When I try to access a cifs filesystem that is mounted with the "multiuser" option, there is an error message in the authlog: "request-key: Cannot find command to construct key ****" I mount a share at boot time as user1 and want to use the share as user2, user3, ... I added the mount option "multiuser". The mount operation succeeds, but when I try to access the share as user2, I get a "permission denied" message, with the error message in the authlog "request-key: Cannot find command to construct key ****" Platform: - Ubuntu 18.04.2 LTS - samba -V: Version 4.7.6-Ubuntu - keyutils: 1.5.9-9.2ubuntu2 - cifs-utils: 6.8-1 Detailed info: /etc/fstab contains: //myserver.mydomain/ea06test /mnt/myshare cifs rw,auto,multiuser,mfsymlinks,vers=3.0,sec=ntlmssp,credentials=/var/keytabs/mountcreds 0 0 /var/keytabs/mountcreds contains the credentials of user1 output of the "mount" command contains: //myserver.mydomain/ea06test on /mnt/myshare type cifs (rw,relatime,vers=3.0,sec=ntlmssp,cache=strict,multiuser,domain=mydomain,uid=0,noforceuid,gid=0,noforcegid,addr=<server ip address>,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,mfsymlinks,noperm,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1) I login as user2: $ id uid=1507005289(user2) gid=1507000513(domain users) ... $ cifscreds add -d mydomain Password: ***** $ ls /mnt/myshare ls: cannot access '/mnt/myshare': Permission denied $ keyctl show Session Keyring 447290447 --alswrv 1507005289 1507000513 keyring: _ses 451265523 --alswrv 1507005289 65534 \_ keyring: _uid.1507005289 111699691 --alsw-v 1507005289 1507000513 \_ logon: cifs:a:<server ip address> 1044635621 ----sw-v 1507005289 1507000513 \_ logon: cifs:d:mydomain I set the debug flag for request-key => the auth.log contains: Jun 21 16:48:03 ea06c533 request-key: Key descriptor: "logon;1507005289;1507000513;3d010000;cifs:d:mydomain" Jun 21 16:48:03 ea06c533 request-key: Key type: logon Jun 21 16:48:03 ea06c533 request-key: Key desc: cifs:d:mydomain Jun 21 16:48:03 ea06c533 request-key: CALLOUT: '' Jun 21 16:48:03 ea06c533 request-key: Opened config file '/etc/request-key.conf' Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(dns_resolver,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(cifs.idmap,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(cifs.spnego,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(user,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(user,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(user,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(user,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(user,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(create,create) Jun 21 16:48:03 ea06c533 request-key: = yes Jun 21 16:48:03 ea06c533 request-key: match(user,logon) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: match(negate,create) Jun 21 16:48:03 ea06c533 request-key: = no Jun 21 16:48:03 ea06c533 request-key: Cannot find command to construct key **** => There is a missing entry for "key type = logon" in the files /etc/request-key.conf /etc/request-key.d/* An strace of the request-key command confirms this: openat(AT_FDCWD, "/etc/request-key.d/logon.conf", O_RDONLY) = -1 ENOENT (No such file or directory) Anyone who knows what is missing? P.S. I can access the share as user1 (i.e. the user in the mount command) $ cifscreds add -u user1 -d mydomain Password: ***** $ ls /mnt/myshare => success