LINUX.ORG.RU
решено ФорумAdmin

systemd + cifs

 , , , ,


1

0

Мой основной компьютер - mac и на нем настроена сетевая шара. В роли клиентов выстапают raspberry pi по квартире, на них установлен ArchLinux.
Недавно заметил что в логи постоянно сыпяться ошибки:

Aug 29 17:04:41 pi1 kernel: CIFS VFS: SMB signature verification returned error = -13
Вот мой юнит монтирования:
[Unit]
Description=Mount Movies
Requires=systemd-networkd.service
After=network-online.target
Wants=network-online.target

[Mount]
What=//192.168.1.160/Movies
Where=mnt-Movies.mount
Options=username=guest,password=,iocharset=utf8,rw,vers=3.0,x-systemd.automount
Type=cifs
TimeoutSec=30

[Install]
WantedBy=multi-user.target
Что это вообще за ошибка и можно ли ее убрать?
Ничего нагуглить толкового не получилось.

Issue

We have a CIFS mount which currently appears to be working as expected, but we see the following error constantly:

kernel: CIFS VFS: SMB signature verification returned error = -13
kernel: CIFS VFS: SMB signature verification returned error = -13
kernel: CIFS VFS: SMB signature verification returned error = -13

Workaround

If a security flavor which does not require SMB signing is being used, then disable SMB signing at the server with the RequireSecuritySignature and EnableSecuritySignature REG_DWORDs as described in KB887429. Unmount and remount the CIFS client after this change, so that the connection is re-negotiated.

The krb5i, ntlmsspi, ntlmi, and ntlmv2i security flavors all require SMB signing to be enabled, so this workaround is not applicable if those flavors are in use.

Root Cause

This message relates to SMB signing, described by Microsoft at:

Overview of Server Message Block signing

The server is supposed to send a signature when we mount, then also send a secondary signature in each SMB operation, where the secondary signature is derived from the server signature plus the contents of the SMB operation. This way a client is able to verify that a SMB operation arrived unmodified from the server.

For some reason, that signature verification is failing.

https://access.redhat.com/solutions/2260781

bigbit ★★★★★ ()
Последнее исправление: bigbit (всего исправлений: 1)
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.