http://bugzilla.novell.com/show_bug.cgi?id=614293 http://bugzilla.novell.com/show_bug.cgi?id=614293#c0 Summary: NFS with kerberos identification isn't working Classification: openSUSE Product: openSUSE 11.3 Version: Factory Platform: All OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: mcaj@novell.com QAContact: qa@suse.de Found By: --- Blocker: --- Created an attachment (id=369189) --> (http://bugzilla.novell.com/attachment.cgi?id=369189) strace logs User-Agent: Mozilla/5.0 (X11; U; Linux i686; cs-CZ; rv:1.9.1.9) Gecko/20100317 SUSE/3.5.9-0.1.1 Firefox/3.5.9 Hi, NFS client with kerberos identification (-o sec=krb5i or -o sec=krb5p) isn't working on OpenSuse 11.3 Milestone 7. Normal nfs mount without kerberos ticket (-o default) is working. In the KDC server log file, I can see request and answer for the nfs ticket as any other workstation (- no error/warning messages) I tested it on i686 and x86-64 CPU with same result. BTW: NFS client in YaST2 is broken too, but bug was already reported I'm from Suse (Prague) If you need help with testing Debuging the problem I can help you - just ping me on Novell IM. Martin Reproducible: Always Steps to Reproduce: 1.Install OpenSuse 11.3 M7, setup ldap and kdc client (check if login on machine is working) disable firewall 2. don't use YaST for NFS client - is broken! 3. enable gss in /etc/sysconfig/nfs, download yours /etc/krb5.keytab from kdc server, add nfs mount into /etc/fstab e.g.: nfsserver:/home /nfs nfs sec=krb5i,intr,rw 4. reboot machines 5. run nfs mount e.g.: "mount nfsserver:/home /nfs -t nfs -o sec=krb5i,intr,rw Actual Results: error messages: "mount.nfs: access denied by server while mounting nfs.suse.cz:/home" Expected Results: mount.nfs should successfully mount /nfs. I add strace logs file. I hope It helps you with debug and fix the problem. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.