[opensuse] convert mount to fstab
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing. The manual mount works fine. The client log shows no reference to cifs and there's no record of a request from it on the server. Any ideas? Thanks -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
lynn wrote:
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
I use this: //host.example.com/photos /home/per/Photos cifs user=xxx,password=xxxxxxxxx 0 0 -- Per Jessen, Zürich (17.6°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, 2013-07-03 at 14:00 +0200, Per Jessen wrote:
lynn wrote:
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
I use this:
//host.example.com/photos /home/per/Photos cifs user=xxx,password=xxxxxxxxx 0 0
Unfortunately we can't do that as the share has to be group rw. Does cifs have a secret log anywhere? I'm looking at /var/log/messages -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
lynn wrote:
On Wed, 2013-07-03 at 14:00 +0200, Per Jessen wrote:
lynn wrote:
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
I use this:
//host.example.com/photos /home/per/Photos cifs user=xxx,password=xxxxxxxxx 0 0
Unfortunately we can't do that as the share has to be group rw. Does cifs have a secret log anywhere? I'm looking at /var/log/messages
Maybe if you try "mount -a" when the system is running - it might give you the error messages. -- Per Jessen, Zürich (17.6°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, 2013-07-03 at 14:15 +0200, Per Jessen wrote:
lynn wrote:
On Wed, 2013-07-03 at 14:00 +0200, Per Jessen wrote:
lynn wrote:
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
I use this:
//host.example.com/photos /home/per/Photos cifs user=xxx,password=xxxxxxxxx 0 0
Unfortunately we can't do that as the share has to be group rw. Does cifs have a secret log anywhere? I'm looking at /var/log/messages
Maybe if you try "mount -a" when the system is running - it might give you the error messages.
mount -a works fine. Does root need a keytab entry? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2013-07-03 13:55 (GMT+0200) lynn composed:
How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine. The client log shows no reference to cifs and there's no record of a request from it on the server.
Any ideas?
One of mine (for a DVB box running Linux): //AZBME/pub /home/AV/azbme cifs user,user=azusr,pass=,nounix,uid=###,gid=###,dir_mode=0777,file_mode=0664,noauto 0 0 s/AZBME/<IP>/ works the same. Looks like you should probably try s/username/user/. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, 2013-07-03 at 14:17 -0400, Felix Miata wrote:
On 2013-07-03 13:55 (GMT+0200) lynn composed:
How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine. The client log shows no reference to cifs and there's no record of a request from it on the server.
Any ideas?
One of mine (for a DVB box running Linux): //AZBME/pub /home/AV/azbme cifs user,user=azusr,pass=,nounix,uid=###,gid=###,dir_mode=0777,file_mode=0664,noauto 0 0
s/AZBME/<IP>/ works the same.
Looks like you should probably try s/username/user/.
Hi. OK, but where would I put: s/username/user/. What's the 's'? Thanks -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 03/07/13 20:19, lynn wrote:
Hi. OK, but where would I put: s/username/user/. What's the 's'? Thanks
You've never come across sed? SWAP [occurances of] 'username' for 'user' in your fstab incantation and see what the result is <by the by> for someone who had such entrenched ideas about your system should work you show a conspicuous lack of insight into geeky culture. >
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2013-07-03 20:53 (GM+0100) Dylan composed:
lynn wrote:
where would I put: s/username/user/. What's the 's'?
You've never come across sed? SWAP [occurances of] 'username' for 'user' in your fstab incantation and see what the result is
To swap is more like a switching that preserves both, but changes the positions. The man page I just looked at calls what it does "replacement", then describes what happens as substitution, which isn't exactly the same thing as swapping. Logically then the 's' more likely means substitute (or synonym 'switch'), which allows for the replaced string to be discarded or removed rather than moved. So, substitute for one occurrence of string 'username' the string 'user' -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, 2013-07-03 at 20:53 +0100, Dylan wrote:
On 03/07/13 20:19, lynn wrote:
Hi. OK, but where would I put: s/username/user/. What's the 's'? Thanks
You've never come across sed? SWAP [occurances of] 'username' for 'user' in your fstab incantation and see what the result is
Ah, I see. Never did understand sed. I always found an alternative. Or asked here! Still no go s/username/user. The line is totally ignored. The cifs upcall never happens. We can however mount after boot, smbclient it and win7 clients mount it fine. I was hoping that this wasn't going to be anything to do with Kerberos. Anyway, we can work around it in boot.local but it's not ideal.
<by the by> for someone who had such entrenched ideas about your system should work you show a conspicuous lack of insight into geeky culture.
Yeah, it's hard. Language is one of our main problems. We do not work with native English speakers and just about all Linux stuff is written in a style which is beyond those even with good conversational skills. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
В Wed, 03 Jul 2013 13:55:44 +0200
lynn
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 2013-07-13 at 10:20 +0400, Andrey Borzenkov wrote:
В Wed, 03 Jul 2013 13:55:44 +0200 lynn
пишет: Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user?
We use a low privilege user, cifsuser. We can't use root. Thanks -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
В Sat, 13 Jul 2013 10:06:07 +0200
lynn
On Sat, 2013-07-13 at 10:20 +0400, Andrey Borzenkov wrote:
В Wed, 03 Jul 2013 13:55:44 +0200 lynn
пишет: Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user?
We use a low privilege user, cifsuser. We can't use root. Thanks
username=cifsuser gives just user name on *server* to authenticate mount. What is your *local*, client, user - also "cifsuser", correct? So you are able to mount manually when logged in locally as "cifsuser"? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
lynn wrote:
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine. The client log shows no reference to cifs and there's no record of a request from it on the server.
