Package: cifs-utils Version: 2:6.11-3 Severity: important Tags: upstream X-Debbugs-Cc: finnkr...@physik.fu-berlin.de
Dear Maintainer, when using cifs-utils to mount a samba share using a krb5 ticket cifs.upcall fails: $ mount -t cifs --verbose -o seal,idsfromsid,cifsacl,rw,sec=krb5i,user=finnkrein,cruid=finnkrein //storage.physik.fu-berlin.de/finnkrein /net/test mount error(126): Required key not available >From journalctl -e: cifs.upcall[34940]: switch_to_process_ns: setns() failed for cgroup cifs.upcall[34940]: unable to switch to process namespace: Operation not> cifs.upcall[34940]: Exit status 1 This bug was likely introduced by the fix for CVE-2021-20208 (#987308), is known upstream and discussed at https://www.spinics.net/lists/linux-cifs/msg21550.html. The respective patch is currently included as "0010-CVE-2021-20208.patch". -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages cifs-utils depends on: ii libc6 2.31-12 ii libcap-ng0 0.7.9-2.2+b1 ii libkeyutils1 1.6.1-2 ii libkrb5-3 1.18.3-5 ii libpam0g 1.4.0-7 ii libtalloc2 2.3.1-2+b1 ii libwbclient0 2:4.13.5+dfsg-2 ii python3 3.9.2-3 Versions of packages cifs-utils recommends: ii keyutils 1.6.1-2 Versions of packages cifs-utils suggests: ii bash-completion 1:2.11-2 ii smbclient 2:4.13.5+dfsg-2 pn winbind <none> -- no debconf information
