problems with sec=krb5
Kevin Coffman
kwc at citi.umich.edu
Wed Mar 28 15:54:58 EDT 2007
On 3/28/07, Rohit Kumar Mehta <rohitm at engr.uconn.edu> wrote:
>
> Yeah I see the short name in there.
>
> "host filesm" command fails with error "Host filesm not found:
> (NXDOMAIN)", but it does resolve properly as does
> filesm.ad.engr.uconn.edu. I did have only the short name "filesm" in my
> /etc/hosts file. I updated it to be "filesm.ad.engr.uconn.edu" and now
> we have the correct principal (after attempting a mount):
Cool.
> However the mount still appears to hang now with the following written
> to daemon.log:
> Mar 28 14:57:35 cselin12 rpc.gssd[3841]: creating context using euid 0
> (save_uid 0)
> Mar 28 14:57:35 cselin12 rpc.gssd[3841]: creating tcp client for server
> filesm.ad.engr.uconn.edu
> Mar 28 14:57:35 cselin12 rpc.gssd[3841]: creating context with server
> nfs at filesm.ad.engr.uconn.edu
> Mar 28 14:57:35 cselin12 rpc.gssd[3841]: DEBUG: serialize_krb5_ctx:
> lucid version!
> Mar 28 14:57:35 cselin12 rpc.gssd[3841]: doing downcall
> Mar 28 14:57:35 cselin12 rpc.gssd[3841]: Failed to write downcall!
OK! The userland/nfs-utils part is now working and a gss context has
been created with the server. We're now failing to pass it down to
the kernel. I'm guessing that this error has something to do with
missing crypto modules in the kernel. If your kernel is built with
modules, does lsmod show rpcsec_gss_krb5? Otherwise, "modprobe
rpcsec_gss_krb5" to get it loaded.
More information about the NFSv4
mailing list