[30932] in Kerberos
Re: clustered NFS - kerberos - mount failure
daemon@ATHENA.MIT.EDU (Kevin Coffman)
Thu Mar 26 11:16:05 2009
MIME-Version: 1.0
In-Reply-To: <OF203D58C1.1BFFCA01-ON65257585.0025C8FE-65257585.002661C0@in.ibm.com>
Date: Thu, 26 Mar 2009 11:13:47 -0400
Message-ID: <4d569c330903260813x50e36899g9e9360fae6be2bf0@mail.gmail.com>
From: Kevin Coffman <kwcoffman@gmail.com>
To: Chinmay P Soman <chinmay.soman@in.ibm.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
You don't say what OS you're dealing with here. Different OS's have
different gssd implementations which have a bearing on the issue.
If Linux is involved, you'll get more help mailing the linux-nfs
mailing list (linux-nfs.vger.kernel.org). If the server is Linux, a
patch has been submitted to work around this issue. That patch isn't
yet in a release. Contact me directly, or via the linux list above
for more info.
K.C.
On Thu, Mar 26, 2009 at 2:59 AM, Chinmay P Soman
<chinmay.soman@in.ibm.com> wrote:
> Hi,
>
> I am trying to configure a NFS server with kerberos support. The catch is,
> the NFS server is part of a cluster. Therefore, all the client mounts are
> done using the
> cluster name and not the server name.
>
> For eg: Let cluster name = Mycluster.domain.com , server =
> server1.domain.com
>
> -----------------------
>
> In this case, when my NFS client mounts as :
> mount -o vers=3,sec=krb5 server1.domain.com:/tmp_share /mnt => This
> passes
>
> However,
> mount -o vers=3,sec=krb5 Mycluster.domain.com:/tmp_share /mnt => This
> fails.
>
>
> I am guessing the gssd daemon on the server side is creating a context for
> its localhost, which is => server1.domain.com
>
> However, the request is meant for Mycluster.domain.com. Hence, it fails
> due to the mismatch.
>
>
> Please clarify if my reasoning is correct. If yes, also please let me know
> a possible solution
>
>
>
>
> Thanks and regards
>
> Chinmay P Soman
> ctdb/panache research activities, SoNAS
> IBM India Systems & Technology Lab
> Ozone-2, Saswad Road, Pune.
> Tel : 91-020-26901666
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
