /path/to/keytab] {keyid}
+ [--keytab=/path/to/keytab|-K /path/to/keytab] [--expire|-e nsecs] {keyid}
***********
DESCRIPTION
@@ -85,6 +85,9 @@ OPTIONS
user. Set this option if you want cifs.upcall to use the older uid=
parameter instead of the creduid= parameter.
+--expire|-e
+ Override default timeout value (600 seconds) for ``dns_resolver`` key.
+
--version|-v
Print version number and exit.
--
1.8.3.1

View File

@ -1,53 +0,0 @@
From 368b0d656eaa0c529743d582a36a46d994b260dd Mon Sep 17 00:00:00 2001
From: Aurelien Aptel <aaptel@suse.com>
Date: Thu, 14 Feb 2019 12:15:44 +0100
Subject: [PATCH 11/36] mount.cifs: be more verbose and helpful regarding mount
errors
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
(cherry picked from commit 3a00449ea2560c1f160ca5e69a48a5078bfa1194)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index ae7a899..9370f2e 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -2099,6 +2099,10 @@ mount_retry:
switch (errno) {
case ECONNREFUSED:
case EHOSTUNREACH:
+ if (currentaddress) {
+ fprintf(stderr, "mount error(%d): could not connect to %s",
+ errno, currentaddress);
+ }
currentaddress = nextaddress;
if (currentaddress) {
nextaddress = strchr(currentaddress, ',');
@@ -2110,6 +2114,12 @@ mount_retry:
fprintf(stderr,
"mount error: %s filesystem not supported by the system\n", cifs_fstype);
break;
+ case EHOSTDOWN:
+ fprintf(stderr,
+ "mount error: Server abruptly closed the connection.\n"
+ "This can happen if the server does not support the SMB version you are trying to use.\n"
+ "The default SMB version recently changed from SMB1 to SMB2.1 and above. Try mounting with vers=1.0.\n");
+ break;
case ENXIO:
if (!already_uppercased &&
uppercase_string(parsed_info->host) &&
@@ -2126,7 +2136,7 @@ mount_retry:
strerror(errno));
fprintf(stderr,
"Refer to the %s(8) manual page (e.g. man "
- "%s)\n", thisprogram, thisprogram);
+ "%s) and kernel log messages (dmesg)\n", thisprogram, thisprogram);
rc = EX_FAIL;
goto mount_exit;
}
--
1.8.3.1

View File

@ -1,39 +0,0 @@
From 478e60f01a37928a5cece9407bf66a1b731d2363 Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Fri, 15 Feb 2019 07:52:48 +0530
Subject: [PATCH 12/36] Update mount.cifs with vers=default mount option and
SMBv3.0.2
Add vers=3.0.2 as a valid option for SMBv3.0.2 and explain behavior
of vers=default.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
(cherry picked from commit d93cabc638195b5a4274c2650477456f81651e75)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index a0faf7f..2ad7f59 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -591,9 +591,13 @@ vers=arg
different dialect (2.000) that is not supported.
- 2.1 - The SMBv2.1 protocol that was introduced in Microsoft Windows 7 and Windows Server 2008R2.
- 3.0 - The SMBv3.0 protocol that was introduced in Microsoft Windows 8 and Windows Server 2012.
- - 3.02 - The SMBv3.0.2 protocol that was introduced in Microsoft Windows 8.1 and Windows Server 2012R2.
+ - 3.02 or 3.0.2 - The SMBv3.0.2 protocol that was introduced in Microsoft Windows 8.1 and Windows Server 2012R2.
- 3.1.1 or 3.11 - The SMBv3.1.1 protocol that was introduced in Microsoft Windows Server 2016.
- 3 - The SMBv3.0 protocol version and above.
+ - default - Tries to negotiate the highest SMB2+ version supported by both the client and server.
+
+ If no dialect is specified on mount vers=default is used.
+ To check ``Dialect`` refer to /proc/fs/cifs/DebugData
Note too that while this option governs the protocol version used, not
all features of each version are available.
--
1.8.3.1

View File

@ -1,29 +0,0 @@
From 87d529be482436e809dd6280d6d1cc977fd2d453 Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Fri, 15 Feb 2019 12:03:44 -0800
Subject: [PATCH 13/36] mount.cifs.rst: update vers=3.1.1 option description
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
(cherry picked from commit b3f78f6dc200f61418d3d6c256ec116c3137ffee)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 2ad7f59..f64d1f1 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -592,7 +592,7 @@ vers=arg
- 2.1 - The SMBv2.1 protocol that was introduced in Microsoft Windows 7 and Windows Server 2008R2.
- 3.0 - The SMBv3.0 protocol that was introduced in Microsoft Windows 8 and Windows Server 2012.
- 3.02 or 3.0.2 - The SMBv3.0.2 protocol that was introduced in Microsoft Windows 8.1 and Windows Server 2012R2.
- - 3.1.1 or 3.11 - The SMBv3.1.1 protocol that was introduced in Microsoft Windows Server 2016.
+ - 3.1.1 or 3.11 - The SMBv3.1.1 protocol that was introduced in Microsoft Windows 10 and Windows Server 2016.
- 3 - The SMBv3.0 protocol version and above.
- default - Tries to negotiate the highest SMB2+ version supported by both the client and server.
--
1.8.3.1

