Hello, I am having some trouble with kerberized cifs shares. I've tried troubleshooting over at the cifs list but haven't been able to find a solution and was wondering if anyone here had an idea of what might be happening.
To summarize, I am mounting a cifs share on a Centos 6.4 linux machine. If I ssh into the box I can access the share fine. Also Apache running on the same server can access the share fine. What doesn't work is me running rsync from a cron job or this package I have called Subversion Edge running its backup function to that share. Centos 6.4 server hosts the cifs share KDC is MS Active Directory CIFS server is MS Windows 2012 DFS I use kstart to keep my TGT active. Kstart gets the TGT by using the system keytab at /etc/krb5.keytab which has the machine account ie [email protected]. The ticket cache is located at /tmp/krb5cc_0. I've tried using autofs to mount the share and also manually mounting using mount.cifs. While I can traverse the mounted share using both root and user accounts if cron runs as root and tries to rsync I get the error: rsync: ERROR: cannot stat destination "/mnt/dfs/backups/": Key has been revoked (128) If I run the same rsync command from ssh it runs fine. I've tried disabling SELinux but it didn't change. Can anyone think of a reason why the cron job can't access the krb5 authenticated cifs share? Thanks, Doug ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
