Chuck Lever wrote: Before we go too far down the NM path of no return, I was under the impression that some applications require the host's name on the localhost entries in /etc/hosts. That's why NM puts it there. There's nothing invalid about having a hostname on the localhost entries in /etc/hosts, is there? So I wonder if removing NM is really the solution here. No, it's not. I just like to complain about NM. The original problem was that rpc.svcgssd couldn't figure out the correct kerberos realm. The fix in this particular case, I think, is to set the realm explicitly in /etc/idmapd.conf. But a more general problem is that if you don't set a realm in /etc/idmapd.conf, the fallback is to whatever is returned by gethostname(). Shouldn't the fallback be to what is in krb5.conf? In general, I think it's a mistake to assume that a host's security realm is the same as its dns domain, especially given host mobility, the lack of security in dns, and the existence of other methods (krb5.conf) to determine the security realm. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
