NFS4 + Kerberos with AD
Kevin Coffman
kwc at citi.umich.edu
Wed May 14 09:42:31 EDT 2008
On Tue, May 13, 2008 at 6:42 PM, J. Bruce Fields <bfields at fieldses.org> wrote:
> On Tue, May 13, 2008 at 05:35:32PM -0400, Grover, Justin N. wrote:
> > I will try creating the keytabs with des-cbc-crc and report back with findings when I can...
> >
> > Also Kevin, is there a way to specify the svcgssd service to startup last in
> > the nfs-kernel-server startup? With the -vvvf option, when I do an
> > /etc/init.d/nfs-kernel-server restart, the process hangs in the foreground
> > when svcgssd starts (making it so mountd doesn't get started).
> >
>
> Just drop the "f" and it'll put itself in the background and log the
> results as usual.
>
> Or you can just kill the rpc.svcgssd that the init scripts started and
> run your own with -vvvf and watch the output in the terminal.
Yes, this is what I intended. However, after looking at the code
again, newer versions of svcgssd will only log the token data when
running in the foreground in a terminal *and* when compiled with DEBUG
defined.
Therefore, a packet trace showing the token being sent from the client
would be most helpful...
More information about the NFSv4
mailing list