Package: linux-image Version: 3.2.0-4-amd64 After upgrading from Squeeze to Wheezy the above mentioned kernel was installed and now I am unable to mount an NFS/krbi share:
$ mount -v /fs mount.nfs4: timeout set for Mon Apr 22 10:21:59 2013 mount.nfs4: trying text-based options 'sec=krb5i,addr=10.15.21.216,clientaddr=10.1.43.100' mount.nfs4: mount(2): Permission denied mount.nfs4: access denied by server while mounting XXX:/ rpc.gssd gives the following debug output: Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c05b0 data 0x7ffff33c0480 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c05b0 data 0x7ffff33c0480 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: handling gssd upcall (/var/lib/nfs/rpc_pipefs/nfs/clntd) Apr 22 10:23:47 l0144045 rpc.gssd[1795]: handle_gssd_upcall: 'mech=krb5 uid=0 enctypes=18,17,16,23,3,1,2 ' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: handling krb5 upcall (/var/lib/nfs/rpc_pipefs/nfs/clntd) Apr 22 10:23:47 l0144045 rpc.gssd[1795]: process_krb5_upcall: service is '<null>' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: Full hostname for 'fsnfs4.mynetwork.local' is 'fsnfs4.mynetwork.local' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: Full hostname for 'l0144045.mynetwork.local' is 'l0144045.mynetwork.local' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: No key table entry found for L0144045$.MYNETWORK.LOCAL while getting keytab entry for 'L0144045$@' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: No key table entry found for root/l0144045.mynetwork.local.MYNETWORK.LOCAL while getting keytab entry for 'root/l0144045.mynetwork.local@' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: Success getting keytab entry for 'nfs/l0144045.mynetwork.local@' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL' are good until 1366705137 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL' are good until 1366705137 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: using FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL as credentials cache for machine creds Apr 22 10:23:47 l0144045 rpc.gssd[1795]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL Apr 22 10:23:47 l0144045 rpc.gssd[1795]: creating context using fsuid 0 (save_uid 0) Apr 22 10:23:47 l0144045 rpc.gssd[1795]: creating tcp client for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: DEBUG: port already set to 2049 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: creating context with server nfs@fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: WARNING: Failed to create krb5 context for user with uid 0 for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: WARNING: Failed to create machine krb5 context with credentials cache FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: WARNING: Machine cache is prematurely expired or corrupted trying to recreate cache for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: Full hostname for 'fsnfs4.mynetwork.local' is 'fsnfs4.mynetwork.local' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: Full hostname for 'l0144045.mynetwork.local' is 'l0144045.mynetwork.local' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: No key table entry found for L0144045$.MYNETWORK.LOCAL while getting keytab entry for 'L0144045$@' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: No key table entry found for root/l0144045.mynetwork.local.MYNETWORK.LOCAL while getting keytab entry for 'root/l0144045.mynetwork.local@' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: Success getting keytab entry for 'nfs/l0144045.mynetwork.local@' Apr 22 10:23:47 l0144045 rpc.gssd[1795]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL' are good until 1366705137 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL' are good until 1366705137 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: using FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL as credentials cache for machine creds Apr 22 10:23:47 l0144045 rpc.gssd[1795]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL Apr 22 10:23:47 l0144045 rpc.gssd[1795]: creating context using fsuid 0 (save_uid 0) Apr 22 10:23:47 l0144045 rpc.gssd[1795]: creating tcp client for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: DEBUG: port already set to 2049 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: creating context with server nfs@fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: WARNING: Failed to create krb5 context for user with uid 0 for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: WARNING: Failed to create machine krb5 context with credentials cache FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: WARNING: Failed to create machine krb5 context with any credentials cache for server fsnfs4.mynetwork.local Apr 22 10:23:47 l0144045 rpc.gssd[1795]: doing error downcall Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: dir_notify_handler: sig 37 si 0x7ffff33c50b0 data 0x7ffff33c4f80 