On Fri, Feb 11, 2011 at 1:38 PM, CeR <cer.inet@xxxxxxxxx> wrote: > > Hello. I have been trying to set up a local-teachpurpose-server at home. > > My enviroment: debian squeeze KVM/libvirt machine, with 2.6.32-5-amd64 kernel. > > When restarting services with the correct configuration, i get this: > As you can see, the keytab is there, with correct permissions to read by root. > > root@goku:~# /etc/init.d/nfs-common restart > Stopping NFS common utilities: gssd idmapd statd. > Starting NFS common utilities: statd idmapd gssd. > > root@goku:~# /etc/init.d/nfs-kernel-server restart > Stopping NFS kernel daemon: mountd svcgssd nfsd. > Unexporting directories for NFS kernel daemon.... > Exporting directories for NFS kernel daemon.... > Starting NFS kernel daemon: nfsd svcgssd failed! > > root@goku:~# tail /var/log/syslog > Feb 11 18:29:45 goku kernel: [ 2266.025197] nfsd: last server has > exited, flushing export cache > Feb 11 18:29:46 goku kernel: [ 2267.119699] svc: failed to register > lockdv1 RPC service (errno 97). > Feb 11 18:29:46 goku kernel: [ 2267.121318] NFSD: Using > /var/lib/nfs/v4recovery as the NFSv4 state recovery directory > Feb 11 18:29:46 goku kernel: [ 2267.122284] NFSD: starting 90-second > grace period > Feb 11 18:29:46 goku rpc.svcgssd[2333]: ERROR: GSS-API: error in > gss_acquire_cred(): Unspecified GSS failure. Minor code may provide > more information - Key table entry not found > Feb 11 18:29:46 goku rpc.svcgssd[2333]: unable to obtain root > (machine) credentials > Feb 11 18:29:46 goku rpc.svcgssd[2333]: do you have a keytab entry for > nfs/<your.host>@<YOUR.REALM> in /etc/krb5.keytab? > > root@goku:~# ls -l /etc/krb5.keytab > -rw-r----- 1 root openldap 1210 feb 11 11:11 /etc/krb5.keytab > > root@goku:~# klist -k > Keytab name: WRFILE:/etc/krb5.keytab > KVNO Principal > ---- -------------------------------------------------------------------------- > 2 host/goku.example.com@xxxxxxxxxxx > 2 host/goku.example.com@xxxxxxxxxxx > 2 host/goku.example.com@xxxxxxxxxxx > 2 host/goku.example.com@xxxxxxxxxxx > 2 ldap/goku.example.com@xxxxxxxxxxx > 2 ldap/goku.example.com@xxxxxxxxxxx > 2 ldap/goku.example.com@xxxxxxxxxxx > 2 ldap/goku.example.com@xxxxxxxxxxx > 4 nfs/goku.example.com@xxxxxxxxxxx > 4 nfs/goku.example.com@xxxxxxxxxxx > 4 nfs/goku.example.com@xxxxxxxxxxx > 4 nfs/goku.example.com@xxxxxxxxxxx > > > Is a bug? A incompatibility between my packages versions? A > configuration problem? Any idea? > > > Thank you. Best regards. First, with this kernel version, you should only have one keytab entry for nfs/goku.example.com with a DES key. (You don't show the enctypes, but I see you have 4 keys for nfs.) You won't hit this problem until you get past the other error. Make sure the reverse look-up for your server's host returns the correct name. (Matching the name in the keytab, "goku.example.com") Perhaps send a copy of /etc/hosts and your /etc/krb5.conf to see what might be misconfigured. K.C. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
