On Sat, 14 Sep 2024 10:06:28 +0200 Salvatore Bonaccorso <car...@debian.org> wrote: > close 832609 1:1.3.4-2 > thanks >
I see that you fixed in 1:1.3.4-2 : systemd: Don't degrade system state for nfs-clients when krb5 keytab present but not containing the nfs/<FQDN> principal (Closes: #985002) But as I write in my 832609 report, I do: I add the nfs SPN with: " adcli join -N <my netbios client> -K /etc/krb5.keytab -V nfs <my AD domain> " (mind I cannot use "net ads keytab add nfs" as I joind with realmd if done so without --membership-software=samba flag , the latter fails to apply silently - if executed without -d<n> flag - see : https://bugzilla.redhat.com/show_bug.cgi?id=1271618 ) and then the issue at stack exhibits. I believe you took the comment on my bug report that was about the nfs missing as the bug reported, ie https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832609#17 . But it was not. I don't have the setup ready to test if the bug I reported that when keytab is there, with the nfs entry in it and the rpcsec_gss_krb5 is not loaded rpc-gssd.service errors out when starting with: systemd[1]: Starting RPC security service for NFS server... rpc.svcgssd[4860]: libnfsidmap: using (default) domain: <my AD domain> systemd[1]: Started RPC security service for NFS server. rpc.svcgssd[4860]: libnfsidmap: Realms list: '< my realm >' rpc.svcgssd[4860]: libnfsidmap: loaded plugin /lib/x86_64-linux-gnu/libnfsidmap/nsswitch.so for method nsswitch rpc.svcgssd[4860]: failed to open /proc/net/rpc/auth.rpcsec.init/channel: No such file or directory I will try to reproduce ASAP, but if you can reproduce before me please reopen if the bug is still there. Best Regards, Alban