Any ideas? Thanks
I normally use /etc/cifstab, but tried putting a mount in /etc/fstab and seem to have no problem. 1) I specified no 'sec' parameter, 2), I can find no mention of a multiuser parameter (perhaps you meant "setuids"). Where is your password? Do you have a domain or workgroup? I put user/password/domain in a credentials file in my ~/.ssh dir, man page says to use format: username=law password=law_pw domain=domain or workgroup name but my mount line in fstab looks like: //ATHENAE/C$/ /mnt/ cifs rw,uid=law,gid=Administrators,nocase,serverino,credentials=/home/law/.ssh/athenae,setuids 0 0 Note -- params that caused it to fail: directio & sfu -- both documented but both causing problems: directio was just an 'unknown' parameter and sfu gave, in "dmesg",: CIFS VFS: cifs_mount failed w/return code = -113 init_special_inode: bogus i_mode (755) for inode cifs:0 CIFS VFS: Error connecting to socket. Aborting operation -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 2013-07-13 at 14:48 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 10:06:07 +0200 lynn
пишет: On Sat, 2013-07-13 at 10:20 +0400, Andrey Borzenkov wrote:
В Wed, 03 Jul 2013 13:55:44 +0200 lynn
пишет: Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user?
We use a low privilege user, cifsuser. We can't use root. Thanks
username=cifsuser gives just user name on *server* to authenticate mount. What is your *local*, client, user - also "cifsuser", correct? So you are able to mount manually when logged in locally as "cifsuser"?
Hi cifsuser can't login. Her only function is to get a ticket for the fileserver. That bit is working fine, just not where I want it: in fstab. Thanks -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 2013-07-13 at 03:59 -0700, Linda Walsh wrote:
lynn wrote:
Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine. The client log shows no reference to cifs and there's no record of a request from it on the server.
Any ideas? Thanks
Hi
I normally use /etc/cifstab, but tried putting a mount in /etc/fstab and seem to have no problem.
1) I specified no 'sec' parameter, OK, so that's: sec=sys
2), I can find no mention of a multiuser parameter (perhaps you meant "setuids"). We don't need setuids. For multiuser please see: man mount.cifs
Where is your password? In the keytab
Do you have a domain or workgroup? domain
I put user/password/domain in a credentials file in my ~/.ssh dir, man page says to use format: username=law password=law_pw domain=domain or workgroup name
I don't think credentials work with kerberos (?).
but my mount line in fstab looks like:
//ATHENAE/C$/ /mnt/ cifs rw,uid=law,gid=Administrators,nocase,serverino,credentials=/home/law/.ssh/athenae,setuids 0 0
Note -- params that caused it to fail: directio & sfu -- both documented but both causing problems: directio was just an 'unknown' parameter and sfu gave, in "dmesg",:
CIFS VFS: cifs_mount failed w/return code = -113 init_special_inode: bogus i_mode (755) for inode cifs:0 CIFS VFS: Error connecting to socket. Aborting operation
Not a problem. I think sfu was for older domains. All our Linux stuff is in the directory.
As I say, the line is fstab is totally ignored during boot. There's an easy workaround but I'd like to know why. Thanks for your time, L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
В Sat, 13 Jul 2013 14:27:43 +0200
lynn
On Sat, 2013-07-13 at 14:48 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 10:06:07 +0200 lynn
пишет: On Sat, 2013-07-13 at 10:20 +0400, Andrey Borzenkov wrote:
В Wed, 03 Jul 2013 13:55:44 +0200 lynn
пишет: Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user?
We use a low privilege user, cifsuser. We can't use root. Thanks
username=cifsuser gives just user name on *server* to authenticate mount. What is your *local*, client, user - also "cifsuser", correct? So you are able to mount manually when logged in locally as "cifsuser"?
Hi cifsuser can't login. Her only function is to get a ticket for the fileserver. That bit is working fine, just not where I want it: in fstab.
I'm sorry, but as you do not explain how you perform manual mount, it is not possible to even guess what's going wrong. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 2013-07-13 at 18:31 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 14:27:43 +0200 lynn
пишет: On Sat, 2013-07-13 at 14:48 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 10:06:07 +0200 lynn
пишет: On Sat, 2013-07-13 at 10:20 +0400, Andrey Borzenkov wrote:
В Wed, 03 Jul 2013 13:55:44 +0200 lynn
пишет: Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user?
We use a low privilege user, cifsuser. We can't use root. Thanks
username=cifsuser gives just user name on *server* to authenticate mount. What is your *local*, client, user - also "cifsuser", correct? So you are able to mount manually when logged in locally as "cifsuser"?
Hi cifsuser can't login. Her only function is to get a ticket for the fileserver. That bit is working fine, just not where I want it: in fstab.
I'm sorry, but as you do not explain how you perform manual mount, it is not possible to even guess what's going wrong.
Hi My fault entirely. I'm hopeless at asking questions. As local user root (uid 0, gid 0) on a 12.3 client: mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser Here is the configuration. Domain: hh3.site. IP: 192.168.1.x/255.255.255.0 1. A client. hostname: catral smb.conf [global] workgroup = HH3 realm = HH3.SITE security = ADS kerberos method = system keytab sssd.conf [sssd] #debug_level = 6 services = nss, pam config_file_version = 2 domains = default [nss] [pam] [domain/default] #debug_level=6 dyndns_update=true dyndns_refresh_interval=16 ad_hostname = catral.hh3.site ad_server = hh16.hh3.site ad_domain = hh3.site ldap_schema = ad id_provider = ad access_provider = simple enumerate = false cache_credentials = true #entry_cache_timeout = 60 auth_provider = krb5 chpass_provider = krb5 krb5_realm = HH3.SITE krb5_server = hh16.hh3.site krb5_kpasswd = hh16.hh3.site ldap_id_mapping=false ldap_referrals = false ldap_uri = ldap://hh16.hh3.site ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_group_search_base = dc=hh3,dc=site ldap_group_name = cn ldap_group_member = member ldap_sasl_mech = gssapi ldap_sasl_authid = CATRAL$@HH3.SITE ldap_krb5_keytab = /etc/krb5.keytab ldap_krb5_init_creds = true 2. The file server hostname: altea smb.conf [global] workgroup = HH3 realm = HH3.SITE security = ADS kerberos method = secrets and keytab log level = 3 [users] path = /home/users read only = No [profiles] path = /home/profiles read only = No store dos attributes = Yes create mask = 0600 directory mask = 0700 browseable = No guest ok = No printable = No profile acls = Yes csc policy = disable [shared] path = /home/shared read only = No inherit acls = Yes --- --- --- 3. The DC hostname: hh16 smb.conf [global] workgroup = HH3 realm = HH3.SITE netbios name = HH16 server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns dns forwarder = 192.168.1.1 idmap_ldb:use rfc2307 = yes [netlogon] path = /usr/local/samba/var/locks/sysvol/hh3.site/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
lynn wrote:
As I say, the line is fstab is totally ignored during boot. There's an easy workaround but I'd like to know why.
