Provided by: smbfs_3.0.22-1ubuntu3_i386 bug


       mount.cifs - mount using the Common Internet File System (CIFS)


       mount.cifs {service} {mount-point} [-o options]


       This tool is part of the samba(7) suite.

       mount.cifs  mounts  a  Linux  CIFS  filesystem.  It  is usually invoked
       indirectly by the mount(8) command when using  the  "-t  cifs"  option.
       This  command only works in Linux, and the kernel must support the cifs
       filesystem. The CIFS protocol is the successor to the SMB protocol  and
       is  supported by most Windows servers and many other commercial servers
       and Network Attached Storage appliances as well as by the popular  Open
       Source server Samba.

       The   mount.cifs  utility  attaches  the  UNC  name  (exported  network
       resource) to the local directory mount-point. It is possible to set the
       mode  for  mount.cifs  to  setuid root to allow non-root users to mount
       shares to directories for which they have write permission.

       Options to mount.cifs  are  specified  as  a  comma-separated  list  of
       key=value pairs. It is possible to send options other than those listed
       here,  assuming  that  the  cifs  filesystem  kernel  module  (cifs.ko)
       supports  them.  Unrecognized cifs mount options passed to the cifs vfs
       kernel code will be logged to the kernel log.

       mount.cifs causes the cifs vfs to launch a thread  named  cifsd.  After
       mounting  it  keeps  running  until  the  mounted resource is unmounted
       (usually via the umount utility).


              specifies the username to connect as. If this is not given, then
              the environment variable USER is used. This option can also take
              the    form    "user%password"    or     "workgroup/user"     or
              "workgroup/user%password" to allow the password and workgroup to
              be specified as part of the username.


              The cifs vfs accepts the parameter user=, or for users  familiar
              with   smbfs  it  accepts  the  longer  form  of  the  parameter
              username=. Similarly the longer smbfs style parameter names  may
              be   accepted  as  synonyms  for  the  shorter  cifs  parameters
              pass=,dom= and cred=.

              specifies the CIFS password. If this option is  not  given  then
              the  environment variable PASSWD is used. If the password is not
              specified directly  or  indirectly  via  an  argument  to  mount
              mount.cifs  will  prompt for a password, unless the guest option
              is specified.

              Note that a password  which  contains  the  delimiter  character
              (i.e.  a  comma  ’,’)  will  fail  to be parsed correctly on the
              command line. However, the same password defined in  the  PASSWD
              environment  variable  or  via a credentials file (see below) or
              entered at the password prompt will be read correctly.

              specifies a file that contains a username and/or  password.  The
              format of the file is:

              This is preferred over having passwords in plaintext in a shared
              file, such as /etc/fstab. Be sure  to  protect  any  credentials
              file properly.

              sets  the uid that will own all files on the mounted filesystem.
              It may be specified as either a username or a numeric uid.  This
              parameter  is  ignored  when the target server supports the CIFS
              Unix extensions.

              sets the gid that will own all files on the mounted  filesystem.
              It may be specified as either a groupname or a numeric gid. This
              parameter is ignored when the target server  supports  the  CIFS
              Unix extensions.

              sets  the  port  number  on  the server to attempt to contact to
              negotiate CIFS support. If the CIFS server is not  listening  on
              this  port  or if it is not specified, the default ports will be
              tried i.e. port 445 is tried and if no response then port 139 is

              When  mounting  to  servers  via port 139, specifies the RFC1001
              source name to use to represent the client netbios machine  name
              when doing the RFC1001 netbios session initialize.

              If  the  server  does  not support the CIFS Unix extensions this
              overrides the default file mode.

              If the server does not support the  CIFS  Unix  extensions  this
              overrides the default mode for directories.

       ip=arg sets the destination host or IP address.

              sets the domain (workgroup) of the user

       guest  don’t prompt for a password

              Charset  used  to  convert local path names to and from Unicode.
              Unicode is used by default for network path names if the  server
              supports  it. If iocharset is not specified then the nls_default
              specified during the local client kernel build will be used.  If
              server does not support Unicode, this parameter is unused.

       ro     mount read-only

       rw     mount read-write

              If  the  CIFS Unix extensions are negotiated with the server the
              client will attempt to set the effective  uid  and  gid  of  the
              local  process  on newly created files, directories, and devices
              (create, mkdir, mknod). If the  CIFS  Unix  Extensions  are  not
              negotiated,  for  newly created files and directories instead of
              using the default uid and gid specified on the the mount,  cache
              the  new file’s uid and gid locally which means that the uid for
              the file can change when the inode  is  reloaded  (or  the  user
              remounts the share).