Apr 22 10:23:47 l0144045 rpc.gssd[1795]: destroying client /var/lib/nfs/rpc_pipefs/nfs/clnte Apr 22 10:23:47 l0144045 rpc.gssd[1795]: destroying client /var/lib/nfs/rpc_pipefs/nfs/clntd Using kernel linux-image-2.6.32-5-amd64 (from squeeze) it still works: $ mount -v /fs/ mount.nfs4: timeout set for Mon Apr 22 10:32:39 2013 mount.nfs4: trying text-based options 'sec=krb5i,addr=10.15.21.216,clientaddr=10.1.43.100' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: dir_notify_handler: sig 37 si 0x7ffface6b0f0 data 0x7ffface6afc0 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: dir_notify_handler: sig 37 si 0x7ffface6b0f0 data 0x7ffface6afc0 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: dir_notify_handler: sig 37 si 0x7ffface6b0f0 data 0x7ffface6afc0 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: handling gssd upcall (/var/lib/nfs/rpc_pipefs/nfs/clntc) Apr 22 10:33:03 l0144045 rpc.gssd[1882]: handle_gssd_upcall: 'mech=krb5 uid=0 ' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: handling krb5 upcall (/var/lib/nfs/rpc_pipefs/nfs/clntc) Apr 22 10:33:03 l0144045 rpc.gssd[1882]: process_krb5_upcall: service is '<null>' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: Full hostname for 'fsnfs4.mynetwork.local' is 'fsnfs4.mynetwork.local' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: Full hostname for 'l0144045.mynetwork.local' is 'l0144045.mynetwork.local' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: No key table entry found for L0144045$.MYNETWORK.LOCAL while getting keytab entry for 'L0144045$@' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: No key table entry found for root/l0144045.mynetwork.local.MYNETWORK.LOCAL while getting keytab entry for 'root/l0144045.mynetwork.local@' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: Success getting keytab entry for 'nfs/l0144045.mynetwork.local@' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL' are good until 1366705769 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL' are good until 1366705769 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: using FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL as credentials cache for machine creds Apr 22 10:33:03 l0144045 rpc.gssd[1882]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine.MYNETWORK.LOCAL Apr 22 10:33:03 l0144045 rpc.gssd[1882]: creating context using fsuid 0 (save_uid 0) Apr 22 10:33:03 l0144045 rpc.gssd[1882]: creating tcp client for server fsnfs4.mynetwork.local Apr 22 10:33:03 l0144045 rpc.gssd[1882]: DEBUG: port already set to 2049 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: creating context with server nfs@fsnfs4.mynetwork.local Apr 22 10:33:03 l0144045 rpc.gssd[1882]: DEBUG: serialize_krb5_ctx: lucid version! Apr 22 10:33:03 l0144045 rpc.gssd[1882]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: doing downcall Apr 22 10:33:03 l0144045 rpc.gssd[1882]: handling gssd upcall (/var/lib/nfs/rpc_pipefs/nfs/clntc) Apr 22 10:33:03 l0144045 rpc.gssd[1882]: handle_gssd_upcall: 'mech=krb5 uid=13186 ' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: handling krb5 upcall (/var/lib/nfs/rpc_pipefs/nfs/clntc) Apr 22 10:33:03 l0144045 rpc.gssd[1882]: process_krb5_upcall: service is '<null>' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: getting credentials for client with uid 13186 for server fsnfs4.mynetwork.local Apr 22 10:33:03 l0144045 rpc.gssd[1882]: CC file '/tmp/krb5cc_13186_T9uhB8' being considered, with preferred realm .MYNETWORK.LOCAL' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: CC file '/tmp/krb5cc_13186_T9uhB8'(shuber.MYNETWORK.LOCAL) passed all checks and has mtime of 1366619399 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: CC file '/tmp/krb5cc_machine.MYNETWORK.LOCAL' being considered, with preferred realm .MYNETWORK.LOCAL' Apr 22 10:33:03 l0144045 rpc.gssd[1882]: CC file '/tmp/krb5cc_machine.MYNETWORK.LOCAL' owned by 0, not 13186 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: using FILE:/tmp/krb5cc_13186_T9uhB8 as credentials cache for client with uid 13186 for server fsnfs4.mynetwork.local Apr 22 10:33:03 l0144045 rpc.gssd[1882]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_13186_T9uhB8 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: creating context using fsuid 13186 (save_uid 0) Apr 22 10:33:03 l0144045 rpc.gssd[1882]: creating tcp client for server fsnfs4.mynetwork.local Apr 22 10:33:03 l0144045 rpc.gssd[1882]: DEBUG: port already set to 2049 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: creating context with server nfs@fsnfs4.mynetwork.local Apr 22 10:33:03 l0144045 rpc.gssd[1882]: DEBUG: serialize_krb5_ctx: lucid version! Apr 22 10:33:03 l0144045 rpc.gssd[1882]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8 Apr 22 10:33:03 l0144045 rpc.gssd[1882]: doing downcall (In the above logs I replaced some hostname with XXX resp. MYNETWORK.) Best regards Stefan
signature.asc
Description: Digital signature