On Fri, 2013-07-12 at 13:38 -0700, Doug Clow wrote: > Hello, > > I am having some trouble with using krb5, autofs, and cifs together. I have > my credentials set to auto-renew using k5start and when I ssh to the machine > I can mount the share after restarting autofs. The principal used is the > computer from Active Directory ie "hostname$". I've verifed my tgt is always > fresh. However, my scheduled cron job to do rsync to that share always > fails. Often with the error "Key has been revoked". In my syslog there is > the message "CIFS VFS: cifs_mount failed w/return code = -128". After doing > some Googling, I found this link: > > https://access.redhat.com/site/solutions/275933 > > I'm on CentOS (6.4) so I don't have access to the posting. If you have an > idea for a fix I would very much appreciate it. > > Thanks, > Doug
Hi You don't need to cron your tgt requests. cifs.upcall will look for the key as and when it needs it: -Put hostname$ in /etc/krb5.keytab -kill k5start -make sure you have username=hostname$ as a cifs option in the autofs map file -make sure you have the line in /etc/reqest-key.conf: create cifs.spnego * * /usr/sbin/cifs.upcall % k hth, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
