.cifs-utils.metadata

@@ -1 +1 @@
-9df055a73d89ed3d536828d0cea304c9e04139d4 SOURCES/cifs-utils-7.0.tar.bz2
+75c4eadf2b789ba0e504b4991f3284e15bf9266a SOURCES/cifs-utils-7.5.tar.bz2

.gitignore

@@ -1 +1 @@
-SOURCES/cifs-utils-7.0.tar.bz2
+SOURCES/cifs-utils-7.5.tar.bz2

SOURCES/0001-Use-explicit-usr-bin-python3.patch

@@ -1,55 +0,0 @@
-From 17162396d9ace9396c27826f1c62719186e29ae9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Pavel=20Filipensk=C3=BD?= <pfilipensky@samba.org>
-Date: Fri, 20 Jan 2023 20:53:44 +0100
-Subject: [PATCH] Use explicit #!/usr/bin/python3
-
----
- checkopts    | 2 +-
- smb2-quota   | 2 +-
- smb2-secdesc | 2 +-
- smbinfo      | 2 +-
- 4 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/checkopts b/checkopts
-index 88e70b1..00c4cfd 100755
---- a/checkopts
-+++ b/checkopts
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python3
-+#!/usr/bin/python3
- #
- # Script to check for inconsistencies between documented mount options
- # and implemented kernel options.
-diff --git a/smb2-quota b/smb2-quota
-index 6d0b8a3..49207c7 100755
---- a/smb2-quota
-+++ b/smb2-quota
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python
-+#!/usr/bin/python3
- # coding: utf-8
- #
- # smb2-quota is a cmdline tool to display quota information for the
-diff --git a/smb2-secdesc b/smb2-secdesc
-index 5886091..534dd92 100755
---- a/smb2-secdesc
-+++ b/smb2-secdesc
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python
-+#!/usr/bin/python3
- # coding: utf-8
- 
- import array
-diff --git a/smbinfo b/smbinfo
-index 73c5bb3..766024e 100755
---- a/smbinfo
-+++ b/smbinfo
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python3
-+#!/usr/bin/python3
- # -*- coding: utf-8 -*-
- #
- # smbinfo is a cmdline tool to query SMB-specific file and fs
--- 
-2.38.1
-

SOURCES/cifs.upcall-Adjust-log-level.patch

@@ -0,0 +1,41 @@
+From 927123ede36fab4a68aea6f6a3495ad909430ed1 Mon Sep 17 00:00:00 2001
+From: Pierguido Lambri <plambri@redhat.com>
+Date: Fri, 30 Jan 2026 14:11:28 +0000
+Subject: [PATCH 3/3] cifs.upcall: Adjust log level
+
+Because now only error message are logged, let's switch some messages
+from DEBUG to ERROR level.
+This will help see when an error occurred with cifs.upcall and
+eventually turn on the debug mode.
+
+Signed-off-by: Pierguido Lambri <plambri@redhat.com>
+Reviewed-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
+---
+ cifs.upcall.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/cifs.upcall.c b/cifs.upcall.c
+index b57a48c743e4..9d0eecf3aa11 100644
+--- a/cifs.upcall.c
++++ b/cifs.upcall.c
+@@ -1618,7 +1618,7 @@ int main(const int argc, char *const argv[])
+ 					 __func__);
+ 		} else {
+ 			 if (!get_tgt_time(ccache)) {
+-				syslog(LOG_DEBUG, "%s: valid TGT is not present in credential cache",
++				syslog(LOG_ERR, "%s: valid TGT is not present in credential cache",
+ 						__func__);
+ 				krb5_cc_close(context, ccache);
+ 				ccache = NULL;
+@@ -1721,7 +1721,7 @@ retry_new_hostname:
+ 	}
+ 
+ 	if (rc) {
+-		syslog(LOG_DEBUG, "Unable to obtain service ticket");
++		syslog(LOG_ERR, "Unable to obtain service ticket");
+ 		goto out;
+ 	}
+ 
+-- 
+2.52.0
+

