sun microsystems Systems Architecture Committee _________________________________________________________________ Subject: CIFS Client on Solaris Submitted by: Pavan Kumar Mettu File: PSARC/2005/695/opinion.ms Date: May 30, 2007 Committee: Gary Winiger (opinion written by Darren Reed), Kais Belgaied, James D Carlson, Glenn Skinner. Product Approval Committee: Solaris PAC solaris-pac-opinion@sun.com 1. Summary CIFS Client for Solaris is a virtual file system on Solaris providing access to the servers which support the CIFS protocol(Windows, Samba on Unix/Linux). The CIFS protocol allows sharing of files, printers and other resources across a network. Using the CIFS client, users can mount remote CIFS server shares (directories) on their system. The CIFS client uses TCP naming and supports authentication, oplocks, caching, DFS, Extended Attributes, Unicode resource names and secu- rity signatures. Authorisation will be given to all users to mount and unmount CIFS filesystems. 2. Decision & Precedence Information The project is approved as specified in reference [1-10], but as modified by the required technical changes listed in Appendix A below. The project may be delivered in a patch release of Solaris. The project depends on the following other project and may not be delivered before it. PSARC/2007/303 pam_smb_login PSARC/2005/695 Copyright 2007 Sun Microsystems - 2 - 3. Interfaces The project exports the following interfaces. ________________________________________________________________________ | Interfaces Exported | |____________|_______________________|_________________________________| |Interface | Classification | Comments | |____________|_______________________|_________________________________| |smbutil | Committed | | |nsmbrc(4) | Committed | | |mount_smbfs | Committed | | |umount_smbfs| Committed | | |libsmbfs.so | Project Private | Will contract with Nautilus | |smbfs module| Consolidation Private| | |nsmb module | Project Private | | |SMF service | Committed | svc:/network/smb/client:default| |SUNWsmbfsr | Committed | Package name | |SUNWsmbfsu | Committed | Package name | |____________|_______________________|_________________________________| The project imports the following interfaces. __________________________________________________________________ | Interfaces Imported | |______________|_______________________|_________________________| |Interface | Classification | Comments | |______________|_______________________|_________________________| |libkrb5 | Contracted | PSARC/2006/027 | |uconv routines| Consolidation Private| PSARC/2005/446 | |md4 routines | Consolidation Private| PSARC/2007/139 | |sockfs calls | Project Private | See design [5], 8.5.2.3| |______________|_______________________|_________________________| 4. Opinion 4.1. NetBIOS name resolution The CIFS client will make use of NetBIOS for name resolution if it is enabled and if nornmal hostname resolution has already failed to provide an answer for the name. This fol- lows the algorithm used by Microsoft. We need to pay atten- tion to their moves in this so that in the event that they abandon use of NetBIOS, Solaris is similarly adjusted. 4.2. Patch binding Although this case has sought and had approved a request for patch binding, the case presented is a large project, with the following 6 dependencies identified in during commitment review: PSARC/2005/695 Copyright 2007 Sun Microsystems - 3 - PSARC/2004/047 Enabling user mounts in Solaris in S10 PSARC/2005/446 Unicode encoding conversion functions at the kernel in SNV PSARC/2006/027 Open Kerberos APIs (contracted) in SNV PSARC/2006/715 CIFS Service (parts) PSARC/2007/139 Kernel Crypto support for MD4 in SNV PSARC/2005/374 Share management improvements (sharectl(1M)) in SNV In addition to this, contracts will be required for linking with the Kerberos APIs being used and SMF for removal of the SMF service on patch backout using /var/svc/profile/ugprade. 4.3. Kerberos and Single Sign On The ARC spent some time discussion the interaction of CIFS with Kerberos for single sign on, particularly with respect to the ease of use gained from this. In particular, when operational inside a Kerberos (or Active Directory) realm, there should be no need to use smbutil's login functionality in order to access CIFS shares. The project team commented that while it was within scope of their project, it was not considered to be a "must" for them to deliver. At the time of the meeting it was believed that the code worked, with the actual status unclear, which led to the ARC prescribing a TCR for the delivery of it to work and a case depenedency on PSARC/2007/303 (pam_smb_login). 