Return-Path: linux-nfs-owner@vger.kernel.org Received: from mailout-de.gmx.net ([213.165.64.22]:33968 "HELO mailout-de.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1752463Ab2BMKCA (ORCPT ); Mon, 13 Feb 2012 05:02:00 -0500 Date: Mon, 13 Feb 2012 11:01:51 +0100 From: To: steve Cc: linux-nfs@vger.kernel.org Subject: Re: mount hangs in NFS4+Kerberos setup Message-ID: <20120213110151.1424c09d@little-poseidon> In-Reply-To: <4F355CD2.6040603@steve-ss.com> References: <20120210154526.7b504146@little-poseidon> <4F35512A.9050500@steve-ss.com> <20120210184154.03fb6907@little-poseidon> <4F355CD2.6040603@steve-ss.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-nfs-owner@vger.kernel.org List-ID: > Officially, you should not export from a pseudo root. Please see the > last few lines in the link I sent. I removed the pseudo root entry. /etc/exports: /srv/opt *(sec=sys:krb5,rw,sync,no_subtree_check) but now I get: Feb 13 10:43:45 tm mountd[18045]: Kernel does not have pseudo root support. Feb 13 10:43:45 tm mountd[18045]: NFS v4 mounts will be disabled unless fsid=0 Feb 13 10:43:45 tm mountd[18045]: is specfied in /etc/exports file. Also I can't mount on client anymore: # mount -t nfs4 :/opt /opt mount.nfs4: mounting ...:/opt failed, reason given by server: No such file or directory # mount -t nfs4 :/srv/opt /opt mount.nfs4: mounting ...:/srv/opt failed, reason given by server: No such file or directory > man rpc.gssd(8) adds: > > Previous versions of > rpc.gssd used only "nfs/*" keys found within the keytab. To be more > consistent with other implementations, we now look for specific > keytab entries. The search order for keytabs to be used for "machine > credentials" is now: > $@ > root/@ > nfs/@ > host/@ > I see your setup uses the root principal. If you still get access > denied, create another keytab with just the machine$ and host/fqdn > keys. I can remember having to fiddle with nfs-utils and keytabs on > openSUSE at some stage last year. I started with host/... and nfs/... principals and got an access denied error while mounting. Thus I added the root principal also. Which of the four mentioned keys are necessary, resp. which combinations are sufficient? Or do I always need host, nfs and root? regards knut