Hi
This is my first post here so hi everyone.
My problem is that if I export an nfs4 share 'conventionally', the
mounted share is mounted rw. If I mount using gss/krb5 it is read only.
I think I can explain this best using examples of what I've tried:
openSUSE 12.1
/etc/fstab:
/home /export/home none rw,bind 0 0
1. kerberized /etc/exports
/export gss/krb5(rw,fsid=0,insecure,no_subtree_check,async)
/export/home gss/krb5(rw,nohide,insecure,no_subtree_check,async)
then:
mount -t nfs4 hh3:/home /mnt -o sec=krb5
no write access
2. conventional /etc/exports
/export *(rw,fsid=0,insecure,no_subtree_check,async)
/export/home *(rw,nohide,insecure,no_subtree_check,async)
then:
mount -t nfs4 hh3:/home /mnt
write access OK
3. kerberized variation on /etc/exports
/export *(rw,fsid=0,crossmnt,insecure,no_subtree_check,async,sec=krb5)
/export/home *(rw,insecure,no_subtree_check,async,sec=krb5)
then:
mount -t nfs4 hh3:/home /mnt -o sec=krb5
no write access
I have tried all combos of crossmnt and nohide
idmapd seems to be mapping correctly and id<user> gives what getent
gives
Any ideas? Why does the kerberized mount not allow rw access? Could this
be a nfs4 problem or a Kerberos problem?
Thanks,
Steve