Mailinglist Archive: opensuse-bugs (4669 mails)

< Previous Next >
[Bug 614293] NFS with kerberos identification isn't working
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 1 Sep 2010 05:16:23 +0000
  • Message-id: <20100901051623.93089CC7CE@xxxxxxxxxxxxxxxxxxxxxx>

https://bugzilla.novell.com/show_bug.cgi?id=614293

https://bugzilla.novell.com/show_bug.cgi?id=614293#c16


Suresh Jayaraman <sjayaraman@xxxxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |ASSIGNED
InfoProvider|mcaj@xxxxxxxxxx |

--- Comment #16 from Suresh Jayaraman <sjayaraman@xxxxxxxxxx> 2010-09-01
05:16:20 UTC ---
Looks like SLED11 SP1 is also affected with the same problem. There is a report
on nfsv4@xxxxxxxxxxxxxx Since the list has been deprecated for a few months now
there are no archives, so I'm pasting the email thread here:


Subject: Re: krb5 authentication error with nfs client 1.2.x
From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
Date: Tue, 31 Aug 2010 14:30:23 -0400
To: Richard Smits <R.Smits@xxxxxxxxxx>
CC: "nfsv4@xxxxxxxxxxxxx" <nfsv4@xxxxxxxxxxxxx>

On Tue, Aug 31, 2010 at 04:49:19PM +0200, Richard Smits wrote:
Hello,

We are working on a problem here what is getting bigger. I will explain.

Our clients are using SLED 11. If they upgrade to sp1, they get a
newer nfs client.

Client before update : nfs-client-1.1.3-18.17
Client after update : nfs-client-1.2.1-2.6.6

We are using krb5 authentication with an active directory. The nfs
mount we are trying to make is on a netapp nashead.

The scenario is as followes. The client works as expected. When you
ONLY upgrade the nfsclient package, we get an error :

Have you filed a SELD bug? Right off hand it looks like
599511589ca7ddb3b2eac8d3aa5b0b38be7a7691 in upstream libtirpc.

--b.


mount /mnt/nfs/
mount.nfs4: access denied by server while mounting srvxxx:/vol/vol1/target

I have enabled logging on the rpcgssd :

Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: Full hostname for
'srvxxx.domain.net' is 'srvxxx.domain.net'
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: Full hostname for
'server.domain.net' is 'server.domain.net'
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: Key table entry not found
while getting keytab entry for 'root
/server.domain.net@xxxxxxxxxx'
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: Success getting keytab
entry for 'nfs/server.domain.net@xxxxxxxxxx'
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: Successfully obtained
machine credentials for principal 'nfs/server.domain.net@xxxxxxxxxx'
stored in ccache 'FILE:/tmp/krb5cc_machine_DOMAIN.NET'
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: INFO: Credentials in CC
'FILE:/tmp/krb5cc_machine_DOMAIN.NET'
are good until 1283300229
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: using
FILE:/tmp/krb5cc_machine_DOMAIN.NET as credentials cache for machine
creds
Aug 31 16:17:09 vmlinux12 rpc.gssd[14072]: using environment
variable to select krb5 ccache FILE:/tmp/krb
5cc_machine_DOMAIN.NET
<snipped..>

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >