SMB/CIFS connection timeout kernel-3.10.0-957.21.3.el7

After upgrading to kernel-3.10.0-957.21.3.el7 on a CentOS server, I experienced connection timeout issues on Windows servers trying to access SMB shares. On the contrary, I was able to access the share using a Linux system without any problem.

The bug was reported in CentOS Bug Tracker and it’s caused by one of the patches applied to address CVE-2019-11478.

Some applications set tiny SO_SNDBUF values and expect TCP to just work.
Recent patches to address CVE-2019-11478 broke them in case of losses, since re-transmits might be prevented.

To (temporarily) fix this issue, I increased SO_SNDBUF value in /etc/samba/smb.conf:

socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=65536 SO_SNDBUF=65536

 

Reset root password on CentOS

In the GRUB menu, select the kernel to edit and press e.

Go to the line starting with linux16 and replace ro with rw init=/sysroot/bin/sh. Press Ctrl+x to boot in single user mode.

To access the system type chroot /sysroot.

Use passwd to change root password or pam_tally2 to unlock the account.

Exit and reboot.

 

Using DNF with a proxy

Edit the /etc/dnf/dnf.conf file, adding these parameters in the [main] section:

proxy=http://proxy.thinkhel.com:9090
proxy_username=thinkhel
proxy_password=thinkhelpass

proxy_username and proxy_password are optional, based on your proxy server configuration.