View File

@ -1,38 +0,0 @@
From cb086a53b73901cf0dfc957915ff454a30f333b3 Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Tue, 19 Feb 2019 07:13:43 +0530
Subject: [PATCH 14/36] getcifsacl: Do not go to parse_sec_desc if getxattr
fails.
Add more to the error message by printing the filename and error.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Reviewed-by: Steve French <stfrench@microsoft.com>
(cherry picked from commit 670f416d2c0d07a4d9ff469eb797e5bef624d863)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
getcifsacl.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/getcifsacl.c b/getcifsacl.c
index f08cdea..aaf15fa 100644
--- a/getcifsacl.c
+++ b/getcifsacl.c
@@ -398,8 +398,12 @@ cifsacl:
free(attrval);
bufsize += BUFSIZE;
goto cifsacl;
- } else
- printf("getxattr error: %d\n", errno);
+ } else {
+ fprintf(stderr, "getxattr failed on %s: %s\n", filename, strerror(errno) );
+ free(attrval);
+ ret = -1;
+ goto out;
+ }
}
parse_sec_desc((struct cifs_ntsd *)attrval, attrlen, raw);
--
1.8.3.1

View File

@ -1,82 +0,0 @@
From efff67c46ffeb0de69259e6c5cb9c4f6b82a860a Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Thu, 21 Feb 2019 10:39:25 +0530
Subject: [PATCH 15/36] getcifsacl: Improve help usage and add -h option.
Call getcifsacl_usage only for -h and default case.
For others error out with appropriate message.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
(cherry picked from commit ea9b99cf17a949edbe368301881a353d27018847)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
getcifsacl.c | 27 ++++++++++++++++++---------
1 file changed, 18 insertions(+), 9 deletions(-)
diff --git a/getcifsacl.c b/getcifsacl.c
index aaf15fa..fc78881 100644
--- a/getcifsacl.c
+++ b/getcifsacl.c
@@ -40,6 +40,7 @@
static void *plugin_handle;
static bool plugin_loaded;
+static char *execname;
static void
print_each_ace_mask(uint32_t mask)
@@ -331,6 +332,8 @@ getcifsacl_usage(const char *prog)
prog);
fprintf(stderr, "Usage: %s [option] <file_name>\n", prog);
fprintf(stderr, "Valid options:\n");
+ fprintf(stderr, "\t-h Display this help text\n");
+ fprintf(stderr, "\n");
fprintf(stderr, "\t-v Version of the program\n");
fprintf(stderr, "\n");
fprintf(stderr, "\t-r Display raw values of the ACE fields\n");
@@ -345,8 +348,15 @@ main(const int argc, char *const argv[])
ssize_t attrlen;
size_t bufsize = BUFSIZE;
char *filename, *attrval;
+ execname = basename(argv[0]);
+
+ if (argc < 2) {
+ fprintf(stderr, "%s: you must specify a filename.\n", execname);
+ printf("Try `getcifsacl -h' for more information.\n");
+ goto out;
+ }
- while ((c = getopt_long(argc, argv, "r:v", NULL, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "rhv", NULL, NULL)) != -1) {
switch (c) {
case 'v':
printf("Version: %s\n", VERSION);
@@ -355,18 +365,17 @@ main(const int argc, char *const argv[])
raw = true;
break;
default:
- break;
+ getcifsacl_usage(execname);
+ goto out;
}
}
- if (raw && argc == 3)
- filename = argv[2];
- else if (argc == 2)
- filename = argv[1];
- else {
- getcifsacl_usage(basename(argv[0]));
+ if (optind >= argc) {
+ printf("you must specify a filename after options.\n");
+ printf("Usage: getcifsacl [option] <file_name>\n");
goto out;
- }
+ } else
+ filename = argv[optind];
if (!raw && !plugin_loaded) {
ret = init_plugin(&plugin_handle);
--
1.8.3.1

View File

@ -1,63 +0,0 @@
From 5053ec60ea609bbb5499e8359681fe998c3d4d68 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Fri, 1 Mar 2019 23:11:25 -0600
Subject: [PATCH 16/36] setcifsacl: fix adding ACE when owner sid in unexpected
location
If owner information is after the ACEs instead of before (e.g. Azure servers) in the ACL query
then we would get "invalid argument" returned on setcifsacl -a (adding an ACE).
This fixes that.
Signed-off-by: Steve French <stfrench@microsoft.com>
(cherry picked from commit 0feb1a80f3777f4c244b46958aa9f730de9e18b6)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
setcifsacl.c | 29 ++++++++++++++++++++++++-----
1 file changed, 24 insertions(+), 5 deletions(-)
diff --git a/setcifsacl.c b/setcifsacl.c
index ba34403..1b98c37 100644
--- a/setcifsacl.c
+++ b/setcifsacl.c
@@ -106,13 +106,32 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
/* copy owner sid */
owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + osidsoffset);
- nowner_sid_ptr = (struct cifs_sid *)((char *)pnntsd + osidsoffset);
- size = copy_cifs_sid(nowner_sid_ptr, owner_sid_ptr);
- bufsize += size;
+ group_sid_ptr = (struct cifs_sid *)((char *)pntsd + gsidsoffset);
+ /*
+ * some servers like Azure return the owner and group SIDs at end rather
+ * than at the beginning of the ACL so don't want to overwrite the last ACEs
+ */
+ if (dacloffset <= osidsoffset) {
+ /* owners placed at end of ACL */
+ nowner_sid_ptr = (struct cifs_sid *)((char *)pnntsd + dacloffset + size);
+ pnntsd->osidoffset = dacloffset + size;
+ size = copy_cifs_sid(nowner_sid_ptr, owner_sid_ptr);
+ bufsize += size;
+ /* put group SID after owner SID */
+ ngroup_sid_ptr = (struct cifs_sid *)((char *)nowner_sid_ptr + size);
+ pnntsd->gsidoffset = pnntsd->osidoffset + size;
+ } else {
+ /*
+ * Most servers put the owner information at the beginning,
+ * before the ACL
+ */
+ nowner_sid_ptr = (struct cifs_sid *)((char *)pnntsd + osidsoffset);
+ size = copy_cifs_sid(nowner_sid_ptr, owner_sid_ptr);
+ bufsize += size;
+ ngroup_sid_ptr = (struct cifs_sid *)((char *)pnntsd + gsidsoffset);
+ }
/* copy group sid */
- group_sid_ptr = (struct cifs_sid *)((char *)pntsd + gsidsoffset);
- ngroup_sid_ptr = (struct cifs_sid *)((char *)pnntsd + gsidsoffset);
size = copy_cifs_sid(ngroup_sid_ptr, group_sid_ptr);
bufsize += size;
--
1.8.3.1

