readme

Linux内核自带的cifs模块

		and getfattr utilities. 
  nouser_xattr  Do not allow getfattr/setfattr to get/set/list xattrs 
  mapchars      Translate six of the seven reserved characters (not backslash)
			*?<>|:
		to the remap range (above 0xF000), which also
		allows the CIFS client to recognize files created with
		such characters by Windows's POSIX emulation. This can
		also be useful when mounting to most versions of Samba
		(which also forbids creating and opening files
		whose names contain any of these seven characters).
		This has no effect if the server does not support
		Unicode on the wire.
 nomapchars     Do not translate any of these seven characters (default).
 nocase         Request case insensitive path name matching (case
		sensitive is the default if the server suports it).
 posixpaths     If CIFS Unix extensions are supported, attempt to
		negotiate posix path name support which allows certain
		characters forbidden in typical CIFS filenames, without
		requiring remapping. (default)
 noposixpaths   If CIFS Unix extensions are supported, do not request
		posix path name support (this may cause servers to
		reject creatingfile with certain reserved characters).
 nounix         Disable the CIFS Unix Extensions for this mount (tree
		connection). This is rarely needed, but it may be useful
		in order to turn off multiple settings all at once (ie
		posix acls, posix locks, posix paths, symlink support
		and retrieving uids/gids/mode from the server) or to
		work around a bug in server which implement the Unix
		Extensions.
 nobrl          Do not send byte range lock requests to the server.
		This is necessary for certain applications that break
		with cifs style mandatory byte range locks (and most
		cifs servers do not yet support requesting advisory
		byte range locks).
 remount        remount the share (often used to change from ro to rw mounts
	        or vice versa)
 servern        Specify the server 's netbios name (RFC1001 name) to use
		when attempting to setup a session to the server.  This is
		This is needed for mounting to some older servers (such
		as OS/2 or Windows 98 and Windows ME) since they do not
		support a default server name.  A server name can be up
		to 15 characters long and is usually uppercased.
 sfu            When the CIFS Unix Extensions are not negotiated, attempt to
		create device files and fifos in a format compatible with
		Services for Unix (SFU).  In addition retrieve bits 10-12
		of the mode via the SETFILEBITS extended attribute (as
		SFU does).  In the future the bottom 9 bits of the
		mode also will be emulated using queries of the security
		descriptor (ACL).
 sign           Must use packet signing (helps avoid unwanted data modification
		by intermediate systems in the route).  Note that signing
		does not work with lanman or plaintext authentication.
 sec            Security mode.  Allowed values are:
			none	attempt to connection as a null user (no name)
			krb5    Use Kerberos version 5 authentication
			krb5i   Use Kerberos authentication and packet signing
			ntlm    Use NTLM password hashing (default)
			ntlmi   Use NTLM password hashing with signing (if
				/proc/fs/cifs/PacketSigningEnabled on or if
				server requires signing also can be the default) 
			ntlmv2  Use NTLMv2 password hashing      
			ntlmv2i Use NTLMv2 password hashing with packet signing
			lanman  (if configured in kernel config) use older
				lanman hash

The mount.cifs mount helper also accepts a few mount options before -o
including:

	-S      take password from stdin (equivalent to setting the environment
		variable "PASSWD_FD=0"
	-V      print mount.cifs version
	-?      display simple usage information

With most 2.6 kernel versions of modutils, the version of the cifs kernel
module can be displayed via modinfo.

Misc /proc/fs/cifs Flags and Debug Info
=======================================
Informational pseudo-files:
DebugData		Displays information about active CIFS sessions
			and shares, as well as the cifs.ko version.
Stats			Lists summary resource usage information as well as per
			share statistics, if CONFIG_CIFS_STATS in enabled
			in the kernel configuration.

Configuration pseudo-files:
MultiuserMount		If set to one, more than one CIFS session to 
			the same server ip address can be established
			if more than one uid accesses the same mount
			point and if the uids user/password mapping
			information is available. (default is 0)
PacketSigningEnabled	If set to one, cifs packet signing is enabled
			and will be used if the server requires 
			it.  If set to two, cifs packet signing is
			required even if the server considers packet
			signing optional. (default 1)
SecurityFlags		Flags which control security negotiation and
			also packet signing. Authentication (may/must)
			flags (e.g. for NTLM and/or NTLMv2) may be combined with
			the signing flags.  Specifying two different password
			hashing mechanisms (as "must use") on the other hand 
			does not make much sense. Default flags are 
				0x07007 
			(NTLM, NTLMv2 and packet signing allowed).  Maximum 
			allowable flags if you want to allow mounts to servers
			using weaker password hashes is 0x37037 (lanman,
			plaintext, ntlm, ntlmv2, signing allowed):
 
