Cifs mount: Permission denied, yet smbclient -L works fine

I'm using Rockstor as a NAS and am running Samba on it. I can run "mount -t cifs -o username=me //server/share" and it works fine in Fedora 22 on two different machines. However, in CentOS 7 and Debian 8 KVM containers in Proxmox, it tells me Permission denied with the exact same credentials. A bit ago I tried making another user in case it was due to too many instances on one user, and that wasn't it.

I can run "smbclient -U user -L //server/" and it will successfully list the shares, including the ones I'm trying to mount that I'm being denied permission. I'm running as root on the client, and I tried the admin user for Rockstor and got the exact same results (smbclient list works, mount -t cifs doesn't).

I also tried mount.cifs instead, same issue. SELinux is disabled on the NAS/Samba server host, disabled in CentOS 7, and as far as I can tell not even installed in Debian 8.

Turning it off and back on didn't work either.

Does anyone have any idea what's going on?

It probably has something to do with the way you defined the user samba. I know that you must use a flag in the /etc/smbd/smbd.conf file to define users accessing it as 0777. I'm sorry I cant explain this better, I really dont know how any of the technical terms, and I dont have a working .conf to examine.

On Debian, you may want to try installing "cifs-utils"... this fixed alot of issues for me on Debian.

sudo apt-get install cifs-utils

I actually did do that. Without it, it tries to mount the share as read only and fails for both CentOS 7 nd Debian.

This actually all came prepackaged in Rockstor, but I'll take a look. It wouldn't be the first bug I've seen!

You mean the access to smbd.conf should be 777? I'll check that and also look in the conf for any problems. I would guess that the Rockstor web GUI and config file don't match. That being said, it seems like I wouldn't have been able to mount successfully on the Fedora machines.

Something is happening on the Fedora machines that's not happening in other OSes, or vice versa.

I believe its called the directory mask. It should be located in the configuration file. Basically it remaps all inputs from smbd to those privileges on the local drive. If it isn’t set then you are going to have a bad time, especially if using access accounts with different name. However if you are configuring this using a piece of software, I would be surprised if this was the reason.

Alright, status update.

I decided to temporarily ditch Rockstor. I installed Fedora 22 Server and mounted the btrfs volumes manually and set up samba how I want it. Again, I can successfully mount them on my Fedora 22 Workstation machine. In CentOS 7 and Debian 8, no such luck. I decided to check the version of mount.cifs, and I got 6.4 on my Fedora Workstation and in Debian 8, so that must not be it, even though it was 6.2 in CentOS.

Does that information narrow anything down? It seems to be something different about the Fedora clients than other distros. Kernel? Someone mentioned to me that they had a problem in the kernel and switched versions and that was it, which seems a bit extreme, but maybe the Fedora machine(s) is on a more cutting edge kernel which is causing the issue.

Edit: I thought about it for a minute and maybe there's something wonky with BTRFS on the more recent kernel that is for some reason not compatible with the older kernels.

Edit 2: Not sure if it matters, but it works fine on a Windows 8.1 client too.

Update: Just mounted it fine on my Proxmox box, which is Debian, coincidentally running kernel 4.2. So yeah, it looks like it's kernel related. And/or something weird with BTRFS, Samba, etc between the newer and older kernels.

Reason you chose to use SAMBA instead of NFS?

In general: I know nothing about NFS and haven't used it. Are there pros to it over Samba that I'm unaware of?

In this situation specifically: I had the same problem with NFS, so that didn't help.

NFS is more efficient, and in a closed network, it's lack of security features usually isn't a big deal.
CIFS is (supposedly) more secure, but much less efficient across the network.

If you are in a 100% Linux environment, I suggest using NFS, as it is more efficient.

Cool, I'll look into doing that. Thanks!

I am indeed in a closed, Linux only network for the most part. There's my Android smartphone that will access it over VPN and the occasional Windows machine (if I can't help it!), but if it doesn't work there I could still use Samba.

I would like to be able to grant friends permissions to some stuff and not other stuff. Probably mostly just their own share, which could just be its own export I suppose. Does NFS do anything like that otherwise?

Excellent question. I haven't configured it in ages. I use a lot of SSHFS, cause... I'm crazy like that.

dig through some NFS manuals. Also, I'm not sure how it will translate to your Rockstor.