diff options
author | Steve French <sfrench@us.ibm.com> | 2009-02-20 05:43:09 +0000 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2009-02-21 03:37:10 +0000 |
commit | eca6acf91552a9b2e997cc76339115c95eac0217 (patch) | |
tree | 2c3c3ef60900d6ee0cb8952f2bd4195abfb92663 /fs/cifs/CHANGES | |
parent | c3b2a0c640bff7df85d79fb4f89674949a267ec2 (diff) |
[CIFS] Fix multiuser mounts so server does not invalidate earlier security contexts
When two different users mount the same Windows 2003 Server share using CIFS,
the first session mounted can be invalidated. Some servers invalidate the first
smb session when a second similar user (e.g. two users who get mapped by server to "guest")
authenticates an smb session from the same client.
By making sure that we set the 2nd and subsequent vc numbers to nonzero values,
this ensures that we will not have this problem.
Fixes Samba bug 6004, problem description follows:
How to reproduce:
- configure an "open share" (full permissions to Guest user) on Windows 2003
Server (I couldn't reproduce the problem with Samba server or Windows older
than 2003)
- mount the share twice with different users who will be authenticated as guest.
noacl,noperm,user=john,dir_mode=0700,domain=DOMAIN,rw
noacl,noperm,user=jeff,dir_mode=0700,domain=DOMAIN,rw
Result:
- just the mount point mounted last is accessible:
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/CHANGES')
-rw-r--r-- | fs/cifs/CHANGES | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 72063f5e56b..851388fafc7 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,3 +1,13 @@ +Version 1.57 +------------ +Improve support for multiple security contexts to the same server. We +used to use the same "vcnumber" for all connections which could cause +the server to treat subsequent connections, especially those that +are authenticated as guest, as reconnections, invalidating the earlier +user's smb session. This fix allows cifs to mount multiple times to the +same server with different userids without risking invalidating earlier +established security contexts. + Version 1.56 ------------ Add "forcemandatorylock" mount option to allow user to use mandatory |