SOURCES/cifs.upcall-add-option-to-enable-debug-logs.patch

@@ -0,0 +1,68 @@
+From 3047b9ccefdcf6327bf060ebf0d40864c5b1a11e Mon Sep 17 00:00:00 2001
+From: Pierguido Lambri <plambri@redhat.com>
+Date: Fri, 30 Jan 2026 14:11:26 +0000
+Subject: [PATCH 1/3] cifs.upcall: add option to enable debug logs
+
+cifs.upcall uses two levels of logs, DEBUG and ERR.
+However, when using systemd, these logs will always be recorded.
+When the system does a lot of upcalls, the journal could be filled
+with debug logs, which may not be useful at that time.
+Added then a new option '-d' to enable debug logs only when needed.
+This will set a logmask up to LOG_DEBUG instead of the default
+of LOG_ERR, thus reducing the amount of logs when no debug is needed.
+
+Signed-off-by: Pierguido Lambri <plambri@redhat.com>
+Reviewed-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
+---
+ cifs.upcall.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/cifs.upcall.c b/cifs.upcall.c
+index 69e27a34f637..b57a48c743e4 100644
+--- a/cifs.upcall.c
++++ b/cifs.upcall.c
+@@ -1356,10 +1356,11 @@ lowercase_string(char *c)
+ 
+ static void usage(void)
+ {
+-	fprintf(stderr, "Usage: %s [ -K /path/to/keytab] [-k /path/to/krb5.conf] [-E] [-t] [-v] [-l] [-e nsecs] key_serial\n", prog);
++	fprintf(stderr, "Usage: %s [ -K /path/to/keytab] [-k /path/to/krb5.conf] [-d] [-E] [-t] [-v] [-l] [-e nsecs] key_serial\n", prog);
+ }
+ 
+ static const struct option long_options[] = {
++	{"debug", 0, NULL, 'd'},
+ 	{"no-env-probe", 0, NULL, 'E'},
+ 	{"krb5conf", 1, NULL, 'k'},
+ 	{"legacy-uid", 0, NULL, 'l'},
+@@ -1379,6 +1380,7 @@ int main(const int argc, char *const argv[])
+ 	size_t datalen;
+ 	long rc = 1;
+ 	int c;
++	int mask;
+ 	bool try_dns = false, legacy_uid = false , env_probe = true;
+ 	char *buf;
+ 	char hostbuf[NI_MAXHOST], *host;
+@@ -1395,12 +1397,19 @@ int main(const int argc, char *const argv[])
+ 	hostbuf[0] = '\0';
+ 
+ 	openlog(prog, 0, LOG_DAEMON);
++	mask = LOG_UPTO(LOG_ERR);
++	setlogmask(mask);
+ 
+-	while ((c = getopt_long(argc, argv, "cEk:K:ltve:", long_options, NULL)) != -1) {
++	while ((c = getopt_long(argc, argv, "cdEk:K:ltve:", long_options, NULL)) != -1) {
+ 		switch (c) {
+ 		case 'c':
+ 			/* legacy option -- skip it */
+ 			break;
++		case 'd':
++			/* enable debug logs */
++			mask = LOG_UPTO(LOG_DEBUG);
++			setlogmask(mask);
++			break;
+ 		case 'E':
+ 			/* skip probing initiating process env */
+ 			env_probe = false;
+-- 
+2.52.0
+

SOURCES/docs-Enable-debug-logs.patch

@@ -0,0 +1,41 @@
+From 224512b9e62c886fd8d9802bc50a7702c4fe4517 Mon Sep 17 00:00:00 2001
+From: Pierguido Lambri <plambri@redhat.com>
+Date: Fri, 30 Jan 2026 14:11:27 +0000
+Subject: [PATCH 2/3] docs: Enable debug logs
+
+Documented a new option '-d' to enable debug logs.
+By default only error logs are enabled, with this new option
+debug logs can be enabled when needed.
+
+Signed-off-by: Pierguido Lambri <plambri@redhat.com>
+Reviewed-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
+---
+ cifs.upcall.rst.in | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/cifs.upcall.rst.in b/cifs.upcall.rst.in
+index 09d0503591d6..895efc53ef50 100644
+--- a/cifs.upcall.rst.in
++++ b/cifs.upcall.rst.in
+@@ -11,7 +11,7 @@ Userspace upcall helper for Common Internet File System (CIFS)
+ SYNOPSIS
+ ********
+ 
+-  cifs.upcall [--trust-dns|-t] [--version|-v] [--legacy-uid|-l]
++  cifs.upcall [--trust-dns|-t] [--version|-v] [--legacy-uid|-l] [--debug|-d]
+               [--krb5conf=/path/to/krb5.conf|-k /path/to/krb5.conf]
+               [--keytab=/path/to/keytab|-K /path/to/keytab] [--expire|-e nsecs] {keyid}
+ 
+@@ -38,6 +38,9 @@ OPTIONS
+ -c
+   This option is deprecated and is currently ignored.
+ 
++--debug|-d
++  Enable debug logs. By default no debug messages are logged, only errors.
++
+ --no-env-probe|-E
+   Normally, ``cifs.upcall`` will probe the environment variable space of
+   the process that initiated the upcall in order to fetch the value of
+-- 
+2.52.0
+

