Hi, I've been testing a Linxu 5.15 NFSv4.2 client against a FreeBSD server to test recently added SP4_MACH_CRED support in the FreeBSD server. I noticed the following oddity, which I thought I'd report in case it is considered a bug and not a feature. I do a mount like: # mount -t nfs -o nfsvers=4,sec=krb5 nfsv4-server:/ /mnt # - When looking at the packet capture during the mount, the ExchangeID, CreateSession and ReclaimComplete are done with integrity (ie. krb5i) and ExchangeID uses SP4_MACH_CRED. - Then, subsequent RPCs do not use integrity, as I would have assumed, given the "sec=krb5" argument. However, some subsequent RPCs in the must_allow ops list for SP4_MACH_CRED choose to use the "machine principal" and do krb5i. It just seems weird that it mixes krb5 and krb5i. I had not expected it to use SP4_MACH_CRED when "sec=krb5" was specified. However, it seems to work fine this way, so I can see the argument that this is a "feature" and not a bug. Just fyi, rick