---- Ignored at boot? I.e. if you put it in fstab (or something equiv to what I have), you can type mount /mnt, and it takes the parameters from /etc/fstab? I thought when you said you did the line manually you meant with all params on the command line. But is it the case that your entry in fstab works if you use the mount shorthand with just the directory? That's a very different problem. Are you authenticating against an NT domain controller? Windows? Samba? BTW -- I checked out my params through my man page. The version of man page I had had 'directio' (which no longer works). 'sfu' -- which give a fairly consistent message with what I read can happen when trying to use it -- i.e. the error about 'not a directory' has something to do with the sfu facilities not working right, but no mention of the multiuser param on my manpage -- just wondering what it does... since if you are trying to mount at boot time, just "who" is trying to authenticate to your kerberos server? Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time. A problem I had in getting mine to mount at boot was making sure the network was active, and bind(named) and samba were both active and ready-to-serve -- since the windows station I was mounting tries to contact a domain login controller (i.e. the server that is coming up...). That also means all the "elections" and samba setup need to be done with so the client can successfully authenticate -- if something isn't quite ready when it tries to authenticate on boot, it would more than likely just stop trying to mount and quit. If it works later from fstab -- but just that you have to type the mount name, I'd bet something isn't coming up in the right order for it to work... Sorry wasn't more help... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients! And I know exactly why: it's a box we brought over from UK (we're in Spain) and we never ntp'd it. So it'd get its time from the battery on the motherboard. Is it ok not to feel so stupid though: Surely you'd expect _something_ in the log on the client? But nada. The time error shows on the KDC (Samba4). Something like 'clock slew too great'. Phew, thanks a load. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
lynn wrote:
On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients! And I know exactly why: it's a box we brought over from UK (we're in Spain) and we never ntp'd it. So it'd get its time from the battery on the motherboard.
Is it ok not to feel so stupid though: Surely you'd expect _something_ in the log on the client? But nada. The time error shows on the KDC (Samba4). Something like 'clock slew too great'.
Phew, thanks a load.
Awesome! There's a reason why I haven't stated using Kerberos yet...in *my* setup, it'd be another thing to fail and have fall apart!...I haven't even converted to ldap yet. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
В Sat, 13 Jul 2013 23:30:11 +0200
lynn
On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients!
Now I am completely confused. You mean that on this client mounting from /etc/fstab on boot does not work, but manual mounting after boot does work - still with wrong time offset? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sun, 2013-07-14 at 10:40 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 23:30:11 +0200 lynn
пишет: On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients!
Now I am completely confused. You mean that on this client mounting from /etc/fstab on boot does not work, but manual mounting after boot does work - still with wrong time offset?
Hi Yes, I see what you mean. The only explanation I can think of is that ntp was working but only after the tgs call. Which leaves me with the awful thought that the other clients mount not because of time sync with the KDC but only because they have their hardware time set correctly in the first pl1.00ace. Or could it be that it was in the wrong time zone? Or that the battery is dead? I think I'm going to turn a blind eye before someone mentions systemd;) Thanks everyone for your input. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
В Sun, 14 Jul 2013 09:19:00 +0200
lynn
On Sun, 2013-07-14 at 10:40 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 23:30:11 +0200 lynn
пишет: On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients!
Now I am completely confused. You mean that on this client mounting from /etc/fstab on boot does not work, but manual mounting after boot does work - still with wrong time offset?
Hi Yes, I see what you mean. The only explanation I can think of is that ntp was working but only after the tgs call. Which leaves me with the awful thought that the other clients mount not because of time sync with the KDC but only because they have their hardware time set correctly in the first pl1.00ace. Or could it be that it was in the wrong time zone? Or that the battery is dead? I think I'm going to turn a blind eye before someone mentions systemd;)
In this case you must have some messages from ntpd (or, better, from sntp that is used to initially set time) that it was doing large time jumps on startup. Do you have them? Something like Sep 09 08:04:35 opensuse.site ntp[3730]: 9 Sep 08:04:35 sntp[3751]: Started sntp Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.752537 (-0400) -0.26917 +/- 0.032028 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.516363 (-0400) -0.00197 +/- 0.031769 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.643132 (-0400) -0.00244 +/- 0.000305 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.711645 (-0400) +0.005500 +/- 0.040375 secs Sep 09 08:04:35 opensuse.site ntp[3730]: Time synchronized with ru.pool.ntp.org Also you could try to boot into run level 1 and verify time at this point. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am 14.07.2013 um 08:40 schrieb Andrey Borzenkov
В Sat, 13 Jul 2013 23:30:11 +0200 lynn
пишет: On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients!
Now I am completely confused. You mean that on this client mounting from /etc/fstab on boot does not work, but manual mounting after boot does work - still with wrong time offset?
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Are there any files in /var/run or /var/lock. I had simlar problems with an debian nfs-share in /etc/fstab. Ralf-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sun, 2013-07-14 at 12:19 +0400, Andrey Borzenkov wrote:
В Sun, 14 Jul 2013 09:19:00 +0200 lynn
пишет: On Sun, 2013-07-14 at 10:40 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 23:30:11 +0200 lynn
пишет: On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients!
