LinuxCIFS utils: Difference between revisions

From SambaWiki
 
(56 intermediate revisions by 6 users not shown)
Line 1: Line 1:
== Description ==
= Description =

The in-kernel CIFS filesystem is generally the preferred method for mounting SMB/CIFS shares on Linux. More information on Linux CIFS is available at the [http://linux-cifs.samba.org/ Linux CIFS VFS] site.
The in-kernel CIFS filesystem is generally the preferred method for mounting SMB/CIFS shares on Linux.


The in-kernel CIFS filesystem relies on a set of user-space tools. That package of tools is called '''cifs-utils'''. Although not really part of Samba proper, these tools were originally part of the Samba package. For several reasons, shipping these tools as part of Samba was problematic and it was deemed better to split them off into their own package.
The in-kernel CIFS filesystem relies on a set of user-space tools. That package of tools is called '''cifs-utils'''. Although not really part of Samba proper, these tools were originally part of the Samba package. For several reasons, shipping these tools as part of Samba was problematic and it was deemed better to split them off into their own package.


See [[LinuxCIFS]] for description of the kernel client.
== News ==

= News =
* October, 2024: Release 7.1
** LDAP Ping capability
** smbinfo adds gettconinfo command
** Various improvements to man pages
** https://lists.samba.org/archive/samba-technical/2024-October/139146.html
* August, 2022: Release 7.0
** Add GSS-Proxy support
** https://lists.samba.org/archive/samba-technical/2022-August/137528.html
* April, 2022: Release 6.15
** [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27239 CVE-2022-27239]: mount.cifs: fix length check for ip option parsing
** [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29869 CVE-2022-29869]: mount.cifs: fix verbose messages on option parsing
** https://lists.samba.org/archive/samba-technical/2022-April/137335.html
* September, 2021: Release 6.14
** smbinfo is enhanced with capability to display alternate data streams
** setcifsacl is improved to optionally reorder ACEs in preferred order
** cifs.upcall regression in kerberos mount is fixed
** https://lists.samba.org/archive/samba-technical/2021-September/136914.html
* April, 2021: Release 6.13
** [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20208 CVE-2021-20208]: cifs.upcall kerberos auth leak in container
** https://lists.samba.org/archive/samba-technical/2021-April/136467.html
* December, 2020: Release 6.12
** get/setcifsacl tools are improved to support changing owner, group and SACLs
** mount.cifs is enhanced to use SUDO_UID env variable for cruid
** smbinfo is re-written in Python language
** https://lists.samba.org/archive/samba-technical/2020-December/136156.html
* September, 2020: Release 6.11
** [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14342 CVE-2020-14342]: mount.cifs: fix shell command injection
** https://lists.samba.org/archive/samba-technical/2020-September/135747.html
* December 16, 2019: Release 6.10
** smb3 alias/fstype is added
** smb2-quota tool is added to display quota information
** smb2-secdesc UI tool to view security descriptors is added
** smbinfo is enhanced with capabilities to dump session keys and get/set compression of files
** smbinfo bash completion is supported
** getcifsacl tool is improved to support multiple files
** https://lists.samba.org/archive/samba-technical/2019-December/134662.html
* April 5, 2019: Release 6.9
** smbinfo utility is added to query various kinds of information from the server (objectId, snapshots, different FileInfo* classes and other metadata)
** server IP change is supported by expiring DNS key resolver entries
** get/setcifsacl tools are improved to handle unexpected behavior
** share snapshot are allowed to be specified by a GMT token or SMB 100-nanoseconds time
** various new mount option are documented: bsize, handletimeout, handlecache, rdma, max_credits and others
** https://lists.samba.org/archive/samba-technical/2019-April/133233.html
* March 9, 2018: Release 6.8
** man pages updates (auto-negotiate protocol version by default) and cleanups (moving to .rst format)
** setcifsacl: fix security descriptor buffer size mismatch
** cifscreds: fix a segfault for incorrect usage
** minor mount.cifs fixes
** https://lists.samba.org/archive/samba-technical/2018-March/126227.html
* March 2, 2017: Release 6.7
** fixes for regressions from cifs.upcall overhaul
** mount.cifs cleanups
** https://lists.samba.org/archive/samba-technical/2017-March/119036.html
* September 3, 2016: Release 6.6
** cleanup/overhaul of cifs.upcall krb5 credcache handling
** https://lists.samba.org/archive/samba-technical/2016-September/115974.html
* February 22, 2016: Release 6.5
