|
Bugzilla – Full Text Bug Listing |
| Summary: | SMB sources that require a password can not be used by the GUI installer | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 11.2 | Reporter: | Greg Riedesel <greg> |
| Component: | libzypp | Assignee: | E-mail List <zypp-maintainers> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Major | ||
| Priority: | P2 - High | CC: | ma, radomir.cernoch |
| Version: | RC 1 | ||
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Other | ||
| Whiteboard: | maint:released:11.2:32913 | ||
| Found By: | Beta-Customer | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: | y2log for the install showing many attempts | ||
|
Description
Greg Riedesel
2009-10-15 17:56:35 UTC
According to the log any attempt to mount //140.160.37.158/mnt on /var/adm/mount/AP_0x00000001 fails with permission denied. @Jano: In MediaSMB you disabled passing the workgroup mentioned in the url as option to mount. Any specific reason for this, otherwise I'd re-enable it? @Greg: The bug mentioned above would affect only those cases where the workgroup is passed in the url: smb://corwin@140.160.37.158/mnt/?workgroup=vordarian. But the log also shows attempts where you prefixed the user name with the workgroup 'vordarian/corwin'. They should have succeeded if the password was right and you have permission to mount the share. Are you able to mount the share from the commandline, using the same user and passwd as with yast? If this is the case, we'd need to check what's wrong with the credentials zypp passes. In the log I just see the username but not the password. c#2: no, it must have been by accident; i had apparently 'just' been enabling the CredentialManager for smb in commit 7c8cbb. Please, just re-enable it. @Michael Due to the samba set up on my deployment server, workgroupless logins for the 'corwin' account were not working, I needed to pass one. I did try to mount with command-line, and it worked. The variety of logins you see in the yast log represent my attempt to figure out if special characters were involved in this in some way. The first account I tried has characters that has thrown things for a loop, so I made a new account with a very simple password just to be sure of that. However, I required a workstation on that login and as you see that didn't work either. Even though RC2 is on our doorstep, I'll rerun my tests today to ensure I know of what I speak. Running "mount -t cifs -o username=name //140.160.37.158/mnt /mnt" from VT2 during install mounted the remote just fine. That's a user with a special character but no workgroup. YaST fails to connect to this mount, though. I did not find any piece of code in YaST or libzypp, that alters the username/passwd you entered at the 'Authentication required for ...' prompt. In the log I see a reasonable username and a non-empty password being written to the credentials file and passed to mount. Nevertheless mount returns permission denied.
I think we should try to check the credentials passed to mount:
- please proceed until yast pops up 'Authentication required for ...'.
- Enter 'workgroup/username' and 'password'.
- press continue.
I'd expect authentication to fail and the 'Authentication required for ...' popup appears again.
- At this point change to VT2.
The temp file that was used to pass the credentians should not yet be deleted. First we need to figure out it's location:
- 'grep /bin/mount /var/log/YaST2/y2log'
The last output line should contain the mount command we just issued.
...Executing '/bin/mount' '-t' 'cifs' '-o'
'credentials=/var/tmp/TmpFile.k7g6Fd,guest,ro' ...
^^^^^^^^^^^^^^^^^^^^^^^
your file will have a similar name
- 'cat /var/tmp/TmpFile.<YOURS>' or 'less /var/tmp/TmpFile.<YOURS>'
and check whether the content is actually right. It should be two lines:
username=workgroup/username
password=password
I hope you can figure out what happened to the password. You should be able to repeat the command, maybe with a fixed credentials file.
I'll D/L the RC2 ISO files, and run the tests when I get in to the office in the morning. I found the problem, and it wasn't with the passwords. In the 'y2log' file, the line that shows the mount-command that reveals where the password file is being kept indicates that the following command is executed: mount -t cifs -o credentials=/var/tmp/TmpFile.Whatever,ro,guest //140.160.37.158/mnt /var/adm/mount/AP_0x00000001 If I create a file in /var/tmp called "cred" with the same username and password I've been using, and then load with mount-options "credentials=/var/adm/cred,ro" it will mount just fine. If I reuse the auto-generated credentials file with that command line, it works just fine. If I use the mount-options indicated in the y2log file, "credentials=/var/adm/TmpFile.whatever,ro,guest" it fails. This is because my Samba config is configured to reject guest connections. The CIFS mount option of 'guest' seems to trump 'credentials'. I did not indicate to use a guest login during the GRUB install screen, which works just fine since I was able to get a kernel from this SMB share. For some reason, YaST is still attempting a guest-login. So I guess the more accurate description of this bug is: "SMB sources that have guest disabled can not be used by the GUI installer" I don't know Samba. Some 'wizard' told me to always use this option, so it is in there since we support smb. The manpage says just 'guest: don't prompt for a password'. I dare not changing the default, so I'll supply support for a "noguest" option, which can be set in the urls query part and causes the "guest" option to be suppressed. smb://user:pass@server/share/path?mountoptions=noguest,ro&domain=workgroup" (In reply to comment #10) > smb://user:pass@server/share/path?mountoptions=noguest,ro&domain=workgroup" BTW: 'domain=' and 'workgroup=' are synonymous. fixed in libzypp-6.21.3 *** Bug 537300 has been marked as a duplicate of this bug. *** Update released for: PackageKit, PackageKit-debuginfo, PackageKit-debugsource, PackageKit-devel, PackageKit-doc, PackageKit-lang, libpackagekit-glib12, libpackagekit-glib12-debuginfo, libpackagekit-glib12-devel, libpackagekit-qt12, libpackagekit-qt12-debuginfo, libpackagekit-qt12-devel, libsatsolver, libsatsolver-debugsource, libsatsolver-demo, libsatsolver-demo-debuginfo, libsatsolver-devel, libsatsolver-devel-debuginfo, libzypp, libzypp-bindings, libzypp-debuginfo, libzypp-debugsource, libzypp-devel, perl-satsolver, perl-satsolver-debuginfo, perl-zypp, python-satsolver, python-satsolver-debuginfo, python-zypp, ruby-satsolver, ruby-satsolver-debuginfo, ruby-zypp, ruck, satsolver-tools, satsolver-tools-debuginfo, yast2-ncurses, yast2-ncurses-debuginfo, yast2-ncurses-debugsource, yast2-ncurses-devel, yast2-ncurses-pkg, yast2-ncurses-pkg-debuginfo, yast2-ncurses-pkg-debugsource, yast2-qt-pkg, yast2-qt-pkg-debuginfo, yast2-qt-pkg-debugsource, zypp-testsuite-tools, zypper, zypper-debuginfo, zypper-debugsource Products: openSUSE 11.2 (debug, i586, x86_64) |