Now I am completely confused. You mean that on this client mounting from /etc/fstab on boot does not work, but manual mounting after boot does work - still with wrong time offset?
Hi Yes, I see what you mean. The only explanation I can think of is that ntp was working but only after the tgs call. Which leaves me with the awful thought that the other clients mount not because of time sync with the KDC but only because they have their hardware time set correctly in the first pl1.00ace. Or could it be that it was in the wrong time zone? Or that the battery is dead? I think I'm going to turn a blind eye before someone mentions systemd;)
In this case you must have some messages from ntpd (or, better, from sntp that is used to initially set time) that it was doing large time jumps on startup. Do you have them? Something like
Sep 09 08:04:35 opensuse.site ntp[3730]: 9 Sep 08:04:35 sntp[3751]: Started sntp Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.752537 (-0400) -0.26917 +/- 0.032028 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.516363 (-0400) -0.00197 +/- 0.031769 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.643132 (-0400) -0.00244 +/- 0.000305 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.711645 (-0400) +0.005500 +/- 0.040375 secs Sep 09 08:04:35 opensuse.site ntp[3730]: Time synchronized with ru.pool.ntp.org
Also you could try to boot into run level 1 and verify time at this point.
There's something wrong: 2013-07-14T11:08:59.869841+01:00 catral boot.local[1109]: ntp.service loaded inactive dead LSB: Network time protocol daemon (ntpd) I think the only reason it's working is because I set the correct time in hardware somehow whilst I was messing around with ntp in yast. i.e. it's working because it isn't using ntp. Here is the log on the KDC: 2013-07-14T11:30:28.158286+02:00 hh16 systemd[1]: Starting LSB: Network time protocol daemon (ntpd)... 2013-07-14T11:30:28.685173+02:00 hh16 ntpd[1080]: ntpd 4.2.6p5@1.2349-o Fri Mar 1 11:32:34 UTC 2013 (1) 2013-07-14T11:30:28.692077+02:00 hh16 ntp[1046]: Starting network time protocol daemon (NTPD)..done 2013-07-14T11:30:28.692420+02:00 hh16 systemd[1]: Started LSB: Network time protocol daemon (ntpd). 2013-07-14T11:30:28.702504+02:00 hh16 ntpd[1081]: proto: precision = 0.114 usec 2013-07-14T11:30:28.703081+02:00 hh16 ntpd[1081]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 2013-07-14T11:30:28.703682+02:00 hh16 ntpd[1081]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 2013-07-14T11:30:28.704245+02:00 hh16 ntpd[1081]: Listen and drop on 1 v6wildcard :: UDP 123 2013-07-14T11:30:28.704796+02:00 hh16 ntpd[1081]: Listen normally on 2 lo 127.0.0.1 UDP 123 2013-07-14T11:30:28.705367+02:00 hh16 ntpd[1081]: Listen normally on 3 eth0 192.168.1.16 UDP 123 2013-07-14T11:30:28.706749+02:00 hh16 ntpd[1081]: Listen normally on 4 lo ::1 UDP 123 2013-07-14T11:30:28.707965+02:00 hh16 ntpd[1081]: peers refreshed 2013-07-14T11:30:28.708572+02:00 hh16 ntpd[1081]: Listening on routing socket on fd #21 for interface updates 2013-07-14T11:30:31.322517+02:00 hh16 boot.local[1050]: var-lib-ntp-proc.mount loaded active mounted /var/lib/ntp/proc 2013-07-14T11:30:31.330220+02:00 hh16 boot.local[1050]: ntp.service loaded active running LSB: Network time protocol daemon (ntpd) This is working fine. All the Spanish machines work with this time. e.g., here's the file server: 2013-07-14T11:37:14.609891+02:00 altea ntpd[509]: peers refreshed 2013-07-14T11:37:14.736518+02:00 altea ntpd[509]: Listening on routing socket on fd #22 for interface updates On the problem client, I used Yast to 'Now and on Boot' for ntp: 2013-07-14T10:44:06.286439+01:00 catral sntp[1247]: Started sntp 2013-07-14T10:44:06.308130+01:00 catral sntp[1247]: kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod 2013-07-14T10:44:06.538097+01:00 catral sntp[1250]: Started sntp 2013-07-14T10:44:06.578755+01:00 catral sntp[1250]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported 2013-07-14T10:44:22.983921+01:00 catral sntp[1256]: Started sntp 2013-07-14T10:44:23.078058+01:00 catral sntp[1256]: Error looking up (A) ntp.hh3.site: Name or service not known 2013-07-14T10:44:23.253676+01:00 catral sntp[1259]: Started sntp 2013-07-14T10:44:23.274654+01:00 catral sntp[1259]: Error looking up (AAAA) ntp.hh3.site: Name or service not known 2013-07-14T10:44:32.245859+01:00 catral sntp[1263]: Started sntp 2013-07-14T10:44:32.425933+01:00 catral sntp[1266]: Started sntp 2013-07-14T10:44:32.438542+01:00 catral sntp[1266]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported 2013-07-14T10:47:43.038770+01:00 catral sntp[1297]: Started sntp 2013-07-14T10:47:59.224708+01:00 catral systemd[1]: Starting LSB: Network time protocol daemon (ntpd)... 2013-07-14T10:47:59.655017+01:00 catral ntpd[1349]: ntpd 4.2.6p5@1.2349-o Fri Mar 1 11:32:25 UTC 2013 (1) 2013-07-14T10:47:59.665276+01:00 catral ntpd[1350]: proto: precision = 2.217 usec 2013-07-14T10:47:59.681385+01:00 catral ntp[1331]: Starting network time protocol daemon (NTPD)..done 2013-07-14T10:47:59.700763+01:00 catral systemd[1]: Started LSB: Network time protocol daemon (ntpd). 