Strange (klist) behaviour

Greg Hudson ghudson at MIT.EDU
Thu May 26 15:54:08 EDT 2011


On Thu, 2011-05-26 at 04:58 -0400, Bjørge Solli wrote:
> I have a situation when testing our brand new NetApp (NAS) as NFS4+krb5 
> home dirs. Tickets from our KDC dissapears, but seems to have no affect 
> on usage, and then appears again by itself after some time. We don't do 
> anything active to get the ticket back, but I gather something is 
> triggering it. The strange thing is that I was expecting the lack of 
> ticket to shut the user out from his home dir.

Everything other than the krbtgt ticket is just a performance
optimization; service tickets are obtained from the KDC when necessary.
The lack of a service ticket in the ccache does not generally result in
denial of service.

I suspect the service ticket is "disappearing" when tickets are obtained
or renewed, and reappearing when rpc.gssd needs to establish a new
security context with the NFS server.  I can't say for sure, though.





More information about the Kerberos mailing list