              The  client  will not attempt to set the uid and gid on on newly
              created files, directories, and devices (create,  mkdir,  mknod)
              which  will  result in the server setting the uid and gid to the
              default (usually the server uid of  the  user  who  mounted  the
              share).  Letting the server (rather than the client) set the uid
              and gid is the default.If  the  CIFS  Unix  Extensions  are  not
              negotiated  then the uid and gid for new files will appear to be
              the uid  (gid)  of  the  mounter  or  the  uid  (gid)  parameter
              specified on the mount.

       perm   Client  does  permission checks (vfs_permission check of uid and
              gid of the file against the mode and  desired  operation),  Note
              that  this  is in addition to the normal ACL check on the target
              machine done by the server software. Client permission  checking
              is enabled by default.

       noperm Client  does  not do permission checks. This can expose files on
              this mount to access by other users on the local client  system.
              It  is  typically  only needed when the server supports the CIFS
              Unix Extensions but the  UIDs/GIDs  on  the  client  and  server
              system  do  not match closely enough to allow access by the user
              doing the mount. Note that this does not affect the  normal  ACL
              check  on the target machine done by the server software (of the
              server ACL against the user name provided at mount time).

              Do not do inode data caching on files opened on this mount. This
              precludes  mmaping  files on this mount. In some cases with fast
              networks and little or no caching benefits on the  client  (e.g.
              when the application is doing large sequential reads bigger than
              page size without rereading the  same  data)  this  can  provide
              better  performance than the default behavior which caches reads
              (readahead) and writes (writebehind)  through  the  local  Linux
              client  pagecache if oplock (caching token) is granted and held.
              Note that direct allows write operations larger than  page  size
              to  be  sent  to  the  server. On some kernels this requires the
              cifs.ko module to be built with the CIFS_EXPERIMENTAL  configure

              Translate  six  of the seven reserved characters (not backslash,
              but including the colon, question mark, pipe,  asterik,  greater
              than  and  less  than  characters)  to  the  remap  range (above
              0xF000), which also allows the CIFS client  to  recognize  files
              created  with such characters by Windows’s POSIX emulation. This
              can also be useful when  mounting  to  most  versions  of  Samba
              (which  also  forbids  creating  and  opening  files whose names
              contain any of these seven characters). This has  no  effect  if
              the server does not support Unicode on the wire.

              Do not translate any of these seven characters (default)

       intr   currently unimplemented

       nointr (default) currently unimplemented

       hard   The  program  accessing  a  file on the cifs mounted file system
              will hang when the server crashes.

       soft   (default) The program accessing a file on the cifs mounted  file
              system  will  not  hang  when the server crashes and will return
              errors to the user application.

       noacl  Do not allow POSIX ACL operations even if server  would  support

              The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to
              Samba  servers  version  3.10  and  later.  Setting  POSIX  ACLs
              requires  enabling both XATTR and then POSIX support in the CIFS
              configuration options when building the cifs module.  POSIX  ACL
              support  can  be  disabled  on  a  per mount basic by specifying
              "noacl" on mount.

       nocase Request case insensitive path name matching (case  sensitive  is
              the default if the server suports it).

       sec=   Security mode. Allowed values are:

              ·  none attempt to connection as a null user (no name)

              ·  krb5 Use Kerberos version 5 authentication

              ·  krb5i Use Kerberos authentication and packet signing

              ·  ntlm Use NTLM password hashing (default)

              ·  ntlmi   Use   NTLM   password   hashing   with   signing  (if
                 /proc/fs/cifs/PacketSigningEnabled on or if  server  requires
                 signing also can be the default)