2013-07-14T10:47:59.725546+01:00 catral ntpd[1350]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 2013-07-14T10:47:59.731827+01:00 catral ntpd[1350]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 2013-07-14T10:47:59.765390+01:00 catral ntpd[1350]: Listen and drop on 1 v6wildcard :: UDP 123 2013-07-14T10:47:59.781972+01:00 catral ntpd[1350]: Listen normally on 2 lo 127.0.0.1 UDP 123 2013-07-14T10:47:59.798260+01:00 catral ntpd[1350]: Listen normally on 3 eth0 192.168.1.101 UDP 123 2013-07-14T10:47:59.839459+01:00 catral ntpd[1350]: Listen normally on 4 lo ::1 UDP 123 2013-07-14T10:47:59.866824+01:00 catral ntpd[1350]: Listen normally on 5 eth0 fe80::a00:27ff:fe7f:8e13 UDP 123 2013-07-14T10:47:59.873397+01:00 catral ntpd[1350]: peers refreshed 2013-07-14T10:47:59.891603+01:00 catral ntpd[1350]: Listening on routing socket on fd #22 for interface updates Why is it an hour slow? If I disable ntp, I get the correct time. I can now boot the cifs from fstab but users can't access it after it's booted unless I turn off ntp and reboot. They can't authenticate because of the clock skew or whatever Kerberos calls it. The time zone is wrong. The time is wrong. It was installed in UK. It's now in Spain. Why doesn't the ntp server tell it where it is? The Spanish boxes are fine. I tested one by deliberately setting the time wrong using date. Not only was the time correct, but the cifs shares got mounted too which suggests that systemd has indeed got the boot order correct and ntp is up before it hits the cifs lines in fstab. I can remember a map of the world screen in Yast installation and various time options. If I could get back to that, I'd probably be able to solve this. Is the only way to change the region of a machine by reinstalling? Thanks for your patience. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday, 2013-07-14 at 12:26 +0200, lynn wrote: ...
On the problem client, I used Yast to 'Now and on Boot' for ntp:
2013-07-14T10:44:06.286439+01:00 catral sntp[1247]: Started sntp 2013-07-14T10:44:06.308130+01:00 catral sntp[1247]: kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod 2013-07-14T10:44:06.538097+01:00 catral sntp[1250]: Started sntp 2013-07-14T10:44:06.578755+01:00 catral sntp[1250]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported
Isn't four 'A' used for IPv6?
2013-07-14T10:44:22.983921+01:00 catral sntp[1256]: Started sntp 2013-07-14T10:44:23.078058+01:00 catral sntp[1256]: Error looking up (A) ntp.hh3.site: Name or service not known
You have a DNS problem there, or you stated the wrong site.
2013-07-14T10:44:23.253676+01:00 catral sntp[1259]: Started sntp 2013-07-14T10:44:23.274654+01:00 catral sntp[1259]: Error looking up (AAAA) ntp.hh3.site: Name or service not known 2013-07-14T10:44:32.245859+01:00 catral sntp[1263]: Started sntp 2013-07-14T10:44:32.425933+01:00 catral sntp[1266]: Started sntp 2013-07-14T10:44:32.438542+01:00 catral sntp[1266]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported 2013-07-14T10:47:43.038770+01:00 catral sntp[1297]: Started sntp 2013-07-14T10:47:59.224708+01:00 catral systemd[1]: Starting LSB: Network time protocol daemon (ntpd)... 2013-07-14T10:47:59.655017+01:00 catral ntpd[1349]: ntpd 4.2.6p5@1.2349-o Fri Mar 1 11:32:25 UTC 2013 (1) 2013-07-14T10:47:59.665276+01:00 catral ntpd[1350]: proto: precision = 2.217 usec 2013-07-14T10:47:59.681385+01:00 catral ntp[1331]: Starting network time protocol daemon (NTPD)..done 2013-07-14T10:47:59.700763+01:00 catral systemd[1]: Started LSB: Network time protocol daemon (ntpd). 2013-07-14T10:47:59.725546+01:00 catral ntpd[1350]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 2013-07-14T10:47:59.731827+01:00 catral ntpd[1350]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 2013-07-14T10:47:59.765390+01:00 catral ntpd[1350]: Listen and drop on 1 v6wildcard :: UDP 123 2013-07-14T10:47:59.781972+01:00 catral ntpd[1350]: Listen normally on 2 lo 127.0.0.1 UDP 123 2013-07-14T10:47:59.798260+01:00 catral ntpd[1350]: Listen normally on 3 eth0 192.168.1.101 UDP 123 2013-07-14T10:47:59.839459+01:00 catral ntpd[1350]: Listen normally on 4 lo ::1 UDP 123 2013-07-14T10:47:59.866824+01:00 catral ntpd[1350]: Listen normally on 5 eth0 fe80::a00:27ff:fe7f:8e13 UDP 123 2013-07-14T10:47:59.873397+01:00 catral ntpd[1350]: peers refreshed 2013-07-14T10:47:59.891603+01:00 catral ntpd[1350]: Listening on routing socket on fd #22 for interface updates
Why is it an hour slow? If I disable ntp, I get the correct time.
Where do you see above that it is an hour slow? Is that log for a machine in Spain? The locale is wrong.
The time zone is wrong. The time is wrong. It was installed in UK. It's now in Spain. Why doesn't the ntp server tell it where it is?
The ntp server does not care where it is placed, because it always use UTC time. It is you who cares where you (not the machine) is, and you have not told the system that the local time is for Spain, not the UK.
I can remember a map of the world screen in Yast installation and various time options. If I could get back to that, I'd probably be able to solve this. Is the only way to change the region of a machine by reinstalling?
