Mailinglist Archive: opensuse (1188 mails)
| < Previous | Next > |
[opensuse] nfsv4 kerberos problem
- From: lynn <lynn@xxxxxxxxxxxx>
- Date: Fri, 27 Jan 2012 22:56:01 +0100
- Message-id: <4F231D71.5030906@steve-ss.com>
Hi
I've setup an nfs4 server in Yast. I enabled gss security, created an nfs principal and extracted it to /etc/krb5.keytab. That seems OK because without the keytab, the nfsserver would not start.
Yast has created this:
cat /etc/exports
/home *(fsid=0,crossmnt,rw,root_squash,sync,no_subtree_check)
mount -t /server:/ /mnt
works fine, but makes no mention of Kerberos.
I've tried
/home gss/krb5(fsid=0,crossmnt,rw,root_squash,sync,no_subtree_check)
and
/home *(fsid=0,crossmnt,rw,root_squash,sync,no_subtree_check,sec=krb5)
both of which give:
mount.nfs4: access denied by server while mounting server:/
as does
mount -t nfs4 server:/ /mnt -o sec=krb5
The server starts OK:
Jan 27 22:45:07 hh3 nfsserver[7449]: Starting kernel based NFS server: svcgssd idmapd mountd statd nfsd sm-notify..done
Kerberos is working OK elsewhere but what am I missing for the nfs service?
What is the method to mount correctly kerberized? is what I've done enough?
Thanks,
L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
I've setup an nfs4 server in Yast. I enabled gss security, created an nfs principal and extracted it to /etc/krb5.keytab. That seems OK because without the keytab, the nfsserver would not start.
Yast has created this:
cat /etc/exports
/home *(fsid=0,crossmnt,rw,root_squash,sync,no_subtree_check)
mount -t /server:/ /mnt
works fine, but makes no mention of Kerberos.
I've tried
/home gss/krb5(fsid=0,crossmnt,rw,root_squash,sync,no_subtree_check)
and
/home *(fsid=0,crossmnt,rw,root_squash,sync,no_subtree_check,sec=krb5)
both of which give:
mount.nfs4: access denied by server while mounting server:/
as does
mount -t nfs4 server:/ /mnt -o sec=krb5
The server starts OK:
Jan 27 22:45:07 hh3 nfsserver[7449]: Starting kernel based NFS server: svcgssd idmapd mountd statd nfsd sm-notify..done
Kerberos is working OK elsewhere but what am I missing for the nfs service?
What is the method to mount correctly kerberized? is what I've done enough?
Thanks,
L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
| < Previous | Next > |