2012-01-28 10:40 keltezéssel, steve írta: > Hi everyone > Version 4.0.0alpha18-GIT-bfc7481 > openSUSE 12.1 > > Conventional nfs4 export works fine, but I'm having trouble > kerberizing it for Samba 4 for my Samba 4 users. > > I've setup the nfs4 pseudo stuff like this: > hh3:/ # mkdir /export > hh3:/ # mkdir /export/home > hh3:/ # mount --bind /home /export/home > > Here is /etc/exports: > /export gss/krb5(rw,fsid=0,insecure,no_subtree_check,async) > /export/home gss/krb5(rw,nohide,insecure,no_subtree_check,async) > > /etc/sysconfig/nfs has: > NFS_SECURITY_GSS="yes" > > I have used samba-tool to make an nfs service principal and it responds: > Kerberos: TGS-REQ HH3$@HH3.SITE from ipv4:192.168.1.3:35191 for > nfs/hh3.hh3.s...@hh3.site [canonicalize, renewable] > Kerberos: TGS-REQ authtime: 2012-01-28T09:31:37 starttime: > 2012-01-28T09:31:37 endtime: 2012-01-28T19:31:37 renew till: > 2012-01-29T09:31:37 > when I: > mount -t nfs4 hh3:/home /mnt -o sec=krb5 > > It mounts OK and mount shows: > hh3:/home/ on /mnt type nfs4 > (rw,relatime,vers=4,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5,clientaddr=192.168.1.3,minorversion=0,local_lock=none,addr=192.168.1.3) > > Autenticated Samba 4 users get 'Permission denied when trying to cd to > /mnt. Only root can enter. The permissions using ls -la are: > d????????? ? ? ? ? ? mnt > You can see that /home has indeed been mounted but with strange > permissions. > > Has anyone tried nfs with Samba 4 Kerberos? > Why the permissions? > What am I missing? > > Cheers, > Steve root can enter, because (you don't have no_root_squash) it is mapped to the nobody user and thus has the basic rights I would check if the user account you are trying to read/write/list/etc the /mnt dir has got the nfs tickets, with a klist
Regards Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba