https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201073
Bug ID: 201073
Summary: [nfsclient] RPCSEC_GSS principal includes
inappropriate directory path
Product: Base System
Version: 10.1-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: freebsd-bugs@FreeBSD.org
Reporter: mas...@itc.naist.jp
NFS client requests invalid principal name for RPCSEC_GSS security.
The man page mount_nfs(8) explains that default principal name is
nfs@<server-fqdn>, but NFS client uses nfs@<rhost>:<path> which includes
inappropriate directory path.
Workaround:
Explicitly use principal option for mount_nfs command.
Fix:
===================================================================
--- sys/fs/nfsclient/nfs_clvfsops.c (revision 284717)
+++ sys/fs/nfsclient/nfs_clvfsops.c (working copy)
@@ -774,7 +774,7 @@
struct thread *td;
char hst[MNAMELEN];
u_char nfh[NFSX_FHMAX], krbname[100], dirpath[100], srvkrbname[100];
- char *opt, *name, *secname;
+ char *opt, *name, *secname, *cp;
int nametimeo = NFS_DEFAULT_NAMETIMEO;
int negnametimeo = NFS_DEFAULT_NEGNAMETIMEO;
int minvers = 0;
@@ -1153,8 +1153,13 @@
if (vfs_getopt(mp->mnt_optnew, "principal", (void **)&name, NULL) == 0)
strlcpy(srvkrbname, name, sizeof (srvkrbname));
- else
+ else {
snprintf(srvkrbname, sizeof (srvkrbname), "nfs@%s", hst);
+ cp = strchr(srvkrbname, ':');
+ if (cp != NULL) {
+ *cp = '\0';
+ }
+ }
srvkrbnamelen = strlen(srvkrbname);
if (vfs_getopt(mp->mnt_optnew, "gssname", (void **)&name, NULL) == 0)
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
