share level security mounts and user credentials

share level security mounts and user credentials

[Steve French]

For the case of mounts to servers (Windows 9x, Windows ME and some 
appliances etc.) which only support "share level" security (passwords on 
mounts, but no username) ... any opinions about the right multiuser 
behavior (in regards to credentials).  cifs vfs has two security modes:

1) (default) credentials (the smb_uid on all network requests) used is 
always the same over the mount for all users on the system
2) (not default, but enabled when /proc/fs/cifs/MultiuserMount is set to 
1) cifs client tries to find a matching smb_uid for the particular user 
corresponding to the local linux uid making the request

The difficulty with the latter is that we may have to multiplex among 
smb_tids (tree ids) to the same resource, each mounted with different 
passwords.  It is common to have two different passwords on the same 
share (one for full access, one for read only access) so it is 
reasonable to assume that one uid would have all requests to that 
superblock use a different tid than other users - but it is odd because 
there is no username on the wire.   Currently cifs code checks at mount 
time to see if we have a connection to the target server (ip address) 
with a particular username - but it looks like this has to change - we 
have to not only check if we have a particular connection with this 
password if it is a share level security server but also have to map 
access (when MultiuserMount is enabled) to that share from on tid to 
another based on the incoming uid.

Ideas?