Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1
Conventional nfs4 export works fine, but I'm having trouble kerberizing
it for Samba 4 for my Samba 4 users.
I've setup the nfs4 pseudo stuff like this:
hh3:/ # mkdir /export
hh3:/ # mkdir /export/home
hh3:/ # mount --bind /home /export/home
Here is /etc/exports:
/export gss/krb5(rw,fsid=0,insecure,no_subtree_check,async)
/export/home gss/krb5(rw,nohide,insecure,no_subtree_check,async)
/etc/sysconfig/nfs has:
NFS_SECURITY_GSS="yes"
I have used samba-tool to make an nfs service principal and it responds:
Kerberos: TGS-REQ HH3$@HH3.SITE from ipv4:192.168.1.3:35191 for
nfs/hh3.hh3.s...@hh3.site [canonicalize, renewable]
Kerberos: TGS-REQ authtime: 2012-01-28T09:31:37 starttime:
2012-01-28T09:31:37 endtime: 2012-01-28T19:31:37 renew till:
2012-01-29T09:31:37
when I:
mount -t nfs4 hh3:/home /mnt -o sec=krb5
It mounts OK and mount shows:
hh3:/home/ on /mnt type nfs4
(rw,relatime,vers=4,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5,clientaddr=192.168.1.3,minorversion=0,local_lock=none,addr=192.168.1.3)
Autenticated Samba 4 users get 'Permission denied when trying to cd to
/mnt. Only root can enter. The permissions using ls -la are:
d????????? ? ? ? ? ? mnt
You can see that /home has indeed been mounted but with strange permissions.
Has anyone tried nfs with Samba 4 Kerberos?
Why the permissions?
What am I missing?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