View File

@ -1,27 +0,0 @@
From e762faa6943c90e6b593c13b3962af16cdf20d2c Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Sat, 16 Mar 2019 12:34:13 -0700
Subject: [PATCH 17/36] cifs.upcall: fix a compiler warning
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
(cherry picked from commit 2244e109ae30aeb0a21deaa591f6e11fa2039e7d)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
cifs.upcall.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index c92ee62..1559434 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -126,6 +126,7 @@ drop_all_capabilities(void)
static int
trim_capabilities(bool unused)
{
+ (void)unused;
return 0;
}
--
1.8.3.1

View File

@ -1,55 +0,0 @@
From 3c6a5d30cb3eb3f2f12415c1797b8f7802652b17 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Tue, 2 Apr 2019 21:18:27 -0500
Subject: [PATCH 18/36] mount.cifs Add various missing parms from the help text
When you type mount.cifs --help there were more than 40 mount parms
missing. Add 12 of the more common ones to what is displayed by help.
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.de>
(cherry picked from commit 83c6472020afc3db0c63b65e7b67d65a61f3a12e)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index 9370f2e..d921fed 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -269,20 +269,28 @@ static int mount_usage(FILE * stream)
fprintf(stream,
"\n\tmapchars,nomapchars,nolock,servernetbiosname=<SRV_RFC1001NAME>");
fprintf(stream,
- "\n\tdirectio,nounix,cifsacl,sec=<authentication mechanism>,sign,seal,fsc");
+ "\n\tdirectio,nounix,cifsacl,sec=<authentication mechanism>,sign,seal,fsc,");
+ fprintf(stream,
+ "\n\tsnapshot=<time>,nosharesock,persistenthandles,resilienthandles,rdma,");
+ fprintf(stream,
+ "\n\tvers=<smb_dialect>,cruid");
fprintf(stream,
"\n\nOptions not needed for servers supporting CIFS Unix extensions");
fprintf(stream,
"\n\t(e.g. unneeded for mounts to most Samba versions):");
fprintf(stream,
- "\n\tuid=<uid>,gid=<gid>,dir_mode=<mode>,file_mode=<mode>,sfu");
+ "\n\tuid=<uid>,gid=<gid>,dir_mode=<mode>,file_mode=<mode>,sfu,");
+ fprintf(stream,
+ "\n\tmfsymlinks,idsfromsid");
fprintf(stream, "\n\nRarely used options:");
fprintf(stream,
"\n\tport=<tcpport>,rsize=<size>,wsize=<size>,unc=<unc_name>,ip=<ip_address>,");
fprintf(stream,
"\n\tdev,nodev,nouser_xattr,netbiosname=<OUR_RFC1001NAME>,hard,soft,intr,");
fprintf(stream,
- "\n\tnointr,ignorecase,noposixpaths,noacl,prefixpath=<path>,nobrl");
+ "\n\tnointr,ignorecase,noposixpaths,noacl,prefixpath=<path>,nobrl,");
+ fprintf(stream,
+ "\n\techo_interval=<seconds>,actimeo=<seconds>,max_credits=<credits>");
fprintf(stream,
"\n\nOptions are described in more detail in the manual page");
fprintf(stream, "\n\tman 8 mount.cifs\n");
--
1.8.3.1

