- Package:
- gvfs-backends
- Source:
- gvfs
- Description:
- userspace virtual filesystem - backends
- Submitter:
- Vincent Zweije
- Date:
- 2015-03-16 17:27:36 UTC
- Severity:
- minor
When connecting to a (Windows) CIFS share, nautilus asks for a password, even when an applicable kerberos ticket is available. Clicking away the password dialog box (cancel) shows the share without problems. I'd expect nautilus to try using the kerberos ticket before asking for a password, so I don't have to click away the password window. Ciao. Vincent.
reassign 553335 gvfs-backends 1.2.3-3 thanks Le vendredi 30 octobre 2009 à 13:00 +0100, Vincent Zweije a écrit : Does it still happen with gvfs-backends 1.4 from unstable? Cheers,
On Mon, Nov 02, 2009 at 12:26:03PM +0100, Josselin Mouette wrote:
|| reassign 553335 gvfs-backends 1.2.3-3
|| thanks
||
|| Le vendredi 30 octobre 2009 à 13:00 +0100, Vincent Zweije a écrit :
|| > When connecting to a (Windows) CIFS share, nautilus asks for a password,
|| > even when an applicable kerberos ticket is available.
|| >
|| > Clicking away the password dialog box (cancel) shows the share without
|| > problems.
|| >
|| > I'd expect nautilus to try using the kerberos ticket before asking for
|| > a password, so I don't have to click away the password window.
||
|| Does it still happen with gvfs-backends 1.4 from unstable?
Unfortunately, yes.
After apt-get -t unstable install gvfs-backends (pulling in gvfs as well),
passwords are still asked.
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
+++-==============-==============-============================================
ii gvfs 1.4.1-2 userspace virtual filesystem - server
ii gvfs-backends 1.4.1-2 userspace virtual filesystem - backends
By the way, when closing the share browser and bringing it back up again,
no password dialog box is shown.
Ciao. Vincent.
Hey, Could you please still reproduce this issue with newer version like 1.12.3-4 or 1.16.3-2 ? thanks regards althaser
On Thu, Mar 13, 2014 at 12:19:52AM +0000, althaser wrote:
|| Could you please still reproduce this issue with newer version
|| likeA 1.12.3-4 orA 1.16.3-2 ?
Unforunately, the problem persists.
~$ dpkg -l gvfs-backends
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-====================================-=======================-=======================-==============================================================================
ii gvfs-backends 1.16.3-2 amd64 userspace virtual filesystem - backends
~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000_FwHFwc
Default principal: vzweije@<realm>
Valid starting Expires Service principal
03/13/14 09:03:15 03/13/14 19:03:15 krbtgt/<realm>@<realm>
renew until 03/14/14 02:03:15
~$
Starting nautilus through openbox menu, selecting a previously unused
CIFS share, asks for password. Clicking cancel shows the share without
problems. After that:
~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000_FwHFwc
Default principal: vzweije@<realm>
Valid starting Expires Service principal
03/13/14 09:03:15 03/13/14 19:03:15 krbtgt/<realm>@<realm>
renew until 03/14/14 02:03:15
03/13/14 09:31:21 03/13/14 19:03:15 cifs/file01.<domain>@<realm>
renew until 03/14/14 02:03:15
03/13/14 09:31:30 03/13/14 19:03:15 cifs/file01@<realm>
renew until 03/14/14 02:03:15
~$
So two cifs tickets have been added in this interaction.
Starting nautilus from the command line makes no difference -- this
excludes environment variable problems.
After stopping and starting nautilus the problem is gone -- if the cifs
tickets are already there, the cifs backend will use them.
It appears that the cifs backend checks the presence of the ticket,
but does not try to request it from the kerberos server, before asking
the password. Then when the password box is canceled, it still requests
the ticket from the kerberos server.
If so, it should try to request the cifs ticket if it's not there before
asking for the password.
Don't think it matters, but the kerberos server in question is a windows
active directory server.
Vincent.