Trouble with HTTP access to CIFS mounted folder

I have mounted a folder on a Windows Server 2003 PC via cifs:
In /etc/fstab:
\172.23.174.174\gen_files /srv/www/htdocs/mocito/video_server/gen_files_mnt_174 cifs user,password=xxx,username=xxx 0 0

The folder is mounted in my web-root, so that files in that folder should be accessible via Web-Browsers.

I have done the same in OpenSuse 10 with smbfs and there was no problem.

But now in OpenSuse 11.1 I have strange problem:

The folder mainly contains video files. I can download those files via FTP with no problem and I can also access them via HTTPS, e.g.:
https://81.173.209.179/video_server/gen_files_mnt_174/test.flv

But when I tray to load it via HTTP, e.g.
http://81.173.209.179/video_server/gen_files_mnt_174/test.flv
the files are NOT loaded completely, just some few kb resulting in a corrupted video file.

It is the same with longer text-files ot other file types. Using HTTP only the first part is downloaded.

Does anyone know a solution for this?

Thanks!

Hello brunofuchs, welcome to the forums.

I think you meant to write it like this:
//172.23.174.174/gen_files /srv/www/htdocs/mocito/video_server/gen_files_mnt_174 cifs user,password=xxx,username=xxx 0 0

Before a mount takes place there will be some underlying ownership and permissions for the target directory (directory gen_files_mnt_174). When the share on the server is mounted, the permissions on the mount point (directory gen_files_mnt_174) will automagically change from the underlying Linux permissions to the permissions flowing through from the windows server, convolved with the permissions controls contained in the mount command. So the end result might be what’s mucking thing around for you (or it might be a result of the weather in Spain, I’m never quite sure).

So can you enter this command in a console window to see what the ownership and permissions are for the mount point:

ls -l /srv/www/htdocs/mocito/video_server/ | grep gen_files_mnt_174

Report the values you get back here so we can see what’s happening for the permissions and ownership. Please do it once when the windows share is not mounted and once when the share is mounted. I’d like to see the difference.

Thanks
Swerdna

Hello Swerdna,
thank you very much for your help!

The permission and ownerships are as follows, when the windows share is NOT mounted:

drwxrwxrwx 2 root root 397312 May 18 12:38 gen_files_mnt_174

The permission and ownerships are as follows, when the windows share is mounted:

drwxrwxrwx 1 root root 0 Jun 4 14:03 gen_files_mnt_174
(so the same)

The files inside the mounted folder have following rights:

-rwxrwSrwx 1 root root 1066784 May 19 15:27 test.flv*

Thanks,
brunofuchs.

By the way:
The syntax

\172.23.174.174\gen_files /srv/www/htdocs/mocito/video_server/gen_files_mnt_174 cifs user,password=xxx,username=xxx 0 0

is a result from using Webmin for creating the CIFS mount.

But it does not matter. When I type in

//172.23.174.174/gen_files /srv/www/htdocs/mocito/video_server/gen_files_mnt_174 cifs user,password=xxx,username=xxx 0 0

manually in the /etc/fstab file, it is the same problem.

Yes – my remark turned out to be a red herring because the cifs programmers have allowed for the server slashes to be backwards and make a correction automatically.

I’ve set up a simulation on a webserver and tested it with http (https is not installed). I get a faithful reproduction of what you describe, including the corruption. I tried two extra alternatives by adding these options:
ownership by a normal user with “uid=john,gid=users” in the mount
ownership by the webserver user with “uid=wwwrun,gid=www” in the mount

The download from Firefox is still corrupted.

If I leave the share unmounted so nothing is coming over the LAN and physically place a *.flv test file directly into the webserver directory, with permissions john:users rwxr-xr-x it downloads OK. If I use permissions rwxrwSrwx just to see what happens it still downloads OK.

Thus the problem is defo in the interaction of http-serving and sharing over a LAN.

I’ll ponder that for a day or two and get back. Unfortunately the real world of paid work calls me off to the salt mines again. Maybe some of the http gurus will chime in while I’m away.

OK , was just having last coffee b4 leaving and thought to try this:
add the option “noperm” into the mount in fstab. Here’s the man extract:

   noperm
       Client does not do permission checks. This can expose files on this
       mount to access by other users on the local client system. It is
       typically only needed when the server supports the CIFS Unix
       Extensions but the UIDs/GIDs on the client and server system do not
       match closely enough to allow access by the user doing the mount.
       Note that this does not affect the normal ACL check on the target
       machine done by the server software (of the server ACL against the
       user name provided at mount time).

Works a treat!

