[Bug 745412] New: rpc.gssd and rpc.idmapd are not started for secure krb5 nfs4 mounts
https://bugzilla.novell.com/show_bug.cgi?id=745412 https://bugzilla.novell.com/show_bug.cgi?id=745412#c0 Summary: rpc.gssd and rpc.idmapd are not started for secure krb5 nfs4 mounts Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: i586 OS/Version: openSUSE 12.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: lynn@steve-ss.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2 unless rpc.gssd is running, kerberized nfs4 shares cannot be mounted. This is not running by default upon calling mount. rpc.idmapd has to be started manually on the client too when mounting manually (maybe this is expected but I think mount ought to do that for us when it sees nfs4) Reproducible: Always Steps to Reproduce: 1.mount -t nfs4 ... ... -o sec=krb5 2.permission denied 3.rpc.gssd -fvvv 4. repeat mount command 5. Now mounts OK Actual Results: permission denied (rpc.svcgssd -fvvv gives no poll output) Expected Results: The nfs4 share is mounted insserv rpcbind insserv: script jexec is broken: incomplete LSB comment. insserv: missing `Required-Stop:' entry: please add even if empty. cat /etc/exports /export gss/krb5(rw,fsid=0,crossmnt,no_subtree_check,insecure) /export/home gss/krb5(rw,insecure,no_subtree_check) rcnfsserver start ps aux | grep rpc root 1037 0.0 0.1 2356 784 ? Ss 14:41 0:00 /sbin/rpcbind root 2309 0.0 0.0 0 0 ? S< 14:45 0:00 [rpciod] root 2419 0.0 0.2 3684 1212 ? Ss 14:48 0:00 /usr/sbin/rpc.svcgssd root 2424 0.0 0.0 2416 348 ? Ss 14:48 0:00 /usr/sbin/rpc.idmapd root 2428 0.0 0.1 2976 748 ? Ss 14:48 0:00 /usr/sbin/rpc.mountd --no-nfs-version 2 --no-nfs-version 3 There is no output from a rpc.svcgssd -fvvv poll during a mount. Workaround: start rpc.gssd and rpc.idmapd manually before mounting. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=745412 https://bugzilla.novell.com/show_bug.cgi?id=745412#c1 --- Comment #1 from lynn wilson <lynn@steve-ss.com> 2012-02-10 07:41:05 UTC --- rpc.svcgssd seems to be obsolete: http://wiki.linux-nfs.org/wiki/index.php/Nfsv4_configuration -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=745412 https://bugzilla.novell.com/show_bug.cgi?id=745412#c kk zhang <kkzhang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kkzhang@novell.com AssignedTo|bnc-team-screening@forge.pr |wstephenson@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=745412 https://bugzilla.novell.com/show_bug.cgi?id=745412#c2 Hardy Heroin <hardy.heroin+novell@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |hardy.heroin+novell@gmail.c | |om --- Comment #2 from Hardy Heroin <hardy.heroin+novell@gmail.com> 2013-12-09 14:19:53 UTC --- I can only confirm this for openSUSE 12.3 at the moment but isn't this solved by adding NFS_START_SERVICES="yes" to the file /etc/sysconfig/nfs and then running chkconfig nfs on as root at least once to enable the service? Here's what I read in /etc/sysconfig/nfs on my system ## Path: Network/File systems/NFS server ## Description: Always start NFS services ## Type: yesno ## Default: yes ## ServiceRestart nfs # # Always start NFS services (gssd, idmapd), not only if # there are nfs mounts in /etc/fstab. This is likely to be # needed if you use an automounter for NFS. # Note that the nfs service is no longer enabled by default # and the command "chkconfig nfs on" is needed to fully enable # NFS. # NFS_START_SERVICES="yes" -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com