[29213] in Kerberos
Re: kerberized NFS on OS X (gssd problem)
daemon@ATHENA.MIT.EDU (Richard E. Silverman)
Sun Feb 10 11:24:31 2008
From: "Richard E. Silverman" <res@qoxp.net>
Date: Sun, 10 Feb 2008 00:13:02 -0500
Message-ID: <m2y79t5r8h.fsf@darwin.oankali.net>
MIME-Version: 1.0
X-Complaints-To: abuse@speakeasy.net
X-DMCA-Complaints-To: abuse@speakeasy.net
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
>>>>> "JC" == John Caruso <johnSPAMcarAWAYuso@myprivacy.ca> writes:
JC> On 2008-02-08, John Caruso <johnSPAMcarAWAYuso@myprivacy.ca> wrote:
>> On 2008-02-08, Richard E. Silverman <res@qoxp.net> wrote:
>> I have found that kerberized NFSv3 does work, though.
>>
>> That's the route I went as well. And it not only works, but it
>> works with just the behaviors I was looking for (files are created
>> with the Kerberos principal rather than uid 501, they're assigned
>> the same gid as the directory in which they're created, and
>> mounting the filesystem requires only a user principal rather than
>> full-blown host/nfs keys).
JC> However, I have found that the Mac client generates warnings like
JC> the following on the Netapp filer while it has the NFSv3/Kerberos
JC> 5 mount in place, even if I'm not actively using the mount (and/or
JC> the machine):
JC> Fri Feb 8 15:20:24 PST [nfsd.auth.status.bad:warning]: Client
JC> a.b.c.d has an authentication error 14
JC> They generally occur about 30 minutes apart, so perhaps there's
JC> some process kicking off under OS X that's causing them. Are you
JC> seeing these as well (or analogous errors if you're not using a
JC> Netapp filer as the NFS server)?
I'm afraid not -- although we have kerberized NFS running on NetApp, I'm
only working with Solaris NFS servers for this, and have seen nothing
similar.
JC> - John
--
Richard Silverman
res@qoxp.net
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