YaST --> date and time settings. The map is there. Or simply edit "/etc/sysconfig/clock", the entry: TIMEZONE="Europe/Madrid" DEFAULT_TIMEZONE="Europe/Madrid" But then you have to run something that does what SuSEconfig did, but it was deprecated and I don't know what replaces it now. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlHioYQACgkQtTMYHG2NR9WIMACfRCTj32NLmmRs6TbBfWcz802R Y+MAniCRq5+nUi4Tcd2n5z9HSFqq8ZXQ =2Fyy -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sun, 2013-07-14 at 15:03 +0200, Carlos E. R. wrote:
On Sunday, 2013-07-14 at 12:26 +0200, lynn wrote:
...
On the problem client, I used Yast to 'Now and on Boot' for ntp:
2013-07-14T10:44:06.286439+01:00 catral sntp[1247]: Started sntp 2013-07-14T10:44:06.308130+01:00 catral sntp[1247]: kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod 2013-07-14T10:44:06.538097+01:00 catral sntp[1250]: Started sntp 2013-07-14T10:44:06.578755+01:00 catral sntp[1250]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported
Isn't four 'A' used for IPv6?
2013-07-14T10:44:22.983921+01:00 catral sntp[1256]: Started sntp 2013-07-14T10:44:23.078058+01:00 catral sntp[1256]: Error looking up (A) ntp.hh3.site: Name or service not known
You have a DNS problem there, or you stated the wrong site.
2013-07-14T10:44:23.253676+01:00 catral sntp[1259]: Started sntp
2013-07-14T10:47:59.891603+01:00 catral ntpd[1350]: Listening on routing socket on fd #22 for interface updates
Why is it an hour slow? If I disable ntp, I get the correct time.
Where do you see above that it is an hour slow?
If you look at the KDC log and the file server log, they are both an hour ahead, give or take the few minutes it takes for me to get at them to include in the post.
Is that log for a machine in Spain? The locale is wrong.
The machine is in Spain. It was installed and configured in UK.
The time zone is wrong. The time is wrong. It was installed in UK. It's now in Spain. Why doesn't the ntp server tell it where it is?
The ntp server does not care where it is placed, because it always use UTC time. It is you who cares where you (not the machine) is, and you have not told the system that the local time is for Spain, not the UK.
The time on the client has to be within 300s of the KDC. That's all I'm asking for. The computer is in Spain. I have set ntp using Yast to the IP of the KDC. It says that it 'responds correctly' OWTTE. The KDC gets its time once a day or so from a human being as it can't connect to the 'net.
I can remember a map of the world screen in Yast installation and various time options. If I could get back to that, I'd probably be able to solve this. Is the only way to change the region of a machine by reinstalling?
YaST --> date and time settings. The map is there.
OK. I found it. I set the time correctly, but now it's 2 hours slow. No matter what time I put, it's always 1 or 2 hours slow of the time I've set. Here is the map with my last attempt at nailing this: https://dl.dropboxusercontent.com/u/45150875/map.png I set the time to 17:10 (the correct time now in Spain). As soon as I click OK to get back to the map, it now tells me it's 2 hours earlier. If I set the time 2 hours ahead then it shows the correct time but of course Kerberos won't have it. What do I have to do to tell the box that it is now in Spain and not in London? I think the answer is, you can't do it. It would have been far less hassle just reinstalling the thing. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday, 2013-07-14 at 17:34 +0200, lynn wrote:
YaST --> date and time settings. The map is there.
OK. I found it. I set the time correctly, but now it's 2 hours slow. No matter what time I put, it's always 1 or 2 hours slow of the time I've set. Here is the map with my last attempt at nailing this: https://dl.dropboxusercontent.com/u/45150875/map.png I set the time to 17:10 (the correct time now in Spain). As soon as I click OK to get back to the map, it now tells me it's 2 hours earlier. If I set the time 2 hours ahead then it shows the correct time but of course Kerberos won't have it.
What do I have to do to tell the box that it is now in Spain and not in London? I think the answer is, you can't do it. It would have been far less hassle just reinstalling the thing.
I think you have not your ideas about time in order :-P Ok, run these and paste it all here. date --rfc-3339=seconds date --utc hwclock --debug And also tell me your wall clock. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlHiyx4ACgkQtTMYHG2NR9U4QwCbB82rGwHirsPLZrAG9h3oqEff 3ZwAnA6SrftSwl/QnmiVbulR/vsHwSHS =+pay -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sun, 2013-07-14 at 18:00 +0200, Carlos E. R. wrote:
I think you have not your ideas about time in order :-P
Ok, run these and paste it all here.
date --rfc-3339=seconds
date --rfc-3339=seconds 2013-07-14 19:23:47+02:00
date --utc date --utc dom jul 14 17:24:36 UTC 2013
hwclock --debug hwclock --debug hwclock de util-linux 2.21.2 Utilizando /dev interface to clock. Último ajuste de desfase realizado 0 segundos después de 1969 Última calibración realizada 0 segundos después de 1969 El reloj de hardware tiene la hora local Se presupone que el reloj de hardware tiene la hora local. Esperando señal de reloj... ...recibida señal de reloj Hora leída del reloj de hardware: 2013/07/14 19:25:32 Hora del reloj de hardware: 2013/07/14 19:25:32 = 1373822732 segundos desde 1969 dom 14 jul 2013 19:25:32 CEST -0.086636 segundos
And also tell me your wall clock.
Casi las 21:30 Saludos L x
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday, 2013-07-14 at 21:28 +0200, lynn wrote:
On Sun, 2013-07-14 at 18:00 +0200, Carlos E. R. wrote:
Ok, run these and paste it all here.
I prefer seeing the prompts et all in the screen captures. I'ts clearer for me.
date --rfc-3339=seconds 2013-07-14 19:23:47+02:00
date --utc dom jul 14 17:24:36 UTC 2013
hwclock --debug hwclock de util-linux 2.21.2 Utilizando /dev interface to clock. Último ajuste de desfase realizado 0 segundos después de 1969 Última calibración realizada 0 segundos después de 1969 El reloj de hardware tiene la hora local Se presupone que el reloj de hardware tiene la hora local. Esperando señal de reloj... ...recibida señal de reloj Hora leída del reloj de hardware: 2013/07/14 19:25:32 Hora del reloj de hardware: 2013/07/14 19:25:32 = 1373822732 segundos desde 1969 dom 14 jul 2013 19:25:32 CEST -0.086636 segundos
And also tell me your wall clock.