View File

@ -1,49 +0,0 @@
From 5bb799a0ea3c2cfbd75b767545acaf52690573cb Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Wed, 3 Apr 2019 12:24:33 -0700
Subject: [PATCH 19/36] mount.cifs: add more options to help message
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.de>
(cherry picked from commit b6cb671d3b0df9c8daabc6f52ad9d5e689da4f37)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index d921fed..c6a1bd6 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -267,13 +267,13 @@ static int mount_usage(FILE * stream)
fprintf(stream,
"\n\tsep=<char>,iocharset=<codepage>,suid,nosuid,exec,noexec,serverino,");
fprintf(stream,
- "\n\tmapchars,nomapchars,nolock,servernetbiosname=<SRV_RFC1001NAME>");
+ "\n\tnoserverino,mapchars,nomapchars,nolock,servernetbiosname=<SRV_RFC1001NAME>");
fprintf(stream,
- "\n\tdirectio,nounix,cifsacl,sec=<authentication mechanism>,sign,seal,fsc,");
+ "\n\tcache=<strict|none|loose>,nounix,cifsacl,sec=<authentication mechanism>,");
fprintf(stream,
- "\n\tsnapshot=<time>,nosharesock,persistenthandles,resilienthandles,rdma,");
+ "\n\tsign,seal,fsc,snapshot=<time>,nosharesock,persistenthandles,resilienthandles,");
fprintf(stream,
- "\n\tvers=<smb_dialect>,cruid");
+ "\n\trdma,vers=<smb_dialect>,cruid");
fprintf(stream,
"\n\nOptions not needed for servers supporting CIFS Unix extensions");
fprintf(stream,
@@ -290,7 +290,9 @@ static int mount_usage(FILE * stream)
fprintf(stream,
"\n\tnointr,ignorecase,noposixpaths,noacl,prefixpath=<path>,nobrl,");
fprintf(stream,
- "\n\techo_interval=<seconds>,actimeo=<seconds>,max_credits=<credits>");
+ "\n\techo_interval=<seconds>,actimeo=<seconds>,max_credits=<credits>,");
+ fprintf(stream,
+ "\n\tbsize=<size>");
fprintf(stream,
"\n\nOptions are described in more detail in the manual page");
fprintf(stream, "\n\tman 8 mount.cifs\n");
--
1.8.3.1

View File

@ -1,147 +0,0 @@
From afccae852f231e8982276fa53614b3dc999b6bf8 Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Wed, 3 Apr 2019 22:42:10 +0000
Subject: [PATCH 20/36] mount.cifs: detect GMT format of snapshot version
In order to provide an easy way to access snapshots a GMT
token string should be allowed as a "snapshot" mount option
argument, not SMB 100-nanoseconds time only. Detect if the
argument is in GMT format and convert it to SMB 100-nanoseconds
time before passing to the kernel.
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.de>
(cherry picked from commit c52be345de22669c53a6ec41c28914183bf65d09)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 47 insertions(+), 7 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index c6a1bd6..b3235e4 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -43,6 +43,7 @@
#include <limits.h>
#include <paths.h>
#include <libgen.h>
+#include <time.h>
#include <sys/mman.h>
#include <sys/wait.h>
#ifdef HAVE_SYS_FSUID_H
@@ -161,10 +162,16 @@
#define OPT_BKUPUID 30
#define OPT_BKUPGID 31
#define OPT_NOFAIL 32
+#define OPT_SNAPSHOT 33
#define MNT_TMP_FILE "/.mtab.cifs.XXXXXX"
-/* struct for holding parsed mount info for use by privleged process */
+#define GMT_NAME_LEN 24 /* length of a @GMT- name */
+#define GMT_FORMAT "@GMT-%Y.%m.%d-%H.%M.%S"
+
+#define NTFS_TIME_OFFSET ((unsigned long long)(369*365 + 89) * 24 * 3600 * 10000000)
+
+/* struct for holding parsed mount info for use by privileged process */
struct parsed_mount_info {
unsigned long flags;
char host[NI_MAXHOST + 1];
@@ -271,9 +278,9 @@ static int mount_usage(FILE * stream)
fprintf(stream,
"\n\tcache=<strict|none|loose>,nounix,cifsacl,sec=<authentication mechanism>,");
fprintf(stream,
- "\n\tsign,seal,fsc,snapshot=<time>,nosharesock,persistenthandles,resilienthandles,");
+ "\n\tsign,seal,fsc,snapshot=<token|time>,nosharesock,persistenthandles,");
fprintf(stream,
- "\n\trdma,vers=<smb_dialect>,cruid");
+ "\n\tresilienthandles,rdma,vers=<smb_dialect>,cruid");
fprintf(stream,
"\n\nOptions not needed for servers supporting CIFS Unix extensions");
fprintf(stream,
@@ -773,6 +780,8 @@ static int parse_opt_token(const char *token)
return OPT_NOFAIL;
if (strncmp(token, "x-", 2) == 0)
return OPT_IGNORE;
+ if (strncmp(token, "snapshot", 8) == 0)
+ return OPT_SNAPSHOT;
return OPT_ERROR;
}
@@ -793,16 +802,19 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info)
int got_uid = 0;
int got_cruid = 0;
int got_gid = 0;
+ int got_snapshot = 0;
uid_t uid, cruid = 0, bkupuid = 0;
gid_t gid, bkupgid = 0;
char *ep;
struct passwd *pw;
struct group *gr;
/*
- * max 32-bit uint in decimal is 4294967295 which is 10 chars wide
- * +1 for NULL, and +1 for good measure
+ * max 64-bit uint in decimal is 18446744073709551615 which is 20 chars
+ * wide +1 for NULL, and +1 for good measure
*/
- char txtbuf[12];
+ char txtbuf[22];
+ unsigned long long snapshot;
+ struct tm tm;
/* make sure we're starting from beginning */
out[0] = '\0';
@@ -1130,6 +1142,19 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info)
case OPT_NOFAIL:
parsed_info->nofail = 1;
goto nocopy;
+ case OPT_SNAPSHOT:
+ if (!value || !*value)
+ goto nocopy;
+ if (strncmp(value, "@GMT-", 5))
+ break;
+ if ((strlen(value) != GMT_NAME_LEN) ||
+ (strptime(value, GMT_FORMAT, &tm) == NULL)) {
+ fprintf(stderr, "bad snapshot token\n");
+ return EX_USAGE;
+ }
+ snapshot = timegm(&tm) * 10000000 + NTFS_TIME_OFFSET;
+ got_snapshot = 1;
+ goto nocopy;
}
/* check size before copying option to buffer */
@@ -1225,7 +1250,7 @@ nocopy:
if (got_bkupgid) {
word_len = snprintf(txtbuf, sizeof(txtbuf), "%u", bkupgid);
- /* comma + "backkupgid=" + terminating NULL == 12 */
+ /* comma + "backupgid=" + terminating NULL == 12 */
if (out_len + word_len + 12 > MAX_OPTIONS_LEN) {
fprintf(stderr, "Options string too long\n");
return EX_USAGE;
@@ -1237,6 +1262,21 @@ nocopy:
}
snprintf(out + out_len, word_len + 11, "backupgid=%s", txtbuf);
}
+ if (got_snapshot) {
+ word_len = snprintf(txtbuf, sizeof(txtbuf), "%llu", snapshot);
+
+ /* comma + "snapshot=" + terminating NULL == 11 */
+ if (out_len + word_len + 11 > MAX_OPTIONS_LEN) {
+ fprintf(stderr, "Options string too long\n");
+ return EX_USAGE;
+ }
+
+ if (out_len) {
+ strlcat(out, ",", MAX_OPTIONS_LEN);
+ out_len++;
+ }
+ snprintf(out + out_len, word_len + 11, "snapshot=%s", txtbuf);
+ }
return 0;
}
--
1.8.3.1

