Hi folks, Recently I've been working on cross-realm support to give my own MIT Kerberos realm, UMRK.NL, access to the services of a realm that I manage. All systems involved run Debian wheezy. So far, SSH, OpenLDAP, OpenAFS and Dovecot IMAP are all working properly this way, but NFSv4 with sec=krb5i is not; I keep getting "Permission denied" when attempting to read or write to any file or directory that is not globally accessible. When the log output verbosity for rpc.gssd and rpc.svcgssd is increased about as far as it will go (-vvvvv), little is different when things go wrong, other than this one line produced by rpc.svcgssd on the server: nss_gss_princ_to_ids: Local-Realm 'UMRK.NL': NOT FOUND However, even that seems a bit misleading, because the log output for rpc.idmapd (with Verbosity = 5) shows that the user and group IDs for my account are being identified properly. Should I prepare a bug report for this issue, or does cross-realm support for NFSv4 require something extra? Thanks, Jaap -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