SPECS/cifs-utils.spec

@@ -1,24 +1,42 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.6.5)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 1;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
 #% define pre_release rc1
 %define pre_release %nil
 
+%global bash_completion_dir %(pkg-config --variable=completionsdir bash-completion || echo /etc/bash_completion.d)
+
 Name:            cifs-utils
-Version:         7.0
-Release:         1%{pre_release}%{?dist}
+Version:         7.5
+Release:         %autorelease
 Summary:         Utilities for mounting and managing CIFS mounts
 
-Group:           System Environment/Daemons
-License:         GPLv3
+License:         GPL-3.0-only
 URL:             http://linux-cifs.samba.org/cifs-utils/
 
-BuildRequires:   libcap-ng-devel libtalloc-devel krb5-devel keyutils-libs-devel autoconf automake libwbclient-devel pam-devel
-BuildRequires:   python3-docutils
+BuildRequires:  gcc
+BuildRequires:  libcap-ng-devel libtalloc-devel krb5-devel keyutils-libs-devel autoconf automake libwbclient-devel pam-devel
+BuildRequires:  python3-docutils
+BuildRequires: make
 
 Requires:        keyutils
 Requires(post):  /usr/sbin/alternatives
 Requires(preun): /usr/sbin/alternatives
 
+Recommends: %{name}-info%{?_isa} = %{version}-%{release}
+
 Source0:         https://download.samba.org/pub/linux-cifs/cifs-utils/%{name}-%{version}.tar.bz2
-Patch1:          0001-Use-explicit-usr-bin-python3.patch
+
+Patch0: cifs.upcall-add-option-to-enable-debug-logs.patch
+Patch1: docs-Enable-debug-logs.patch
+Patch2: cifs.upcall-Adjust-log-level.patch
 
 %description
 The SMB/CIFS protocol is a standard file sharing protocol widely deployed
@@ -30,7 +48,6 @@ file system.
 
 %package devel
 Summary:        Files needed for building plugins for cifs-utils
-Group:          Development/Libraries
 
 %description devel
 The SMB/CIFS protocol is a standard file sharing protocol widely deployed
@@ -39,7 +56,6 @@ necessary for building ID mapping plugins for cifs-utils.
 
 %package -n pam_cifscreds
 Summary:        PAM module to manage NTLM credentials in kernel keyring
-Group:          System Environment/Base
 
 %description -n pam_cifscreds
 The pam_cifscreds PAM module is a tool for automatically adding
@@ -52,10 +68,10 @@ for each user from somewhere. The pam_cifscreds module can be used to
 provide these credentials to the kernel automatically at login.
 
 %prep
-%setup -q -n %{name}-%{version}%{pre_release}
-%patch1 -p1
+%autosetup -n %{name}-%{version}%{pre_release} -p1
 
 %build
+grep -F -r -l '/usr/bin/env python' | xargs --no-run-if-empty -n1 sed -i 's@/usr/bin/env python.*@%python3@g'
 autoreconf -i
 %configure --prefix=/usr ROOTSBINDIR=%{_sbindir}
 make %{?_smp_mflags}
@@ -67,42 +83,40 @@ mkdir -p %{buildroot}%{_sysconfdir}/%{name}
 mkdir -p %{buildroot}%{_sysconfdir}/request-key.d
 install -m 644 contrib/request-key.d/cifs.idmap.conf %{buildroot}%{_sysconfdir}/request-key.d
 install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir}/request-key.d
+install -Dpm 644 bash-completion/smbinfo %{buildroot}%{_datadir}%{bash_completion_dir}/smbinfo
 