Casi las 21:30
Ok, ntp is not working there. Run this: minas-tirith:~ # export LANG=en_US.UTF-8 # <=== Yes, we want this ;-) minas-tirith:~ # rcntp ntptimeset 14 Jul 22:14:09 sntp[24250]: Started sntp 2013-07-14 22:14:15.317304 (-0100) +64.844103 +/- 0.078217 secs 2013-07-14 22:15:20.575671 (-0100) +0.166475 +/- 0.021225 secs 2013-07-14 22:15:20.830866 (-0100) -0.170358 +/- 0.096390 secs Time synchronized with 0.pool.ntp.org minas-tirith:~ # That is on 11.4 using systemv, but 12.3 has the same syntax: Telcontar:~ # export LANG=en_US.UTF-8 Telcontar:~ # rcntp ntptimeset 14 Jul 22:16:39 sntp[19244]: Started sntp 2013-07-14 22:16:40.037081 (-0100) +0.259999 +/- 0.022415 secs 2013-07-14 22:16:40.386063 (-0100) -0.266566 +/- 0.097595 secs 14 Jul 22:16:50 sntp[19244]: Received no useable packet from 46.19.36.161! Time synchronized with 0.pool.ntp.org Telcontar:~ # Then: minas-tirith:~ # date --rfc-3339=seconds ; date --utc ; echo; hwclock --debug 2013-07-14 22:20:05+02:00 Sun Jul 14 20:20:05 UTC 2013 hwclock from util-linux 2.19 Using /dev interface to clock. Last drift adjustment done at 1373657971 seconds after 1969 Last calibration done at 1373657971 seconds after 1969 Hardware clock is on UTC time Assuming hardware clock is kept in UTC time. Waiting for clock tick... ...got clock tick Time read from Hardware Clock: 2013/07/14 20:19:03 Hw clock time : 2013/07/14 20:19:03 = 1373833143 seconds since 1969 2013-07-14T22:19:03 CEST -0.079896 seconds minas-tirith:~ # Question: why is that computer having the cmos clock in local time? Are you double booting to Windows? If the answer is "no", then put that computer cmos clock on UTC ASAP. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlHjCioACgkQtTMYHG2NR9VWrwCfVe424Iyz+Tjkkrtn7PoS50es jh0AnAjOPEZF09gHtfF5eNuNs0yW9H2N =FU+l -----END PGP SIGNATURE-----
On 14/07/13 22:29, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Sunday, 2013-07-14 at 21:28 +0200, lynn wrote:
On Sun, 2013-07-14 at 18:00 +0200, Carlos E. R. wrote:
Ok, run these and paste it all here.
I prefer seeing the prompts et all in the screen captures. I'ts clearer for me.
date --rfc-3339=seconds 2013-07-14 19:23:47+02:00
date --utc dom jul 14 17:24:36 UTC 2013
hwclock --debug hwclock de util-linux 2.21.2 Utilizando /dev interface to clock. Último ajuste de desfase realizado 0 segundos después de 1969 Última calibración realizada 0 segundos después de 1969 El reloj de hardware tiene la hora local Se presupone que el reloj de hardware tiene la hora local. Esperando señal de reloj... ...recibida señal de reloj Hora leída del reloj de hardware: 2013/07/14 19:25:32 Hora del reloj de hardware: 2013/07/14 19:25:32 = 1373822732 segundos desde 1969 dom 14 jul 2013 19:25:32 CEST -0.086636 segundos
And also tell me your wall clock.
Casi las 21:30
Ok, ntp is not working there. Run this:
minas-tirith:~ # export LANG=en_US.UTF-8 # <=== Yes, we want this ;-) minas-tirith:~ # rcntp ntptimeset 14 Jul 22:14:09 sntp[24250]: Started sntp 2013-07-14 22:14:15.317304 (-0100) +64.844103 +/- 0.078217 secs 2013-07-14 22:15:20.575671 (-0100) +0.166475 +/- 0.021225 secs 2013-07-14 22:15:20.830866 (-0100) -0.170358 +/- 0.096390 secs Time synchronized with 0.pool.ntp.org minas-tirith:~ #
That is on 11.4 using systemv, but 12.3 has the same syntax:
Telcontar:~ # export LANG=en_US.UTF-8 Telcontar:~ # rcntp ntptimeset 14 Jul 22:16:39 sntp[19244]: Started sntp 2013-07-14 22:16:40.037081 (-0100) +0.259999 +/- 0.022415 secs 2013-07-14 22:16:40.386063 (-0100) -0.266566 +/- 0.097595 secs 14 Jul 22:16:50 sntp[19244]: Received no useable packet from 46.19.36.161! Time synchronized with 0.pool.ntp.org Telcontar:~ #
Then:
minas-tirith:~ # date --rfc-3339=seconds ; date --utc ; echo; hwclock --debug 2013-07-14 22:20:05+02:00 Sun Jul 14 20:20:05 UTC 2013
hwclock from util-linux 2.19 Using /dev interface to clock. Last drift adjustment done at 1373657971 seconds after 1969 Last calibration done at 1373657971 seconds after 1969 Hardware clock is on UTC time Assuming hardware clock is kept in UTC time. Waiting for clock tick... ...got clock tick Time read from Hardware Clock: 2013/07/14 20:19:03 Hw clock time : 2013/07/14 20:19:03 = 1373833143 seconds since 1969 2013-07-14T22:19:03 CEST -0.079896 seconds minas-tirith:~ #
Question: why is that computer having the cmos clock in local time? Are you double booting to Windows? If the answer is "no", then put that computer cmos clock on UTC ASAP.