              ·  ntlmv2 Use NTLMv2 password hashing

              ·  ntlmv2i Use NTLMv2 password hashing with packet signing

              [NB This [sec parameter] is under development and expected to be
              available in cifs kernel module 1.40 and later]

       nobrl  Do not send byte range lock requests  to  the  server.  This  is
              necessary  for  certain  applications that break with cifs style
              mandatory byte range locks (and most cifs  servers  do  not  yet
              support requesting advisory byte range locks).

       sfu    When  the  CIFS  Unix  Extensions are not negotiated, attempt to
              create device files  and  fifos  in  a  format  compatible  with
              Services  for Unix (SFU). In addition retrieve bits 10-12 of the
              mode via the SETFILEBITS extended attribute (as  SFU  does).  In
              the  future  the  bottom  9  bits  of the mode mode also will be
              emulated using queries of the security  descriptor  (ACL).  [NB:
              requires  version  1.39  or  later of the CIFS VFS. To recognize
              symlinks and be able to create symlinks in an SFU  interoperable
              form  requires  version  1.40  or  later  of the CIFS VFS kernel

              Use inode numbers (unique persistent file identifiers)  returned
              by  the  server  instead  of  automatically generating temporary
              inode numbers on the client. Although server inode numbers  make
              it  easier  to spot hardlinked files (as they will have the same
              inode numbers) and inode numbers may  be  persistent  (which  is
              userful  for  some  sofware), the server does not guarantee that
              the inode numbers are unique if multiple server side mounts  are
              exported  under  a  single  share  (since  inode  numbers on the
              servers might not be unique if multiple filesystems are  mounted
              under the same shared higher level directory). Note that not all
              servers support returning server inode numbers,  although  those
              that  support  the  CIFS  Unix  Extensions, and Windows 2000 and
              later  servers  typically  do   support   this   (although   not
              necessarily  on every local server filesystem). Parameter has no
              effect if the server lacks support for returning  inode  numbers
              or equivalent.

              client generates inode numbers (rather than using the actual one
              from the server) by default.

              (default) Do not allow getfattr/setfattr to get/set xattrs, even
              if server would support it otherwise.

              default network read size

              default network write size

              Print  additional debugging information for the mount. Note that
              this parameter must be specified before the -o. For example:

              mount -t cifs //server/share /mnt --verbose -o user=username


       The variable USER may contain the username of the person to be used  to
       authenticate  to  the  server.  The  variable  can  be used to set both
       username and password by using the format username%password.

       The variable PASSWD may contain the password of the  person  using  the

       The variable PASSWD_FILE may contain the pathname of a file to read the
       password from. A single line of input is read and used as the password.


       This  command  may  be  used  only by root, unless installed setuid, in
       which case the noeexec and nosuid mount flags are enabled.


       The primary mechanism for making configuration changes and for  reading
       debug  information  for the cifs vfs is via the Linux /proc filesystem.
       In the directory /proc/fs/cifs  are  various  configuration  files  and
       pseudo  files which can display debug information. There are additional
       startup options such as maximum buffer size and number of buffers which
       only  may  be  set when the kernel cifs vfs (cifs.ko module) is loaded.
       These can be seen by running  the  modinfo  utility  against  the  file
       cifs.ko  which  will list the options that may be passed to cifs during
       module installation (device driver load). For more information see  the
       kernel file fs/cifs/README.


       Mounting using the CIFS URL specification is currently not supported.

       The  credentials  file  does  not  handle  usernames  or passwords with
       leading space.

       Note that the typical response to a bug report is a suggestion  to  try
       the  latest  version  first. So please try doing that first, and always
       include which versions you use of relevant software when reporting bugs
       (minimum:  mount.cifs  (try  mount.cifs -V), kernel (see /proc/version)
       and server type you are trying to contact.


       This man page is correct for version 1.39 of the  cifs  vfs  filesystem
       (roughly Linux kernel 2.6.15).


       Documentation/filesystems/cifs.txt  and  fs/cifs/README  in  the  linux
       kernel source tree may contain additional options and information.



       Steve French

       The syntax and manpage were loosely based on that of smbmount.  It  was
       converted to Docbook/XML by Jelmer Vernooij.

       The  maintainer of the Linux cifs vfs and the userspace tool mount.cifs
       is Steve French. The Linux CIFS Mailing list is the preferred place  to
       ask questions regarding these programs.