Thanks again Swerdna for your help and for reproducing the effect in your simulation. So at least I am aware that this strange effect is not something “mystic” in my special installation and indeed I have to OpenSuse 11.1 systems, which have both the same problem.

Did the “noperm” option really work in your simulation???

I tried it, and it does not help. This is the line in my /etc/fstab now:


//172.16.2.191/gen_files  /srv/www/htdocs/mocito/video_server/gen_files_mnt_191 cifs  password=xxx,username=xxx,_netdev,noperm  0  0

I still have the effect of corrupted files, when I access via HTTP.

Did the “noperm” option really work in your simulation???

Yes, I just checked again. I used the same options as you. If noperms is in it works. If I take noperms out it doesn’t work. This is reproducible for me.

You should clear your browser’s cache in case it repeats the download with the version of the FLV file that’s stored/stuck in the cache. That might be the problem you are having now.

For sure I did clear the browser cache before. I also tried in different browsers (always clearing chache before) and I also rebooted the machine. Nothing helps.

The entry in my fstab is correct, isn’t it:


//172.16.2.191/gen_files  /srv/www/htdocs/mocito/video_server/gen_files_mnt_191 cifs  password=xxx,username=xxx,_netdev,noperm  0  0

Maybe we have different cifs/samba versions installed?

My versions are (checked in Yast Software Managment):

cifs-mount: 3.2.7-11.2.1
samba: 3.2.7-11.2.1

Yes it is correct, prima facie. [although you might change the ownership to the apache server (wwwrun:www), just in case, but it works fine for me using root:root]

Please describe the server at 172.16.2.191 including the operating system and the nature of the share configuration there. Please also explain the difference between the servers at 172.16.2.191 and 81.173.209.179

Sorry for confusing you with different servers! The last one (172.16.2.191) was my internal test server. From now on I will only talk about the external Server (81.173.209.179) which you can also access. There the mount is as follows now:

//172.23.174.174/gen_files /srv/www/htdocs/mocito/video_server/gen_files_mnt_174 cifs uid=wwwrun,gid=www,username=administrator,password=xxx,noperm,_netdev 0 0

The IP 172.23.174.174 is the IP of the Windows Server, which is:

WindowsServer 2003

The gen_files folder on the Windows machine is shared with permissions:

Everyone Allow: Full Control, Change, Read

The mounted folder gen_files_mnt_174 looks like this:

drwxrwxrwx 1 wwwrun www 0 Jun 5 14:03 gen_files_mnt_174/

The UNmounted folder looks like this:

drwxrwxrwx 2 root root 397312 May 18 12:38 gen_files_mnt_174/

That looks good to me.

I have only the client operating systems w2000, xp, vista, seven. I don’t have a server like server 2003 to test the cifs mount. So I can’t really help you further. I feel it’s some restricion being placed by the security in server 2003, but I can’t imagine what, not having one to test.

No, it is not only a problem of Server 2003.
I have also mounted a folder on a Windows XP machine now:

http://81.173.209.179/video_server/gen_files_mnt_175/test.flv

Same problem! Very strange. Could you please have a look which versions of cifs/samba you are using!

I did already make an update to cifs/samba 3.3.4 on the internal test server. But that did also not help.

This issue really drives me crazy!

I’m using these versions:
samba-3.2.7-11.2.1, samba-client-3.2.7-11.2.1, cifs-mount-3.2.7-11.2.1

OK – I added the latest Samba repositories in Yast and upgraded (in my client machine that mounts the test share) samba and cifs-mount to the versions that you have. That broke downloads via web browsers and created for me the same problem that you have.

Samba and cifs are not broken in that I can download perfectly by opening smb:// in my file browsers (Nautilus and Konqueror) and right-click the file test.flv and play it in VLC over the LAN. And similarly I can go to the cifs mount directory mount in Nautilus or Konqueror and right-click play the file. But I cannot successfully download it any more using a web browser.

So the upgrade from versions 3.2.7 to 3.3.4 broke the web browser to cifs mount download function. I think that probably this is a new bug.

I have since removed the openSUSE Samba repository and downgraded Samb/cifs back to 3.2.7 but the problem has stuck. I will now root out any semblance of Samba and cifs files from my filesystem using the “locate” application and try reinstalling Samba and cifs again, but that will take a day or so because I have to work this weekend.

have you resolved the problem?i cought the same problem with lighttpd:(

No unfrotuantely not. It seems to be a bug in Suse. All updates since then did not help!:frowning:

I forgot about this thread – but I’ve re-read it. Can’t think of anything extra to do. Except for you to make a bug report.

BTW have you tried different web browsers to see if it’s specific to one browser.