No. There is no double booting. You either have a 12.3 client or you have a win7 client. I checked 'Reloj de hardware establecido en UTC' under the Yast map. How does this look? catral:~ # export LANG=en_US.UTF-8 catral:~ # export LANG=en_US.UTF-8 catral:~ # rcntp ntptimeset 14 Jul 23:47:49 sntp[6654]: Started sntp 2013-07-14 23:47:50.007974 (-0100) +0.000083 +/- 0.116409 secs Time synchronized with 192.168.1.16 Sun 14 Jul 2013 11:48:17 PM CEST -0.084480 seconds catral:~ # date --rfc-3339=seconds ; date --utc ; echo; hwclock --debug 2013-07-14 23:48:42+02:00 Sun Jul 14 21:48:42 UTC 2013 hwclock from util-linux 2.21.2 Using /dev interface to clock. Last drift adjustment done at 1373838324 seconds after 1969 Last calibration done at 1373838324 seconds after 1969 Hardware clock is on UTC time Assuming hardware clock is kept in UTC time. Waiting for clock tick... ...got clock tick Time read from Hardware Clock: 2013/07/14 21:48:42 Hw clock time : 2013/07/14 21:48:42 = 1373838522 seconds since 1969 Sun 14 Jul 2013 11:48:42 PM CEST -0.295972 seconds And WAHEYYY, sure enough: catral:~ # date dom jul 14 23:50:23 CEST 2013 It survives a reboot and the TGS call to cifs works perfectly. Even Kerberos is happy:: 2013-07-15T00:24:20.757380+02:00 catral cifs.upcall: key description: cifs.spnego;0;0;3f000000;ver=0x2;host=altea;ip4=192.168.1.100;sec=krb5;uid=0x0;creduid=0x0;user=cifsuser;pid=0x31b5 2013-07-15T00:24:20.766621+02:00 catral cifs.upcall: ver=2 2013-07-15T00:24:20.774420+02:00 catral cifs.upcall: host=altea 2013-07-15T00:24:20.779372+02:00 catral cifs.upcall: ip=192.168.1.100 2013-07-15T00:24:20.782293+02:00 catral cifs.upcall: sec=1 2013-07-15T00:24:20.785109+02:00 catral cifs.upcall: uid=0 2013-07-15T00:24:20.795248+02:00 catral cifs.upcall: creduid=0 2013-07-15T00:24:20.797131+02:00 catral cifs.upcall: user=cifsuser 2013-07-15T00:24:20.798140+02:00 catral cifs.upcall: pid=12725 2013-07-15T00:24:20.799737+02:00 catral cifs.upcall: find_krb5_cc: scandir error on directory '/run/user/0': No such file or directory 2013-07-15T00:24:20.802137+02:00 catral cifs.upcall: find_krb5_cc: considering /tmp/krb5cc_0 2013-07-15T00:24:20.803683+02:00 catral cifs.upcall: find_krb5_cc: FILE:/tmp/krb5cc_0 is valid ccache 2013-07-15T00:24:20.805601+02:00 catral cifs.upcall: handle_krb5_mech: getting service ticket for altea 2013-07-15T00:24:20.806871+02:00 catral cifs.upcall: handle_krb5_mech: obtained service ticket 2013-07-15T00:24:20.808225+02:00 catral cifs.upcall: Exit status 0 Thanks, L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, 2013-07-15 at 00:27 +0200, lynn wrote:
On 14/07/13 22:29, Carlos E. R. wrote:
And WAHEYYY, sure enough: catral:~ # date dom jul 14 23:50:23 CEST 2013
And it matches your wall clock, right?
It survives a reboot and the TGS call to cifs works perfectly. Even Kerberos is happy::
Ok, then your ntp daemon was running wrong. You will have to keep an eye on it. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlHjOQAACgkQtTMYHG2NR9UX2gCfbdZkH607KtzG2BuOKGmkXgzI RIoAn12HFnBzBxWMjo14wfSEDVNdrlNJ =HKYB -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Mon, 2013-07-15 at 01:49 +0200, Carlos E. R. wrote:
On Monday, 2013-07-15 at 00:27 +0200, lynn wrote:
On 14/07/13 22:29, Carlos E. R. wrote:
And WAHEYYY, sure enough: catral:~ # date dom jul 14 23:50:23 CEST 2013
And it matches your wall clock, right?
It survives a reboot and the TGS call to cifs works perfectly. Even Kerberos is happy::
Ok, then your ntp daemon was running wrong. You will have to keep an eye on it.
OK. I left it going all night. I destroyed my ticket, rebooted and logged in again using my domain account. It's close on 8:30 by my watch: lynn2@catral:~> date Mon 15 Jul 08:29:42 CEST 2013 The the cifs.upcall has worked and I got a ticket for the file server no problem at all. Thanks, L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, 2013-07-15 at 08:35 +0200, lynn wrote:
On Mon, 2013-07-15 at 01:49 +0200, Carlos E. R. wrote:
Ok, then your ntp daemon was running wrong. You will have to keep an eye on it.
OK. I left it going all night. I destroyed my ticket, rebooted and logged in again using my domain account. It's close on 8:30 by my watch: lynn2@catral:~> date Mon 15 Jul 08:29:42 CEST 2013
The the cifs.upcall has worked and I got a ticket for the file server no problem at all.
Keep an eye with "rcntp status" now and then. I'm not sure you can keep a daemon if only one ntp server is defined. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlHjqbEACgkQtTMYHG2NR9UuMACeOv11Suauq72zbNnXyLy1s4wy XmgAnj0445JOJxOMiRzqt2OUXy2sJLwj =h89L -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (8)
-
Andrey Borzenkov
-
Carlos E. R.
-
Dylan
-
Felix Miata
-
Linda Walsh
-
lynn
-
Per Jessen
-
Ralf Prengel