NFS + Kerberos
Momchil Ivanov
momchil at xaxo.eu
Thu Feb 21 16:18:56 UTC 2013
On Thu, February 21, 2013 12:10 am, Rick Macklem wrote:
> I would have thought kerberos was rebuilt for make buildworld. If you
use heimdal from somewhere else (ports or their distro), I don't think
that needs to be rebuilt, since I don't think the ..pname_to_uid()
function is a part of a generic heimdal distribution, but I am not sure.
>
> Be sure to change buf[128] --> buf[1024] in both:
> kerberos5/lib/libgssapi_krb5/pname_to_uid.c
> usr.sbin/gssd/gssd.c
>
> (Or paths close to that. I might not have remembered them quite
> correctly;-)
this change allows for yet another entry in the kdc log:
2013-02-21T17:03:43 TGS-REQ user at EXAMPLE.LOCAL from IPv4:X.X.X.X for
nfs/srv.example.local at EXAMPLE.LOCAL
2013-02-21T17:03:44 TGS-REQ authtime: 2013-02-21T17:02:03 starttime:
2013-02-21T17:03:43 endtime: 2013-02-22T03:02:00 renew till: unset
2013-02-21T17:03:44 sending 612 bytes to IPv4:X.X.X.X
which seems promising, but I still get:
$ mount -t nfs -o nfsv4,sec=krb5i srv.example.local:/ /mnt/srv
mount_nfs: can't update /var/db/mounttab for srv.example.local:/ nfsv4
err=10016
mount_nfs: /mnt/srv, : Input/output error
do you happen to have any other ideas?
Thank you,
Momchil
More information about the freebsd-fs
mailing list