 %files
-%defattr(-,root,root,-)
 %doc
+%license COPYING
 %{_bindir}/getcifsacl
 %{_bindir}/setcifsacl
 %{_bindir}/cifscreds
-%{_bindir}/smbinfo
-%{_bindir}/smb2-quota
 %{_sbindir}/mount.cifs
 %{_sbindir}/mount.smb3
 %{_sbindir}/cifs.upcall
 %{_sbindir}/cifs.idmap
 %dir %{_libdir}/%{name}
 %{_libdir}/%{name}/idmapwb.so
-%{_mandir}/man1/getcifsacl.1.gz
-%{_mandir}/man1/setcifsacl.1.gz
-%{_mandir}/man1/cifscreds.1.gz
-%{_mandir}/man1/smbinfo.1.gz 
-%{_mandir}/man1/smb2-quota.1.gz
-%{_mandir}/man8/cifs.upcall.8.gz
-%{_mandir}/man8/cifs.idmap.8.gz
-%{_mandir}/man8/mount.cifs.8.gz
-%{_mandir}/man8/mount.smb3.8.gz
-%{_mandir}/man8/idmapwb.8.gz
+%{_mandir}/man1/getcifsacl.*
+%{_mandir}/man1/setcifsacl.*
+%{_mandir}/man1/cifscreds.*
+%{_mandir}/man8/cifs.upcall.*
+%{_mandir}/man8/cifs.idmap.*
+%{_mandir}/man8/mount.cifs.*
+%{_mandir}/man8/mount.smb3.*
+%{_mandir}/man8/idmapwb.*
+%{_datadir}%{bash_completion_dir}/smbinfo
 %dir %{_sysconfdir}/cifs-utils
 %ghost %{_sysconfdir}/cifs-utils/idmap-plugin
 %config(noreplace) %{_sysconfdir}/request-key.d/cifs.idmap.conf
 %config(noreplace) %{_sysconfdir}/request-key.d/cifs.spnego.conf
 
 %post
-/usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin %{_libdir}/%{name}/idmapwb.so 10
+alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin %{_libdir}/%{name}/idmapwb.so 10
 
 %preun
 if [ $1 = 0 ]; then
-	/usr/sbin/alternatives --remove cifs-idmap-plugin %{_libdir}/%{name}/idmapwb.so
+	alternatives --remove cifs-idmap-plugin %{_libdir}/%{name}/idmapwb.so
 fi
 
 %files devel
@@ -112,39 +126,102 @@ fi
 %{_libdir}/security/pam_cifscreds.so
 %{_mandir}/man8/pam_cifscreds.8.gz
 
+# This subpackage also serves the purpose of avoiding a Python dependency on
+# the main package: https://bugzilla.redhat.com/show_bug.cgi?id=1909288.
+%package info
+Summary: Additional tools for querying information about CIFS mount
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description info
+This subpackage includes additional tools for querying information
+about CIFS mount.
+
+%files info
+%{_bindir}/smb2-quota
+%{_bindir}/smbinfo
+%{_mandir}/man1/smb2-quota.*
+%{_mandir}/man1/smbinfo.*
+
 %changelog
+## START: Generated by rpmautospec
+* Tue Feb 03 2026 Paulo Alcantara <paalcant@redhat.com> - 7.5-1
+- resolves: RHEL-127499 - Enable debug logs in cifs.upcall
+
+* Wed Nov 26 2025 Paulo Alcantara <paalcant@redhat.com> - 7.4-1
+- resolves: RHEL-110765 - fix regression with cifscreds(1)
+
+* Fri Mar 07 2025 Paulo Alcantara <paalcant@redhat.com> - 7.2-1
+- resolves: RHEL-82680 - Update to version 7.2
+
+* Wed Oct 09 2024 Pavel Filipenský <pfilipensky@samba.org> - 7.1-2
+- Fix damaged test filename
+
+* Tue Oct 08 2024 Pavel Filipenský <pfilipensky@samba.org> - 7.1-1
+- resolves: RHEL-61732 - Update to version 7.1
+
+* Mon Apr 22 2024 Paulo Alcantara <paalcant@redhat.com> - 7.0-5
+- Implement CLDAP Ping to find the closest site
+- Resolves: RHELPLAN-17597
+
+* Tue Apr 16 2024 Paulo Alcantara <paalcant@redhat.com> - 7.0-4
+- mount.cifs.rst: add missing reference for sssd
+- mount.cifs.rst: update section about xattr/acl support
+- Resolves: RHEL-22495
+
+* Fri Apr 12 2024 Paulo Alcantara <paalcant@redhat.com> - 7.0-3
+- pam_cifscreds: fix NULL arg warning passed to pam_syslog()
+- Resolves: RHEL-28050
+
+* Fri Apr 12 2024 Paulo Alcantara <paalcant@redhat.com> - 7.0-2
+- cifs.upcall: fix UAF in get_cachename_from_process_env()
+- Resolves: RHEL-28047
+
 * Mon Jan 30 2023 Pavel Filipenský <pfilipen@redhat.com> - 7.0-1
 - Update to cifs-utils-7.0
-- Resolves: rhbz#2163373
+- Resolves: rhbz#2163303
 