View File

@ -1,196 +0,0 @@
From 0b3c633002a10419080312ce72cf1a971fd383d0 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Wed, 3 Apr 2019 23:46:34 -0500
Subject: [PATCH 21/36] Update man page for mount.cifs to add new options
Add description of "snapshot" and "handletimeout" mount
options and a security section noting that the use of
cifs is discouraged, and various minor updates.
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.de>
(cherry picked from commit cbdd6552bc5978476e344a253941e714d983c27b)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 98 +++++++++++++++++++++++++++++++++++-----------------------
1 file changed, 60 insertions(+), 38 deletions(-)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index f64d1f1..8ba6e7b 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -15,13 +15,13 @@ SYNOPSIS
This tool is part of the cifs-utils suite.
-``mount.cifs`` mounts a Linux CIFS filesystem. It is usually invoked
-indirectly by the mount(8) command when using the "-t cifs"
+``mount.cifs`` mounts a CIFS or SMB3 filesystem from Linux. It is
+usually invoked indirectly by the mount(8) command when using the "-t cifs"
option. This command only works in Linux, and the kernel must support
-the cifs filesystem. The CIFS protocol is the successor to the SMB
-protocol and is supported by most Windows servers and many other
-commercial servers and Network Attached Storage appliances as well as
-by the popular Open Source server Samba.
+the cifs filesystem. The SMB3 protocol is the successor to the CIFS (SMB)
+protocol and is supported by most Windows servers, Azure (cloud storage),
+Macs and many other commercial servers and Network Attached Storage
+appliances as well as by the popular Open Source server Samba.
The mount.cifs utility attaches the UNC name (exported network
resource) specified as service (using ``//server/share`` syntax, where
@@ -266,6 +266,13 @@ handlecache
nohandlecache
Disable caching of the share root directory handle.
+handletimeout=arg
+ The time (in milliseconds) for which the server should reserve the handle after
+ a failover waiting for the client to reconnect. When mounting with
+ resilienthandles or persistenthandles mount option, or when their use is
+ requested by the server (continuous availability shares) then this parameter
+ overrides the server default handle timeout (which for most servers is 120 seconds).
+
rwpidforward
Forward pid of a process who opened a file to any read or write
operation on that file. This prevent applications like wine(1) from
@@ -387,6 +394,12 @@ persistenthandles
nopersistenthandles
(default) Disable persistent handles.
+snapshot=time
+ Mount a specific snapshot of the remote share. ``time`` must be a
+ positive integer identifying the snapshot requested (in 100-nanosecond
+ units that have elapsed since January 1, 1601, or alternatively it can
+ be specified in GMT format e.g. @GMT-2019.03.27-20.52.19)
+
nobrl
Do not send byte range lock requests to the server. This is necessary
for certain applications that break with cifs style mandatory byte
@@ -401,7 +414,7 @@ locallease
Check cached leases locally instead of querying the server.
sfu
- When the CIFS Unix Extensions are not negotiated, attempt to create
+ When the CIFS or SMB3 Unix Extensions are not negotiated, attempt to create
device files and fifos in a format compatible with Services for Unix
(SFU). In addition retrieve bits 10-12 of the mode via the
``SETFILEBITS`` extended attribute (as SFU does). In the future the
@@ -450,11 +463,11 @@ noserverino
See section `INODE NUMBERS`_ for more information.
-unix|linux
+posix|unix|linux
(default) Enable Unix Extensions for this mount. Requires CIFS
(vers=1.0) or SMB3.1.1 (vers=3.1.1) and a server supporting them.
-nounix|nolinux
+noposix|nounix|nolinux
Disable the Unix Extensions for this mount. This can be useful in
order to turn off multiple settings at once. This includes POSIX acls,
POSIX locks, POSIX paths, symlink support and retrieving
@@ -479,38 +492,35 @@ nosharesock
Do not try to reuse sockets if the system is already connected to
the server via an existing mount point. This will make the client
always make a new connection to the server no matter what he is
- already connected to.
+ already connected to. This can be useful in simulating multiple
+ clients connecting to the same server, as each mount point
+ will use a different TCP socket.
noblocksend
Send data on the socket using non blocking operations (MSG_DONTWAIT flag).
