From: Per Olofsson Subject: NFSv3+Krb5 and mountd Date: Tue, 24 Aug 2004 20:41:38 +0200 Sender: nfs-admin@lists.sourceforge.net Message-ID: <20040824184138.GB3251@nasse> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from sc8-sf-mx1-b.sourceforge.net ([10.3.1.11] helo=sc8-sf-mx1.sourceforge.net) by sc8-sf-list2.sourceforge.net with esmtp (Exim 4.30) id 1BzgEv-0001Ty-1x for nfs@lists.sourceforge.net; Tue, 24 Aug 2004 11:41:49 -0700 Received: from amsfep17-int.chello.nl ([213.46.243.15]) by sc8-sf-mx1.sourceforge.net with esmtp (Exim 4.34) id 1BzgEt-0003GA-Cw for nfs@lists.sourceforge.net; Tue, 24 Aug 2004 11:41:48 -0700 Received: from localhost ([213.89.140.172]) by amsfep17-int.chello.nl (InterMail vM.6.00.05.02 201-2115-109-103-20031105) with ESMTP id <20040824184139.VMYJ7145.amsfep17-int.chello.nl@localhost> for ; Tue, 24 Aug 2004 20:41:39 +0200 Received: from pelle by localhost with local (Exim 4.34) id 1BzgEk-0000rs-4N for nfs@lists.sourceforge.net; Tue, 24 Aug 2004 20:41:38 +0200 To: nfs@lists.sourceforge.net Errors-To: nfs-admin@lists.sourceforge.net List-Unsubscribe: , List-Id: Discussion of NFS under Linux development, interoperability, and testing. List-Post: List-Help: List-Subscribe: , List-Archive: Hi, I'm trying to use NFSv3 with Kerberos 5. I'm using Debian sarge with Linux 2.6.7, nfs-utils 1.0.6 with the CITI_NFS4_ALL-13 patch, and util-linux mount 2.12 with the CITI_NFS4_ALL patch. I added the following definition to /etc/exports: /tmpexp gss/krb5(rw) Then, on the client, I run: # mount -osec=krb5 oberon:/tmpexp /mnt mount: oberon:/tmpexp failed, reason given by server: Permission denied and it fails. According to the log: Aug 23 19:17:48 oberon rpc.mountd: refused mount request from mallinux.dsv.su.se for /tmpexp (/): not exported Now, I add the client machine's name to /etc/exports: /tmpexp gss/krb5(rw) mallinux(ro) And it works! I can tell that it uses Kerberos because I can write to the mounted fs if I have a ticket, but not without. The drawback is that I am now allowing AUTH_SYS mounting as well, which I want to avoid. Is this a bug in mountd? Is it difficult to fix? -- Pelle ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ NFS maillist - NFS@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfs