https://bugzilla.novell.com/show_bug.cgi?id=745412 https://bugzilla.novell.com/show_bug.cgi?id=745412#c0 Summary: rpc.gssd and rpc.idmapd are not started for secure krb5 nfs4 mounts Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: i586 OS/Version: openSUSE 12.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: lynn@steve-ss.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2 unless rpc.gssd is running, kerberized nfs4 shares cannot be mounted. This is not running by default upon calling mount. rpc.idmapd has to be started manually on the client too when mounting manually (maybe this is expected but I think mount ought to do that for us when it sees nfs4) Reproducible: Always Steps to Reproduce: 1.mount -t nfs4 ... ... -o sec=krb5 2.permission denied 3.rpc.gssd -fvvv 4. repeat mount command 5. Now mounts OK Actual Results: permission denied (rpc.svcgssd -fvvv gives no poll output) Expected Results: The nfs4 share is mounted insserv rpcbind insserv: script jexec is broken: incomplete LSB comment. insserv: missing `Required-Stop:' entry: please add even if empty. cat /etc/exports /export gss/krb5(rw,fsid=0,crossmnt,no_subtree_check,insecure) /export/home gss/krb5(rw,insecure,no_subtree_check) rcnfsserver start ps aux | grep rpc root 1037 0.0 0.1 2356 784 ? Ss 14:41 0:00 /sbin/rpcbind root 2309 0.0 0.0 0 0 ? S< 14:45 0:00 [rpciod] root 2419 0.0 0.2 3684 1212 ? Ss 14:48 0:00 /usr/sbin/rpc.svcgssd root 2424 0.0 0.0 2416 348 ? Ss 14:48 0:00 /usr/sbin/rpc.idmapd root 2428 0.0 0.1 2976 748 ? Ss 14:48 0:00 /usr/sbin/rpc.mountd --no-nfs-version 2 --no-nfs-version 3 There is no output from a rpc.svcgssd -fvvv poll during a mount. Workaround: start rpc.gssd and rpc.idmapd manually before mounting. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.