Newbie nfsv4 debian, netapp

Frédéric Goudal goudal at enseirb-matmeca.fr
Thu Oct 24 11:24:08 EDT 2013 

Hello,

I'm having some trouble setting an nfs client on debian for a netapp filer.

What works : I can login the client with ssh + kerberos

I can do a kinit nfs/client... at DO.M with /etc/krb5.keytab

I can do a kinit host/client... at DO.M with /etc/krb5.keytab

the rpc daemons for nfs v4 kerberos are running
rpc.gssp
rpc.idmapd

when starting rpc.idmapd  says : 
pc.idmapd: libnfsidmap: using domain: DO.M
rpc.idmapd: libnfsidmap: Realms list: 'DO.M' 
rpc.idmapd: libnfsidmap: loaded plugin /lib/i386-linux-gnu/libnfsidmap/nsswitch.so for method nsswitch

On the netapp filer I have : 
kerberos.file_keytab.enable  on
kerberos.file_keytab.principal hostname.fqdn
kerberos.file_keytab.realm   DO.M
kerberos.multirealm.enable   on
kerberos.replay_cache.enable off

nfs.kerberos.enable          on

nfs.v4.enable                on         (value might be overwritten in takeover)
nfs.v4.id.domain             DO.M

when I try to mount a fs I have the following logs : 

Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6cec data 0xbfea6d6c
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: New client: d
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6cec data 0xbfea6d6c
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: Opened /var/lib/nfs/rpc_pipefs/nfs/clntd/idmap
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea261c data 0xbfea269c
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: New client: e
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nss_getpwnam: name 'root at DO.M' domain 'DO.M': resulting localname 'root'
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nfs4_name_to_uid: nsswitch->name_to_uid returned 0
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nfs4_name_to_uid: final return value is 0
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: Client d: (user) name "root at DO.M" -> id "0"
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nfs4_name_to_gid: calling nsswitch->name_to_gid
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nfs4_name_to_gid: nsswitch->name_to_gid returned 0
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: nfs4_name_to_gid: final return value is 0
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: Client d: (group) name "wheel at DO.M" -> id "0"
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6cec data 0xbfea6d6c
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6cec data 0xbfea6d6c
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: Stale client: e
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: #011-> closed /var/lib/nfs/rpc_pipefs/nfs/clnte/idmap
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6c2c data 0xbfea6cac
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6c2c data 0xbfea6cac
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: dir_notify_handler: sig 37 si 0xbfea6c2c data 0xbfea6cac
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: destroying client /var/lib/nfs/rpc_pipefs/nfs/clnte
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: Stale client: d
Oct 24 17:14:30 wheezy32 rpc.idmapd[4237]: #011-> closed /var/lib/nfs/rpc_pipefs/nfs/clntd/idmap
Oct 24 17:14:30 wheezy32 rpc.gssd[1869]: destroying client /var/lib/nfs/rpc_pipefs/nfs/clntd

What is strange too is that I see no activity of either the client or the netapp on the kdc log file

Of course both system have been reboot.

I guess I'm missing something trivial...

Any idea ?

More information about the Kerberos mailing list