Accessing Kerberos NFS via /net automounter with kinit only (no /etc/krb5.conf access)
Tom_Krauss
thomas.krauss at itserv.de
Wed Apr 2 02:50:05 EDT 2014
Hi,
you must configure /etc/nfssec.conf to support the krb5p as sec mode on your
client and (re)start gss (and autofs probably).
The solaris client should automatically use the best sec mode offered by the
server when automounting the share.
If your client system is not kerberized and has no keys for root/FQDN in its
krb5.keytab then it will report ie:
df: cannot statvfs /path/to/share: Permission denied
I am not sure if that is intented or stable.
However - you will be able to access the share through /net as a normal user
given you have gathered a nfs ticket. You may use KRB5_CONFIG to feed the
appropriate configuration to kinit.
Hth
--
View this message in context: http://kerberos.996246.n3.nabble.com/Accessing-Kerberos-NFS-via-net-automounter-with-kinit-only-no-etc-krb5-conf-access-tp40115p40121.html
Sent from the Kerberos - General mailing list archive at Nabble.com.
More information about the Kerberos
mailing list