On 30/04/13 16:07, Peter Parzer wrote:
Hi,
Am 30.04.2013 15:22, schrieb Jeff Layton:
No, that's not what I'm saying at all. You can get the same effect by
setting up credentials for root in /etc/krb5.keytab. Just pass in the
correct username= mount option for the principal that you want root to
be.
Not exactly on the topic, but I have been struggling a long time with
this question. How can I setup credentials for root in
/etc/krb5.keytab? I do the cifs multiuser mount in /etc/fstab at boot
time. To create Kerberos tickets for root I have a network if-up hook
with the command "net ads kerberos kinit -P". Is there an easier way
using the keytab file?
Hi Peter
I'm a fellow struggler but I think I can answer this one. I just tested
it. You can choose anyone to be root. You can choose any key you happen
to have around in the keytab. We use the machine key because its
produced when you join the domain. If you didn't secify kerberos metod =
xxx before you joined, you can create the keys using net ads keytab
create -UAdminUser The, on boot run:
kinit -k MACHINE$
on boot and put the same command in a file under /etc/cron.hourly to
keep it alive.
I don't think this is the correct way, but hey it works.
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
