> If you're using kerberos then it's the kerberos principal name->uid > mapping that matters here. > > So: > >> [...] > > who did you kinit as before doing this? (What does klist say?) I kinit'ed as nfstest01@TADPOLE (my domain is .local, while the realm is TADPOLE, can this be a cause of the problem?) I repeated the same test with rpc.idmapd configured to use domain TADPOLE, results where the same. Unfortunately I found no log mentioning the principal used. =============================================== nfstest01@desktop:/mnt/nfs$ klist Ticket cache: FILE:/tmp/krb5cc_4321_CWpZhW Default principal: nfstest01@TADPOLE Valid starting Expires Service principal 09/27/10 19:42:07 09/28/10 19:42:07 krbtgt/TADPOLE@TADPOLE renew until 09/27/10 19:42:07 nfstest01@desktop:/mnt/nfs$ ls -l total 8 drwxrwxrwx 2 root root 4096 2010-07-04 16:00 heap drwxr-x--- 2 nfstest01 nfstest01 4096 2010-09-25 22:34 nfstest01 nfstest01@desktop:/mnt/nfs$ touch heap/test nfstest01@desktop:/mnt/nfs$ touch nfstest01/test touch: cannot touch `nfstest01/test': Permission denied nfstest01@desktop:/mnt/nfs$ klist Ticket cache: FILE:/tmp/krb5cc_4321_CWpZhW Default principal: nfstest01@TADPOLE Valid starting Expires Service principal 09/27/10 19:42:07 09/28/10 19:42:07 krbtgt/TADPOLE@TADPOLE renew until 09/27/10 19:42:07 09/27/10 19:42:25 09/28/10 19:42:07 nfs/iris.local@TADPOLE renew until 09/27/10 19:42:07 =============================================== I verified that the user nfstest01 exists on both systems in the respective /etc/passwd files. Best Regards Malte Zacharias -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