-* Thu Dec 12 2019 Sachin Prabhu <sprabhu@redhat.com> - 6.8-3
-- Add manual gating tests
-- docs: cleanup rst formating
-- mount.cifs.rst: document new (no)handlecache mount option
-- manpage: update mount.cifs manpage with info about rdma option
-- checkopts: add python script to cross check mount options
-- mount.cifs.rst: document missing options, correct wrong ones
-- checkopts: report duplicated options in man page
-- mount.cifs.rst: more cleanups
-- mount.cifs.rst: document vers=3 mount option
-- mount.cifs.rst: document vers=3.02 mount option
-- cifs: Allow DNS resolver key to expire
-- mount.cifs: be more verbose and helpful regarding mount errors
-- Update mount.cifs with vers=default mount option and SMBv3.0.2
-- mount.cifs.rst: update vers=3.1.1 option description
-- getcifsacl: Do not go to parse_sec_desc if getxattr fails.
-- getcifsacl: Improve help usage and add -h option.
-- setcifsacl: fix adding ACE when owner sid in unexpected location
-- cifs.upcall: fix a compiler warning
-- mount.cifs Add various missing parms from the help text
-- mount.cifs: add more options to help message
-- mount.cifs: detect GMT format of snapshot version
-- Update man page for mount.cifs to add new options
-- mount.cifs.rst: mention kernel version for snapshots
-- Fix authors and maintainers
+* Wed Feb 02 2022 Alexander Bokovoy <abokovoy@redhat.com> - 6.14
+- Update to v6.14 release
+- Resolves: rhbz#1925956
 
-* Tue Jul 17 2018 Alexander Bokovoy <abokovoy@redhat.com> - 6.8-2
-- Use Python 3 version of rst2man utility for generating man pages
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 6.11-5
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 6.11-4
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 6.11-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Fri Dec 18 2020 Jonathan Lebon <jonathan@jlebon.com> - 6.11-2
+- Split out -info subpackage for smb2-quota and smbinfo
+  https://bugzilla.redhat.com/show_bug.cgi?id=1909288
+
+* Mon Nov 02 2020 Alexander Bokovoy <abokovoy@redhat.com> - 6.11-1
+- Update to v6.11 release
+- Resolves: rhbz#1876400 - CVE-2020-14342 - cifs-utils: shell command injection
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 6.9-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 6.9-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 6.9-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sun Apr 21 2019 Jeff Layton <jlayton@redhat.com>- 6.9-1
+- Update to v6.9 release
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 6.8-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Tue Jul 17 2018 Alexander Bokovoy <abokovoy@redhat.com> - 6.8-3
+- Use Python 3 version of rst2man
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 6.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
 * Tue Apr 10 2018 Fedora Release Engineering <releng@fedoraproject.org> - 6.8-1
 - update to 6.8 release
@@ -395,3 +472,4 @@ fi
 * Mon Feb 08 2010 Jeff Layton <jlayton@redhat.com> 4.0a1-1
 - first RPM package build
 
+## END: Generated by rpmautospec