rsize=bytes
Maximum amount of data that the kernel will request in a read request
- in bytes. Prior to kernel 3.2.0, the default was 16k, and the maximum
- size was limited by the ``CIFSMaxBufSize`` module parameter. As of
- kernel 3.2.0, the behavior varies according to whether POSIX
- extensions are enabled on the mount and the server supports large
- POSIX reads. If they are, then the default is 1M, and the maximum is
- 16M. If they are not supported by the server, then the default is 60k
- and the maximum is around 127k. The reason for the 60k is because it's
- the maximum size read that windows servers can fill. Note that this
- value is a maximum, and the client may settle on a smaller size to
- accommodate what the server supports. In kernels prior to 3.2.0, no
- negotiation is performed.
+ in bytes. Maximum size that servers will accept is typically 8MB for SMB3
+ or later dialects. Default requested during mount is 4MB. Prior to the 4.20
+ kernel the default requested was 1MB. Prior to the SMB2.1 dialect the
+ maximum was usually 64K.
wsize=bytes
Maximum amount of data that the kernel will send in a write request in
- bytes. Prior to kernel 3.0.0, the default and maximum was 57344 (14 \*
- 4096 pages). As of 3.0.0, the default depends on whether the client
- and server negotiate large writes via POSIX extensions. If they do,
- then the default is 1M, and the maximum allowed is 16M. If they do
- not, then the default is 65536 and the maximum allowed is 131007. Note
- that this value is just a starting point for negotiation in 3.0.0 and
- up. The client and server may negotiate this size downward according
- to the server's capabilities. In kernels prior to 3.0.0, no
- negotiation is performed. It can end up with an existing superblock if
- this value isn't specified or it's greater or equal than the existing
- one.
+ bytes. Maximum size that servers will accept is typically 8MB for SMB3
+ or later dialects. Default requested during mount is 4MB. Prior to the 4.20
+ kernel the default requested was 1MB. Prior to the SMB2.1 dialect the
+ maximum was usually 64K.
+
+bsize=bytes
+ Override the default blocksize (1MB) reported on SMB3 files (requires
+ kernel version of 5.1 or later). Prior to kernel version 5.1, the
+ blocksize was always reported as 16K instead of 1MB (and was not
+ configurable) which can hurt the performance of tools like cp and scp
+ (especially for uncached I/O) which decide on the read and write size
+ to use for file copies based on the inode blocksize. bsize may not be
+ less than 16K or greater than 16M.
max_credits=n
Maximum credits the SMB2 client can have. Default is 32000. Must be
@@ -885,14 +895,26 @@ CONFIGURATION
The primary mechanism for making configuration changes and for reading
debug information for the cifs vfs is via the Linux /proc
filesystem. In the directory */proc/fs/cifs* are various
-configuration files and pseudo files which can display debug
-information. There are additional startup options such as maximum
-buffer size and number of buffers which only may be set when the
+configuration files and pseudo files which can display debug information
+and performance statistics. There are additional startup options such as
+maximum buffer size and number of buffers which only may be set when the
kernel cifs vfs (cifs.ko module) is loaded. These can be seen by
running the ``modinfo`` utility against the file cifs.ko which will
list the options that may be passed to cifs during module installation
(device driver load). For more information see the kernel file
-*fs/cifs/README*.
+*fs/cifs/README*. When configuring dynamic tracing (trace-cmd)
+note that the list of SMB3 events which can be enabled can be seen at:
+*/sys/kernel/debug/tracing/events/cifs/*.
+
+********
+SECURITY
+********
+
+The use of SMB2.1 or later (including the latest dialect SMB3.1.1)
+is recommended for improved security and SMB1 is no longer requested
+by default at mount time. Old dialects such as CIFS (SMB1, ie vers=1.0)
+have much weaker security. Use of CIFS (SMB1) can be disabled by
+modprobe cifs disable_legacy_dialects=y.
****
BUGS
@@ -913,8 +935,8 @@ bugs (minimum: mount.cifs (try ``mount.cifs -V``), kernel (see
VERSION
*******
-This man page is correct for version 1.74 of the cifs vfs filesystem
-(roughly Linux kernel 3.0).
+This man page is correct for version 2.18 of the cifs vfs filesystem
+(roughly Linux kernel 5.0).
********
SEE ALSO
--
1.8.3.1

