NFSv4 + Kerberos + users
Kevin Coffman
kwc at citi.umich.edu
Mon Jun 18 17:41:59 EDT 2007
Hi,
I did a re-install on the IA64 to which I have access. I installed
Fedora 7-ia64 from SGI:
http://oss.sgi.com/projects/fedora/
I have not been able to re-create your segfault with this program or
with nfs-utils. (I configured nfs-utils with "./configure
--without-tcp-wrappers") I verified I'm able to do a Kerberos mount
using my kwc at CITI.UMICH.EDU credentials.
I suspect your segfault may be caused by some kind of mismatch of one
of the components? Let me know a bit more about what you did to build
nfs-utils and I'll try to help.
K.C.
On 6/14/07, Zoltan Menyhart <Zoltan.Menyhart at bull.net> wrote:
> The following program can easily reproduce the problem.
> (Remember to define your own IP host / port.)
>
>
> #include <sys/socket.h>
> #include <rpcsecgss/rpc/auth_gss.h>
>
> #define PORT 264 // I saw gssd using this
> #define IP_ADDR "174.16.110.72" // lucy2_10g.frec.bull.fr
> #define PROG 100003
> #define VERS 4
> #define R_S_SIZE 32768
> #define PRINC "nfs at lucy2_10g.frec.bull.fr" // '@' !!!
>
> /* from kerberos source, gssapi_krb5.c */
> gss_OID_desc krb5oid = {9, "\052\206\110\206\367\022\001\002\002"};
>
> struct rpc_gss_sec sec;
> struct sockaddr_in sa_in;
> CLIENT *cl;
> AUTH *auth;
>
> main()
> {
> int s;
>
> sa_in.sin_family = AF_INET;
> sa_in.sin_port = htons(PORT);
> sa_in.sin_addr.s_addr = inet_addr(IP_ADDR);
> cl = clnttcp_create(&sa_in, PROG, VERS, &s, R_S_SIZE, R_S_SIZE);
> if (cl == NULL){
> fprintf(stderr, "clnttcp_create() failed\n");
> return 1;
> }
> sec.qop = GSS_C_QOP_DEFAULT;
> sec.svc = RPCSEC_GSS_SVC_NONE;
> sec.cred = GSS_C_NO_CREDENTIAL;
> sec.req_flags = 0;
> sec.mech = (gss_OID) &krb5oid;
> sec.req_flags = GSS_C_MUTUAL_FLAG;
> printf("Calling authgss_create_default()\n");
> auth = authgss_create_default(cl, PRINC, &sec);
> if (auth == NULL){
> fprintf(stderr, "authgss_create_default() failed\n");
> return 1;
> }
> printf("authgss_create_default() done\n");
> cl->cl_auth = auth;
> return 0;
> }
>
>
> # gdb a.out
> (gdb) r
>
> Calling authgss_create_default()
>
> ... many unprintable characters...
> REC.BULL.FR(0&0fsucy2_10g.frec.bull.fr0O.3R at 1MXZ
> ... more unprintable characters...
>
> ^C
> Program received signal SIGINT, Interrupt.
> 0xa000000000010641 in __kernel_syscall_via_break ()
> (gdb) bt
> #0 0xa000000000010641 in __kernel_syscall_via_break ()
> #1 0x200000000024c5c0 in select () from /lib/tls/libc.so.6.1
> #2 0x2000000000085f00 in readtcp (ct=0x6000000000010030, buf=0x6000000000018150 "", len=32768)
> at clnt_tcp.c:432
> #3 0x20000000002b7010 in set_input_fragment () from /lib/tls/libc.so.6.1
> #4 0x20000000002b7780 in xdrrec_getbytes () from /lib/tls/libc.so.6.1
> #5 0x20000000002b7b80 in xdrrec_getlong () from /lib/tls/libc.so.6.1
> #6 0x20000000002b3880 in xdr_u_long_internal () from /lib/tls/libc.so.6.1
> #7 0x20000000002ab930 in xdr_replymsg_internal () from /lib/tls/libc.so.6.1
> #8 0x20000000000855e0 in clnttcp_call (h=0x6000000000010010, proc=Variable "proc" is not available.
> ) at clnt_tcp.c:293
> #9 0x2000000000078060 in authgss_refresh (auth=0x6000000000023ae0) at auth_gss.c:516
> #10 0x2000000000078940 in authgss_create (clnt=0x6000000000010010, name=0x60000000000234e0,
> sec=0x60000000000016d8) at auth_gss.c:220
> #11 0x2000000000078cc0 in authgss_create_default (clnt=0x6000000000010010,
> service=0x4000000000000fc8 "nfs at lucy2_10g.frec.bull.fr", sec=0x60000000000016d0) at auth_gss.c:253
> #12 0x4000000000000c10 in main () at t1.c:46
>
>
> I cannot see the print-outs after authgss_create_default(), neither
> "authgss_create_default() failed\n" nor "authgss_create_default() done\n".
>
> Thanks,
>
> Zoltan
>
>
>
More information about the NFSv4
mailing list