|
Packit Service |
09cdfc |
=========
|
|
Packit Service |
09cdfc |
cifscreds
|
|
Packit Service |
09cdfc |
=========
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
-----------------------------------------
|
|
Packit Service |
09cdfc |
manage NTLM credentials in kernel keyring
|
|
Packit Service |
09cdfc |
-----------------------------------------
|
|
Packit Service |
09cdfc |
:Manual section: 1
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
********
|
|
Packit Service |
09cdfc |
SYNOPSIS
|
|
Packit Service |
09cdfc |
********
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
cifscreds add|clear|clearall|update [-u username] [-d] host|domain
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
***********
|
|
Packit Service |
09cdfc |
DESCRIPTION
|
|
Packit Service |
09cdfc |
***********
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
The ``cifscreds`` program is a tool for managing credentials (username
|
|
Packit Service |
09cdfc |
and password) for the purpose of establishing sessions in multiuser
|
|
Packit Service |
09cdfc |
mounts.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
When a cifs filesystem is mounted with the "multiuser" option, and does
|
|
Packit Service |
09cdfc |
not use krb5 authentication, it needs to be able to get the credentials
|
|
Packit Service |
664a73 |
for each user from somewhere. The ``cifscreds`` program is the tool used
|
|
Packit Service |
09cdfc |
to provide these credentials to the kernel.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
The first non-option argument to cifscreds is a command (see the
|
|
Packit Service |
664a73 |
`COMMANDS`_ section below). The second non-option argument is a hostname
|
|
Packit Service |
09cdfc |
or address, or an NT domain name.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
********
|
|
Packit Service |
09cdfc |
COMMANDS
|
|
Packit Service |
09cdfc |
********
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
add
|
|
Packit Service |
664a73 |
Add credentials to the kernel to be used for connecting to the given
|
|
Packit Service |
664a73 |
server, or servers in the given domain.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
clear
|
|
Packit Service |
664a73 |
Clear credentials for a particular host or domain from the kernel.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
clearall
|
|
Packit Service |
664a73 |
Clear all cifs credentials from the kernel.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
update
|
|
Packit Service |
664a73 |
Update stored credentials in the kernel with a new username and
|
|
Packit Service |
664a73 |
password.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
*******
|
|
Packit Service |
09cdfc |
OPTIONS
|
|
Packit Service |
09cdfc |
*******
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
-d, --domain
|
|
Packit Service |
664a73 |
The provided host/domain argument is a NT domainname.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
Ordinarily the second argument provided to cifscreds is treated as a
|
|
Packit Service |
664a73 |
hostname or IP address. This option causes the cifscreds program to
|
|
Packit Service |
664a73 |
treat that argument as an NT domainname instead.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
If there are not host specific credentials for the mounted server, then
|
|
Packit Service |
664a73 |
the kernel will next look for a set of domain credentials equivalent to
|
|
Packit Service |
664a73 |
the domain= option provided at mount time.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
-u, --username
|
|
Packit Service |
664a73 |
Ordinarily, the username is derived from the unix username of the user
|
|
Packit Service |
664a73 |
adding the credentials. This option allows the user to substitute a
|
|
Packit Service |
664a73 |
different username.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
*****
|
|
Packit Service |
09cdfc |
NOTES
|
|
Packit Service |
09cdfc |
*****
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
The cifscreds utility requires a kernel built with support for the
|
|
Packit Service |
664a73 |
``login`` key type. That key type was added in v3.3 in mainline Linux
|
|
Packit Service |
09cdfc |
kernels.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
664a73 |
Since ``cifscreds`` adds keys to the session keyring, it is highly
|
|
Packit Service |
664a73 |
recommended that one use ``pam_keyinit`` to ensure that a session keyring
|
|
Packit Service |
09cdfc |
is established at login time.
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
********
|
|
Packit Service |
09cdfc |
SEE ALSO
|
|
Packit Service |
09cdfc |
********
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
pam_keyinit(8)
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
*******
|
|
Packit Service |
09cdfc |
AUTHORS
|
|
Packit Service |
09cdfc |
*******
|
|
Packit Service |
09cdfc |
|
|
Packit Service |
09cdfc |
The cifscreds program was originally developed by Igor Druzhinin
|
|
Packit Service |
09cdfc |
<jaxbrigs@gmail.com>. This manpage and a redesign of the code was done
|
|
Packit Service |
09cdfc |
by Jeff Layton <jlayton@samba.org>.
|