SMBmount conspiracy

Darrel Barton darrel at lantera.com
Wed Jul 25 04:11:26 UTC 2007 

I have aquariums, both freshwater and marine, so I do a lot of water 
tests.  These are the tests where you fill a vial of the water, put in some 
drops and wait for the solution to turn a certain color ... then you match 
the color against a chart.   Part of our hobby is the running complaint 
that we get these BEAUTIFUL colors in the vial .... perfect in EVERY way 
..... except they bear no relation or resemblance to the colors on the 
chart.  I personally know 15 people that have ALL noticed the same thing, 
with the same kit ... yet somehow the manufacturer claims that they've 
never, ever, EVER heard of this before.

So it' not just computers.

I have Red Hat Enterprise Linux ES release 4 (Nahant) Kernel 2.6.9-5.ELsmp 
on an i686    And I'm trying to connect to a Windows 2003 Server (not 
domain controller) as a shared file using EITHER ONE of the following 
command lines:

#smbmount //img1/docs /home/documents -o 
dmask=777,fmask=0444,gid=100,uid=501,username=documents,password=passd 

  -or- 

#mount -t cifs //img1/docs /home/documents -o 
dir_mode=0777,file_mode=0444,gid=100,uid=501,username=documents,password=passd 


In EITHER case the mount succeeds and I can CD to the directory and all the 
subdirectories underneath and LS each and every file with no 
problem.  Until I try to read, copy or move the file itself ... in which 
case I get

cp: 10000099.TIF: read error: Permission denied

But I can actually log into the Win2003 system as that user and all my 
permissions on the directories are fine.

So I hit the net and the docs and the forums and everyone says that Windows 
2003 has a problem with digital signing.  Even Red Hat has an errata on it, 
saying
Local Policies - Security Options - Microsoft network client - digitally 
sign communications (always) - DISABLED
Local Policies - Security Options - Microsoft network client - digitally 
sign communications (if server agrees) - DISABLED
Local Policies - Security Options - Microsoft network server - digitally 
sign communications (always) - DISABLED
Local Policies - Security Options - Microsoft network server - digitally 
sign communications (if server agrees) - DISABLED

Well ... two problems
1) That Eratta talks about CONNECTION failing ... not read errors.
-and-
2) There AIN'T NO SUCH entry on my Windows 2003!!

Under administrative tools  -> local security policy --> Security settings 
->local policies -> security
I have "digitally sign client communications (always)" and the same with 
(when possible) and then two more for "server" communications.

Close enough, right?

So I change those & reboot
No difference
So I run regedit & search & change EVERY similar setting & reboot
No difference.

Since the mount works (either one) and all the directory traversals work 
just fine ... it will probably comes as no surprise to you that (A) no log 
file anywhere contains any relevant messages and (B) the DEBUG functions 
don't work because they MOUNT worked just fine.

Oh yeah ... and  smbclient  works JUST FINE until I find a file and attempt 
to GET that file ... then I get NT_STATUS_ACCESS_DENIED


I'm sure it's a Windows problem (it usually is) ... but I'm wondering if 
anyone has seen THIS PARTICULAR color (error) before?




-------------- next part --------------


No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.476 / Virus Database: 269.10.16/914 - Release Date: 7/23/2007 7:45 PM

More information about the redhat-list mailing list