** mount.cifs: ignore x- mount options
** minor build fixes
** minor manpage fix
** https://lists.samba.org/archive/samba-technical/2016-February/112372.html
* July 11, 2014: Release 6.4
** allow PAM directory to be configurable
** better determination of default keytab file
** better cifscreds error handling
** uppercase devicename when retrying mount
** https://lists.samba.org/archive/samba-technical/2014-July/101132.html
* January 9, 2014: Release 6.3
** fixes for various bugs turned up by Coverity
** clean unused cruft out of upcall binary
** add new pam_cifscreds PAM module for establishing NTLM creds on login
** https://lists.samba.org/archive/samba-technical/2014-January/097124.html
* October 4, 2013: Release 6.2
** setcifsacl can now work without a plugin
** systemd-ask-password is found using $PATH now
** cifs.upcall now works with KEYRING: credcaches
** https://lists.samba.org/archive/samba-technical/2013-October/095287.html
* July 2, 2013: Release 6.1
** minor bugfixes
** allow cifs.upcall to use dedicated keytab
** https://lists.samba.org/archive/samba-technical/2013-July/093601.html
* March 25, 2013: Release 6.0
** minor bugfixes and documentation updates
** support for NFS-style device names removed
** https://lists.samba.org/archive/samba-technical/2013-March/091169.html
* January 7, 2013: Release 5.9
** new plugin architecture for the ID mapping tools
** DOMAIN\username@password format for username= arguments is removed
** full RELRO (vs. partial) is now enabled on all binaries
** https://lists.samba.org/archive/samba-technical/2013-January/089761.html
* November 11, 2012: Release 5.8
** warning message added about deprecation of NFS-style mount syntax
** many fixes for cifs.idmap, getcifsacl and setcifsacl
** https://lists.samba.org/archive/samba-technical/2012-November/088686.html
* October 09, 2012: Release 5.7
** Fixes for mounting with '/' in usernames with sec=krb5
** Support for DIR: type krb5 ccaches with cifs.upcall
** support for "nofail" option in mount.cifs
** https://lists.samba.org/archive/samba-technical/2012-October/087501.html
* July 26, 2012: Release 5.6
** -Werror has been removed by default from CFLAGS
** PIE and RELRO are enabled by default at build time
** better integration with systemd by allowing the use of /bin/systemd-ask-password if available
** better checks and warnings from cifscreds when used in environments that do not have a session keyring
** https://lists.samba.org/archive/samba-technical/2012-July/085743.html
* May 30, 2012: Release 5.5
** a bunch of fixes for compile time warnings and build breaks
** some fixes in the libcap capabilities dropping code
** remove unneeded mount.smb2 multicall code and other prep work for smb2 support
** manpage updates for kernel-level behavior changes
** https://lists.samba.org/archive/samba-technical/2012-May/084102.html
* April 18, 2012: Release 5.4
** the "rootsbindir" can now be specified at configure time
** mount.cifs now supports the -s option by passing "sloppy" to the kernel in the options string
** cifs.upcall now properly respects the domain_realm section in krb5.conf
** unprivileged users can no longer mount onto dirs into which they can't chdir (fixes [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1586 CVE-2012-1586])
** http://article.gmane.org/gmane.linux.kernel.cifs/5912
* January 28, 2012: Release 5.3
** admins can now tell cifs.upcall to use an alternate krb5.conf file
** on remount, mount.cifs no longer adds a duplicate mtab entry
** the cifscreds utility has seen a major overhaul to allow for multiuser mounts without krb5 auth
** https://lists.samba.org/archive/samba-technical/2012-January/081381.html
* December 09, 2011: Release 5.2
* December 09, 2011: Release 5.2
** cifs.idmap can now map uid/gid to SID in addition to the other way around
** cifs.idmap can now map uid/gid to SID in addition to the other way around
Line 34: Line 159:
* March 3, 2010: Release 4.0 -- first official cifs-utils release
* March 3, 2010: Release 4.0 -- first official cifs-utils release
* February 26, 2010: Release 4.0rc1
* February 26, 2010: Release 4.0rc1
* February 14, 2010: The git repo has moved to a new location. See the '''Development''' section below
* February 14, 2010: The git repo has moved to a new location. See the [[#Development|Development]] section below
* February 9, 2010: Release 4.0-alpha1. In order to smooth the transition from shipping these tools as part of samba, the first release will be 4.0.
* February 9, 2010: Release 4.0-alpha1. In order to smooth the transition from shipping these tools as part of samba, the first release will be 4.0.


