[Bug 368153] Re: Kerberos, NFS4 and autofs issue

Launchpad Bug Tracker 368153 at bugs.launchpad.net
Mon Nov 21 22:58:25 UTC 2011


Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: nfs-utils (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to nfs-utils in Ubuntu.
https://bugs.launchpad.net/bugs/368153

Title:
  Kerberos, NFS4 and autofs issue

Status in “nfs-utils” package in Ubuntu:
  Confirmed
Status in “nfs-utils” package in Debian:
  New

Bug description:
  Ubuntu 9.04 latest update.

  When mounting the users home folder over NFS4 using Kerberos with
  RPCGSSDOPTS="-n" set in /etc/defaults/nfs-common a kerberos ticket is
  acquired for the NFS service thus allowing for other autofs kerberized
  mounts to work as well. However, if home is not on kerberos NFS
  (local) and the user trying to access kerberized NFS exports after
  logging in, a NFS kerberos ticket will fail to be acquired and the
  user must go through several manual steps for kerberos to pick up an
  NFS ticket. This is one way to do it:

  $ sudo kinit
  $ sudo ls -l /mountpoint

  At this point the automount will still fail as now the kerberos ticket
  is owned by root, however, if you change the owner of the ticket back
  to the original user, automount will be able to mount/access the
  kerberized NFS export. As mentioned at the beginning, this is not the
  case if the users home is NFS mounted as it seems to trigger a
  function that will automatically make Ubuntu acquire NFS kerberos
  ticket (machine credentials?). Note I'm not using client keytabs in
  this setup.

  I've added some verbose logging to this to try and figure out what the
  issue could be but the strange thing is the logs say the same even if
  it is able to mount: rpc.gssd access denied errors and failed to
  create krb5 context for uid 0.

  Is the mounting process by design? What triggers the mounts to work
  when $HOME is mounted over NFS and why do they fail if it is not?

  PS: this should be pretty easy to replicate if you have a working
  krb5/nfs4/autofs setup, simply point the /home autofs to somewhere
  else like e.g. /tmphome. Add RPCGSSDOPTS="-n" in /etc/defaults/nfs-
  common and restart.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/368153/+subscriptions




More information about the foundations-bugs mailing list