clustered NFS - kerberos - mount failure
Kevin Coffman
kwcoffman at gmail.com
Thu Mar 26 11:13:47 EDT 2009
Hi,
You don't say what OS you're dealing with here. Different OS's have
different gssd implementations which have a bearing on the issue.
If Linux is involved, you'll get more help mailing the linux-nfs
mailing list (linux-nfs.vger.kernel.org). If the server is Linux, a
patch has been submitted to work around this issue. That patch isn't
yet in a release. Contact me directly, or via the linux list above
for more info.
K.C.
On Thu, Mar 26, 2009 at 2:59 AM, Chinmay P Soman
<chinmay.soman at in.ibm.com> wrote:
> Hi,
>
> I am trying to configure a NFS server with kerberos support. The catch is,
> the NFS server is part of a cluster. Therefore, all the client mounts are
> done using the
> cluster name and not the server name.
>
> For eg: Let cluster name = Mycluster.domain.com , server =
> server1.domain.com
>
> -----------------------
>
> In this case, when my NFS client mounts as :
> mount -o vers=3,sec=krb5 server1.domain.com:/tmp_share /mnt => This
> passes
>
> However,
> mount -o vers=3,sec=krb5 Mycluster.domain.com:/tmp_share /mnt => This
> fails.
>
>
> I am guessing the gssd daemon on the server side is creating a context for
> its localhost, which is => server1.domain.com
>
> However, the request is meant for Mycluster.domain.com. Hence, it fails
> due to the mismatch.
>
>
> Please clarify if my reasoning is correct. If yes, also please let me know
> a possible solution
>
>
>
>
> Thanks and regards
>
> Chinmay P Soman
> ctdb/panache research activities, SoNAS
> IBM India Systems & Technology Lab
> Ozone-2, Saswad Road, Pune.
> Tel : 91-020-26901666
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list