On Wed, Feb 29, 2012 at 03:26:33PM +0100, steve wrote: > On 02/29/2012 03:09 PM, J. Bruce Fields wrote: > >On Wed, Feb 29, 2012 at 03:04:28PM +0100, steve wrote: > >>On 29/02/12 13:44, J. Bruce Fields wrote: > >>>On Wed, Feb 29, 2012 at 12:22:30AM +0100, steve wrote: > >>>>We are authenticating against Samba4, so our domain user accounts > >>>>are under Kerberos. > >>>Kerberos works fine with v3. > >>> > >>>--b. > >>Hi > >>Unfortunately, it doesn't seem to. We just tried it, and anyone > >>(with or without a ticket) gets access:-( > >Could you give any more detail about your test? > > > >--b. > steve is a /etc/passwd user > > steve@hh3:~$ sudo su > [sudo] password for steve: > root@hh3:/home/steve# mount -t nfs4 hh3:/home /mnt -o sec=krb5 > root@hh3:/home/steve# exit > exit > steve@hh3:~$ cd /mnt > bash: cd: /mnt: Permission denied > steve@hh3:~$ sudo su > root@hh3:/home/steve# umount /mnt > root@hh3:/home/steve# mount -t nfs hh3:/home /mnt -o sec=krb5 > root@hh3:/home/steve# exit > exit > steve@hh3:~$ cd /mnt > steve@hh3:/mnt$ Why is that a problem? You haven't actually accessed anything on the filesystem. --b. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