== Download ==
= Download =

A historical set of cifs-utils releases is available in the [ftp://ftp.samba.org/pub/linux-cifs/cifs-utils releases directory].
A historical set of cifs-utils releases is available in the [https://download.samba.org/pub/linux-cifs/cifs-utils releases directory].
== Documentation ==





= Documentation =


* [http://pserver.samba.org/samba/ftp/cifs-cvs/linux-cifs-client-guide.pdf Documentation (CIFS Users Guide)]
* [http://pserver.samba.org/samba/ftp/cifs-cvs/linux-cifs-client-guide.pdf Documentation (CIFS Users Guide)]
* [http://www.snia.org/tech_activities/CIFS/CIFS-TR-1p00_FINAL.pdf SNIA CIFS Specification ]
* <del>[http://www.snia.org/tech_activities/CIFS/CIFS-TR-1p00_FINAL.pdf SNIA CIFS Specification ]</del> broken link





= Development =


== Development ==
The source code for cifs-utils is managed via git. An example checkout from the main git repo:
The source code for cifs-utils is managed via git. An example checkout from the main git repo:


Line 51: Line 187:
gitweb access is also available [http://git.samba.org/?p=cifs-utils.git;a=summary here].
gitweb access is also available [http://git.samba.org/?p=cifs-utils.git;a=summary here].



== Contact ==



= Contact =

Questions, suggestions, concerns, and patches should be sent to [http://vger.kernel.org/vger-lists.html#linux-cifs linux-cifs@vger.kernel.org]. Security issues should be sent to [mailto:security@samba.org security@samba.org] to avoid immediate public disclosure.
Questions, suggestions, concerns, and patches should be sent to [http://vger.kernel.org/vger-lists.html#linux-cifs linux-cifs@vger.kernel.org]. Security issues should be sent to [mailto:security@samba.org security@samba.org] to avoid immediate public disclosure.

Latest revision as of 00:36, 7 October 2024

Description

The in-kernel CIFS filesystem is generally the preferred method for mounting SMB/CIFS shares on Linux.

The in-kernel CIFS filesystem relies on a set of user-space tools. That package of tools is called cifs-utils. Although not really part of Samba proper, these tools were originally part of the Samba package. For several reasons, shipping these tools as part of Samba was problematic and it was deemed better to split them off into their own package.

See LinuxCIFS for description of the kernel client.

News

Download

A historical set of cifs-utils releases is available in the releases directory.



Documentation



Development

The source code for cifs-utils is managed via git. An example checkout from the main git repo:

$ git clone git://git.samba.org/cifs-utils.git

gitweb access is also available here.



Contact

Questions, suggestions, concerns, and patches should be sent to linux-cifs@vger.kernel.org. Security issues should be sent to security@samba.org to avoid immediate public disclosure.