Re: mount hangs in NFS4+Kerberos setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> I believe you have not set the Local-Realms, so libnfsidmapd.023 uses
> the default of the upper-case of the local domain-name. Thus the
> nss_gss_print_ids error message:
> 
> > Feb 10 14:45:17 tm rpc.svcgssd[1335]: nss_gss_princ_to_ids:
> > Local-Realm '<MYREALM>': NOT FOUND
> 
> Try setting the Local-Realms =  in /etc/idmapd.conf.

I'm a bit confused because <MYREALM> in the error message is the
correct realm.

I altered the idmapd.conf (server and client). Just be be sure we speak
about the same things:

<MYREALM>:      MYSERVERHOSTNAME.SUB1.DOMAIN.TLD
server:         myserverhostname.sub1.domain.tld
client:    myclienthostname.sub2.sub1.domain.tld

/etc/idmapd.conf  
Domain = myserverhostname.sub1.domain.tld
Local-Realm = MYSERVERHOSTNAME.SUB1.DOMAIN.TLD

> # The following should be set to the local NFSv4 domain name
> # The default is the host's DNS domain name.
> #Domain = local.domain.edu

I wondered if a "local domain name" should include the hostname or not,
thus I tried sub1.domain.tld and also myserverhostname.sub1.domain.tld
The later worked and let the error message disappear from the log. The
rest is the same and mount still hangs.

regards
 knut


server log:

Feb 13 10:23:29 tm rpc.svcgssd[18043]: leaving poll
Feb 13 10:23:29 tm rpc.svcgssd[18043]: handling null request
Feb 13 10:23:29 tm rpc.svcgssd[18043]: sname = root/<client-fqdn>@<MYREALM>
Feb 13 10:23:29 tm rpc.svcgssd[18043]: DEBUG: serialize_krb5_ctx: lucid version!
Feb 13 10:23:29 tm rpc.svcgssd[18043]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8
Feb 13 10:23:29 tm rpc.svcgssd[18043]: doing downcall
Feb 13 10:23:29 tm rpc.svcgssd[18043]: mech: krb5, hndl len: 4, ctx len 85, timeout: 1329211409 (86400 from now), clnt: root@<client-fqdn>, uid: -1, gid: -1, num aux grps: 0:
Feb 13 10:23:29 tm rpc.svcgssd[18043]: sending null reply
Feb 13 10:23:29 tm rpc.svcgssd[18043]: writing message: \x... 1329125069 0 0 \x02000000 \x...
Feb 13 10:23:29 tm rpc.svcgssd[18043]: finished handling null request
Feb 13 10:23:29 tm rpc.svcgssd[18043]: entering poll

--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux