> > Yes. With commit 05f4c350 + the compilation fix, the problem occurs, but > > without > > 05f4c350, the parent (6f2ea7f) works as expected, requesting for service > > <null>. > >> When the mount operation fails, is it the first time this client attempts > >> to > >> mount a share on server.example.org, or does the client already have > >> mounts > >> of server.example.org, possibly using other security flavors? > > Yes, the problem occurs on the very first mount attempt. > > Thanks for confirming. Did you try updating nfs-utils on your NFS client to > 1.2.8-rc1 or later (specifically to replace rpc.gssd)? Yes, gssd from nfs-utils 1.2.8-rc3 behaves the same way and fails when service name is not null. The code in gssd that checks for the service name seems to be the same if I understand the code correctly. http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=blob;f=utils/gssd/gssd_proc.c;h=c17ab3bf914526f433fb6c76ace1daa63c10d921;hb=HEAD#l985 --------------------------------------------------------------------------------- if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0 && service == NULL)) { /* Tell krb5 gss which credentials cache to use */ for (dirname = ccachesearch; *dirname != NULL; dirname++) { err = gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname); if (err == -EKEYEXPIRED) downcall_err = -EKEYEXPIRED; else if (!err) create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, AUTHTYPE_KRB5); if (create_resp == 0) break; } } --------------------------------------------------------------------------------- Veli-Matti -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