			may use packet signing 				0x00001
			must use packet signing				0x01001
			may use NTLM (most common password hash)	0x00002
			must use NTLM					0x02002
			may use NTLMv2					0x00004
			must use NTLMv2					0x04004
			may use Kerberos security (not implemented yet) 0x00008
			must use Kerberos (not implemented yet)         0x08008
			may use lanman (weak) password hash  		0x00010
			must use lanman password hash			0x10010
			may use plaintext passwords    			0x00020
			must use plaintext passwords			0x20020
			(reserved for future packet encryption)		0x00040

cifsFYI			If set to non-zero value, additional debug information
			will be logged to the system error log.  This field
			contains three flags controlling different classes of
			debugging entries.  The maximum value it can be set
			to is 7 which enables all debugging points (default 0).
			Some debugging statements are not compiled into the
			cifs kernel unless CONFIG_CIFS_DEBUG2 is enabled in the
			kernel configuration. cifsFYI may be set to one or
			nore of the following flags (7 sets them all):

			log cifs informational messages			0x01
			log return codes from cifs entry points		0x02
			log slow responses (ie which take longer than 1 second)
			  CONFIG_CIFS_STATS2 must be enabled in .config	0x04
				
				
traceSMB		If set to one, debug information is logged to the
			system error log with the start of smb requests
			and responses (default 0)
LookupCacheEnable	If set to one, inode information is kept cached
			for one second improving performance of lookups
			(default 1)
OplockEnabled		If set to one, safe distributed caching enabled.
			(default 1)
LinuxExtensionsEnabled	If set to one then the client will attempt to
			use the CIFS "UNIX" extensions which are optional
			protocol enhancements that allow CIFS servers
			to return accurate UID/GID information as well
			as support symbolic links. If you use servers
			such as Samba that support the CIFS Unix
			extensions but do not want to use symbolic link
			support and want to map the uid and gid fields 
			to values supplied at mount (rather than the 
			actual values, then set this to zero. (default 1)
Experimental            When set to 1 used to enable certain experimental
			features (currently enables multipage writes
			when signing is enabled, the multipage write
			performance enhancement was disabled when
			signing turned on in case buffer was modified
			just before it was sent, also this flag will
			be used to use the new experimental sessionsetup
			code).

These experimental features and tracing can be enabled by changing flags in 
/proc/fs/cifs (after the cifs module has been installed or built into the 
kernel, e.g.  insmod cifs).  To enable a feature set it to 1 e.g.  to enable 
tracing to the kernel message log type: 

	echo 7 > /proc/fs/cifs/cifsFYI
	
cifsFYI functions as a bit mask. Setting it to 1 enables additional kernel
logging of various informational messages.  2 enables logging of non-zero
SMB return codes while 4 enables logging of requests that take longer
than one second to complete (except for byte range lock requests). 
Setting it to 4 requires defining CONFIG_CIFS_STATS2 manually in the
source code (typically by setting it in the beginning of cifsglob.h),
and setting it to seven enables all three.  Finally, tracing
the start of smb requests and responses can be enabled via:

	echo 1 > /proc/fs/cifs/traceSMB

Two other experimental features are under development. To test these
requires enabling CONFIG_CIFS_EXPERIMENTAL

	ipv6 enablement

	DNOTIFY fcntl: needed for support of directory change 
			    notification and perhaps later for file leases)

Per share (per client mount) statistics are available in /proc/fs/cifs/Stats
if the kernel was configured with cifs statistics enabled.  The statistics
represent the number of successful (ie non-zero return code from the server) 
SMB responses to some of the more common commands (open, delete, mkdir etc.).
Also recorded is the total bytes read and bytes written to the server for
that share.  Note that due to client caching effects this can be less than the
number of bytes read and written by the application running on the client.
The statistics for the number of total SMBs and oplock breaks are different in
that they represent all for that share, not just those for which the server
returned success.
	
Also note that "cat /proc/fs/cifs/DebugData" will display information about 
the active sessions and the shares that are mounted.  Note: NTLMv2 enablement 
will not work since its implementation is not quite complete yet. Do not alter
the ExtendedSecurity configuration value unless you are doing specific testing.
Enabling extended security works to Windows 2000 Workstations and XP but not to 
Windows 2000 server or Samba since it does not usually send "raw NTLMSSP" 
(instead it sends NTLMSSP encapsulated in SPNEGO/GSSAPI, which support is not 
complete in the CIFS VFS yet).