kerberized NFS on OS X (gssd problem)
John Caruso
johnSPAMcarAWAYuso at myprivacy.ca
Fri Feb 8 19:50:09 EST 2008
On 2008-02-08, John Caruso <johnSPAMcarAWAYuso at myprivacy.ca> wrote:
> On 2008-02-08, Richard E. Silverman <res at qoxp.net> wrote:
>> I have found that kerberized NFSv3 does work, though.
>
> That's the route I went as well. And it not only works, but it works
> with just the behaviors I was looking for (files are created with the
> Kerberos principal rather than uid 501, they're assigned the same gid
> as the directory in which they're created, and mounting the filesystem
> requires only a user principal rather than full-blown host/nfs keys).
However, I have found that the Mac client generates warnings like the
following on the Netapp filer while it has the NFSv3/Kerberos 5 mount in
place, even if I'm not actively using the mount (and/or the machine):
Fri Feb 8 15:20:24 PST [nfsd.auth.status.bad:warning]: Client a.b.c.d has an authentication error 14
They generally occur about 30 minutes apart, so perhaps there's some
process kicking off under OS X that's causing them. Are you seeing these
as well (or analogous errors if you're not using a Netapp filer as the
NFS server)?
- John
More information about the Kerberos
mailing list