It sounds like reverse DNS is not configured properly, or you don't have all the appropriate keytabs setup properly. The fact that daemon.log mentions localhost instead of the actual name of the hosts is worrying. If you run; host 130.251.17.158 What does it return? The output of ' hostname -s ' and ' hostname -f ' would be interesting as well.
Both the client In your /etc/krb5.keytab you should have the appropriate keytab for nfs/[EMAIL PROTECTED] eg; nfs/[EMAIL PROTECTED] with encryption type of; des-cbc-crc:normal Also, I'm pretty sure that you have to create /export directory and bind filesystems to that, using a line like the following in /etc/fstab; /home /export/home none bind 0 0 See this entry for more details; http://gentoo-wiki.com/HOWTO_NFSv4#Exports Depending on how much work is done for you, you may also need to do one or more of the following tasks; * On the server, edit /etc/default/nfs-kernel-server, and set; NEED_SVCGSSD=yes * On the client and the server add to /etc/default/nfs-common set; NEED_IDMAPD=yes * On the client and the server add to /etc/default/nfs-common set; NEED_GSSD=yes * Create the /var/lib/nfs/rpc_pipefs directory * Add to /etc/modules : rpcsec_gss_krb5 * Add to /etc/fstab: rpc_pipefs /var/lib/nfs/rpc_pipefs rpc_pipefs defaults 0 0 * Add to /etc/fstab: nfsd /proc/fs/nfsd nfsd defaults 0 0 This is collated from my notes on NFSv4 for Ubuntu Dapper, so it may or may not be completely the same. This is a working command to test the setup, and the following fstab entry; mount -t nfs4 sequoia:/home /mnt -o sec=krb5,port=2049 sequoia:/home /home nfs4 sec=krb5,port=2049,auto 0 0 I found that rsize=16384,wsize=16384 tend to give the best performance. I recommend some experimenting. Hope this helps! Cheers, Edward Murrell Luca Lauretta wrote: > hi i'm struggling in configuring nfsv4 working with mit kerberos v5 > > > /etc/exports on server (sequoia) > > #/home/condivisa sughero.reti.dist.unige.it(rw,sync) > /home/condivisa gss/krb5(rw,fsid=0,insecure,no_subtree_check,no_root_squash) > #/home/prova sughero.reti.dist.unige.it(rw,sync) > /home/prova gss/krb5(rw,sync) > > (commented lines are to do more testing, same for different options in > gss/krb5 lines; without kerberos i get to mount the filesystems) > > /etc/fstab on client (sughero) > > sequoia:/home/condivisa /home/importata nfs defaults,noauto,sec=krb5 > sequoia:/home/prova /home/verifica nfs defaults,noauto,sec=krb5 > > > > from server (sequoia) /var/log/daemon.log i get: > > localhost mountd[30504]: mount request from unknown host 130.251.17.158 for > /home/condivisa (/home/condivisa) > > (130.251.17.158 is sughero, even if it says unknown host and i get to > connect to sughero thru other services, like ssh) > > from client (sughero) /var/log/daemon.log i get: > > localhost rpc.gssd[7950]: WARNING: Failed to obtain machine credentials for > connection to server sequoia.reti.dist.unige.it > > when i try to mount the filesystem (for example mount /home/importata) i > get: > mount: sequoia:/home/condivisa failed, reason given by server: Permission > denied (i use gnomed debian 2.14.3, no ldap netapp and similars) > > i hope you can find the solution, i'm going out crazy > > thank you > > _________________________________________________________________ > Calcio, Quiz, Sudoku, Scacchi… Inizia la sfida su Messenger, GRATIS! > http://www.messenger.it/giochi_e_attivita.html > > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