View File

@ -1,30 +0,0 @@
From 4b66cc571fcfe69e9a5009a499fbfb5a4270411c Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Thu, 4 Apr 2019 16:25:30 +0000
Subject: [PATCH 22/36] mount.cifs.rst: mention kernel version for snapshots
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.de>
(cherry picked from commit 70f3cda1fa5ff526b03fe7d28c8c4d2e1e290a0b)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
mount.cifs.rst | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 8ba6e7b..02016e0 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -398,7 +398,8 @@ snapshot=time
Mount a specific snapshot of the remote share. ``time`` must be a
positive integer identifying the snapshot requested (in 100-nanosecond
units that have elapsed since January 1, 1601, or alternatively it can
- be specified in GMT format e.g. @GMT-2019.03.27-20.52.19)
+ be specified in GMT format e.g. @GMT-2019.03.27-20.52.19). Supported
+ in the Linux kernel starting from v4.19.
nobrl
Do not send byte range lock requests to the server. This is necessary
--
1.8.3.1

View File

@ -1,59 +0,0 @@
From 06e346ae936dadf46f5a8bd8ad2502bad21f9007 Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Fri, 5 Apr 2019 09:40:29 -0700
Subject: [PATCH 23/36] Fix authors and maintainers
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
(cherry picked from commit 204c6b6965e6395eb9c546993116e0d650c952b8)
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
---
AUTHORS | 3 ++-
README | 2 +-
mount.cifs.rst | 6 +++---
3 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/AUTHORS b/AUTHORS
index 081c2fe..e03f097 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -3,8 +3,9 @@ Steve French <smfrench@gmail.com>
Igor Mammedov <niallain@gmail.com>
Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Suresh Jayaraman <sjayaraman@suse.de>
-Pavel Shilovsky <piastry@etersoft.ru>
+Pavel Shilovsky <pshilovsky@samba.org>
Igor Druzhinin <jaxbrigs@gmail.com>
Scott Lovenberg <scott.lovenberg@gmail.com>
+Aurelien Aptel <aaptel@suse.com>
...and others.
diff --git a/README b/README
index 3e311a5..76e864f 100644
--- a/README
+++ b/README
@@ -8,7 +8,7 @@ separate package.
Home page: http://wiki.samba.org/index.php/LinuxCIFS_utils
Mailing list: linux-cifs@vger.kernel.org
Git Repository: git://git.samba.org/cifs-utils.git
- Maintainer: Jeffrey Layton <jlayton@samba.org>
+ Maintainer: Pavel Shilovsky <pshilovsky@samba.org>
1. COMPILING
diff --git a/mount.cifs.rst b/mount.cifs.rst
index 02016e0..ee5086c 100644
--- a/mount.cifs.rst
+++ b/mount.cifs.rst
@@ -955,6 +955,6 @@ AUTHOR
Steve French
-The maintainer of the Linux cifs vfs and the userspace tool mount.cifs
-is Steve French. The Linux CIFS Mailing list is the preferred place to
-ask questions regarding these programs.
+The maintainer of the Linux cifs vfs is Steve French. The maintainer of the
+cifs-utils suite of user space tools is Pavel Shilovsky. The Linux CIFS Mailing
+list is the preferred place to ask questions regarding these programs.
--
1.8.3.1

View File

@ -1,28 +0,0 @@
From 9ef872e140e04864d6e8b42f75ba184357b79a05 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <ab@samba.org>
Date: Tue, 17 Jul 2018 08:22:23 +0300
Subject: [PATCH] configure.ac: support using both rst2man and rst2man-3
Python3 version of rst2man is called rst2man-3.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index b0bc2b9..26d60ea 100644
--- a/configure.ac
+++ b/configure.ac
@@ -252,7 +252,7 @@ fi
# if docs are not disabled, check if rst2man is available
if test $enable_man != "no"; then
- AC_CHECK_PROG(have_rst2man, rst2man, yes, no)
+ AC_CHECK_PROGS(have_rst2man, rst2man-3 rst2man, no)
if test $have_rst2man = "no"; then
if test $enable_man = "yes"; then
AC_MSG_ERROR([rst2man not found: cannot generate man pages, consider installing perl.])
--
2.17.1