4.4. Storing CIFS share passwords The use of the .nsmbrc file to hold user passwords for CIFS shares was discussed and points made about how this is han- dled elsewhere. At the very least, the file needs to be protected by making it read and write for the owner only. To store the password, a recoverable hash is used, obscuring the plaintext password. Whilst some mechanics such as the need to support a different password per share were also discussed, the end result must be something that is easy for the user to use and should not require direct editing of the file. 4.5. Unmounting the filesystem At the close of the meeting, the issue of how the project intends to allow users to unmount filesystems was raised. At the time of the meeting, there was no proposal put for- ward on how to do this. Without this part of the architec- ture the case was considered to be incomplete. In lieu of a vote being able to be taken because of this, a straw poll PSARC/2005/695 Copyright 2007 Sun Microsystems - 4 - was taken on whether or not it would be approved with all members present approving. The advice to the project was to find a solution to this problem and present it to the ARC which would then hold a vote via email. The team took this advice up and presented a solution to PSARC at the next PSARC meeting, allowing the project to be voted on and formally approved. 4.6. Use of SMF to store properties The architecture of this case includes the use of SMF as the means for persistent storage of various properties for the CIFS client service. Initially it was believed that the SMF service needed to be enabled by default and at the commit- ment meeting, the committee requested that the project ensure that it was enabled in the appropriate generic ser- vice profile when the project delivered. In a followup to this after commitment, it was made clear that the service did not need to be enabled in order for properties to be used, so the aforementioned requirement was later dropped. 5. Minority Opinion(s) None. 6. Advisory Information 6.1. Backport As noted in the 4.2, this project depends on many other pro- jects spread throughout the present development release. Backports of projects with such dependences often introduce a higher level of instability and bugs than fully contained projects. The committee advises the PAC and any project teams to not undertake such a backport without thoroughly understanding the downside consequences. 7. Appendices 7.1. Appendix A: Technical Changes Required 1. Document the search order relative to NetBIOS and nsswitch.conf. 2. Add password support to nsmbrc(4) in a user friendly way. 3. Provide support for Kerberos credentials when Ker- beros is the login mechanism. If this cannot be PSARC/2005/695 Copyright 2007 Sun Microsystems - 5 - accomplished, submit a fast track to amend this case. 4. Provide for appropriate value and action authori- zations for the smb/client service. Ensure that the authorizations are delivered in a Rights Pro- file and documented in the sharectl(1M) man page or on a separate smb/client man page if appropri- ate. 5. CIFS Client support when TX is enabled should mir- ror that of NFS client support. If this cannot be accomplished, submit a fast track to amend this case. 7.2. Appendix B: Technical Changes Advised none 7.3. Appendix C: Reference Material Unless stated otherwise, path names are relative to the case directory PSARC/2005/695. 1 20 Questions file: commitment.materials/20questions.txt 2 nsmbrc(4) file: commitment.materials/nsmbrc.4.txt file: commitment.materials/nsmbrc.4.pdf 3 CIFS Client Diagram file: commitment.materials/CIFS_Client_diagram.jpg 4 Security Questionaire file: commitment.materials/sec_questions.html file: commitment.materials/sec_questions.txt 5 CIFS design document file: commitment.materials/CIFS_Design_Doc.html 6 Changes since inception file: commitment.materials/changes_since_inception.txt 7 sharectl(1m) file: commitment.materials/sharectl.1m.txt 8 Project requirements specification file: commitment.materials/cifs_client_prd.html 9 mount_smbfs(1m) file: commitment.materials/mount_smbfs.1m.txt file: commitment.materials/mount_smbfs.1m.pdf PSARC/2005/695 Copyright 2007 Sun Microsystems - 6 - 10 smbutil(1) file: commitment.materials/smbutil.1.txt file: commitment.materials/smbutil.1.pdf PSARC/2005/695 Copyright 2007 Sun Microsystems