View File

@ -2,8 +2,8 @@
%define pre_release %nil %define pre_release %nil
Name: cifs-utils Name: cifs-utils
Version: 6.8 Version: 7.0
Release: 3%{pre_release}%{?dist} Release: 1%{pre_release}%{?dist}
Summary: Utilities for mounting and managing CIFS mounts Summary: Utilities for mounting and managing CIFS mounts
Group: System Environment/Daemons Group: System Environment/Daemons
@ -18,30 +18,7 @@ Requires(post): /usr/sbin/alternatives
Requires(preun): /usr/sbin/alternatives Requires(preun): /usr/sbin/alternatives
Source0: https://download.samba.org/pub/linux-cifs/cifs-utils/%{name}-%{version}.tar.bz2 Source0: https://download.samba.org/pub/linux-cifs/cifs-utils/%{name}-%{version}.tar.bz2
Patch0: cifs-utils-rst2man-3.patch Patch1: 0001-Use-explicit-usr-bin-python3.patch
Patch1: 0001-docs-cleanup-rst-formating.patch
Patch2: 0002-mount.cifs.rst-document-new-no-handlecache-mount-opt.patch
Patch3: 0003-manpage-update-mount.cifs-manpage-with-info-about-rd.patch
Patch4: 0004-checkopts-add-python-script-to-cross-check-mount-opt.patch
Patch5: 0005-mount.cifs.rst-document-missing-options-correct-wron.patch
Patch6: 0006-checkopts-report-duplicated-options-in-man-page.patch
Patch7: 0007-mount.cifs.rst-more-cleanups.patch
Patch8: 0008-mount.cifs.rst-document-vers-3-mount-option.patch
Patch9: 0009-mount.cifs.rst-document-vers-3.02-mount-option.patch
Patch10: 0010-cifs-Allow-DNS-resolver-key-to-expire.patch
Patch11: 0011-mount.cifs-be-more-verbose-and-helpful-regarding-mou.patch
Patch12: 0012-Update-mount.cifs-with-vers-default-mount-option-and.patch
Patch13: 0013-mount.cifs.rst-update-vers-3.1.1-option-description.patch
Patch14: 0014-getcifsacl-Do-not-go-to-parse_sec_desc-if-getxattr-f.patch
Patch15: 0015-getcifsacl-Improve-help-usage-and-add-h-option.patch
Patch16: 0016-setcifsacl-fix-adding-ACE-when-owner-sid-in-unexpect.patch
Patch17: 0017-cifs.upcall-fix-a-compiler-warning.patch
Patch18: 0018-mount.cifs-Add-various-missing-parms-from-the-help-t.patch
Patch19: 0019-mount.cifs-add-more-options-to-help-message.patch
Patch20: 0020-mount.cifs-detect-GMT-format-of-snapshot-version.patch
Patch21: 0021-Update-man-page-for-mount.cifs-to-add-new-options.patch
Patch22: 0022-mount.cifs.rst-mention-kernel-version-for-snapshots.patch
Patch23: 0023-Fix-authors-and-maintainers.patch
%description %description
The SMB/CIFS protocol is a standard file sharing protocol widely deployed The SMB/CIFS protocol is a standard file sharing protocol widely deployed
@ -76,30 +53,7 @@ provide these credentials to the kernel automatically at login.
%prep %prep
%setup -q -n %{name}-%{version}%{pre_release} %setup -q -n %{name}-%{version}%{pre_release}
%patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%build %build
autoreconf -i autoreconf -i
@ -120,7 +74,10 @@ install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir}
%{_bindir}/getcifsacl %{_bindir}/getcifsacl
%{_bindir}/setcifsacl %{_bindir}/setcifsacl
%{_bindir}/cifscreds %{_bindir}/cifscreds
%{_bindir}/smbinfo
%{_bindir}/smb2-quota
%{_sbindir}/mount.cifs %{_sbindir}/mount.cifs
%{_sbindir}/mount.smb3
%{_sbindir}/cifs.upcall %{_sbindir}/cifs.upcall
%{_sbindir}/cifs.idmap %{_sbindir}/cifs.idmap
%dir %{_libdir}/%{name} %dir %{_libdir}/%{name}
@ -128,9 +85,12 @@ install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir}
%{_mandir}/man1/getcifsacl.1.gz %{_mandir}/man1/getcifsacl.1.gz
%{_mandir}/man1/setcifsacl.1.gz %{_mandir}/man1/setcifsacl.1.gz
%{_mandir}/man1/cifscreds.1.gz %{_mandir}/man1/cifscreds.1.gz
%{_mandir}/man1/smbinfo.1.gz
%{_mandir}/man1/smb2-quota.1.gz
%{_mandir}/man8/cifs.upcall.8.gz %{_mandir}/man8/cifs.upcall.8.gz
%{_mandir}/man8/cifs.idmap.8.gz %{_mandir}/man8/cifs.idmap.8.gz
%{_mandir}/man8/mount.cifs.8.gz %{_mandir}/man8/mount.cifs.8.gz
%{_mandir}/man8/mount.smb3.8.gz
%{_mandir}/man8/idmapwb.8.gz %{_mandir}/man8/idmapwb.8.gz
%dir %{_sysconfdir}/cifs-utils %dir %{_sysconfdir}/cifs-utils
%ghost %{_sysconfdir}/cifs-utils/idmap-plugin %ghost %{_sysconfdir}/cifs-utils/idmap-plugin
@ -153,6 +113,10 @@ fi
%{_mandir}/man8/pam_cifscreds.8.gz %{_mandir}/man8/pam_cifscreds.8.gz
%changelog %changelog
* Mon Jan 30 2023 Pavel Filipenský <pfilipen@redhat.com> - 7.0-1
- Update to cifs-utils-7.0
- Resolves: rhbz#2163373
* Thu Dec 12 2019 Sachin Prabhu <sprabhu@redhat.com> - 6.8-3 * Thu Dec 12 2019 Sachin Prabhu <sprabhu@redhat.com> - 6.8-3
- Add manual gating tests - Add manual gating tests
- docs: cleanup rst formating - docs: cleanup rst formating

View File

@ -1 +1 @@
SHA512 (cifs-utils-6.8.tar.bz2) = 54a094f78c9e07acc997adfe0c8d4c2fb8e15c18adcc1805450e2180f8539aaec8619e781e985b289e097932637e2de3e6815e32f59ec2fc06cfc3762b832e13 SHA512 (cifs-utils-7.0.tar.bz2) = 4c57741af0c4567a78f352c73caca998881666a5ed36536275cfa775efd66ff1a44ebe539a8ed96c409c5b08a1378266964ce667a27e9fc7f2d43999c63dd0eb