Why mounting NFSv4 filesystem is returning "Permission denied" ?

Solution Unverified - Updated -

Issue

  • While configuring NFSv4 with kerberos, when at the final stage of the process while trying to mount the exported filesystem on the client, following errors were seen:
# mount -a 
Warning: rpc.idmapd appears not to be running.
         All uids will be mapped to the nobody uid.
Warning: rpc.gssd appears not to be running.
mount.nfs4: Permission denied

Both warnings above are not to be considered as they will show up even if both services are running. Nevertheless, its always good to double check.

Looking in /var/log/messages showed us these messages:

May 20 11:35:39 client rpc.gssd[4369]: ERROR: No usable machine credentials obtained 
May 20 11:35:39 client rpc.gssd[4369]: WARNING: Failed to obtain machine credentials for connection to server server.example.com

To obtain more verbose output, we enabled the rpcgssd verbose mode by uncommenting the RPCGSSDARGS="-vvv" in /etc/sysconfig/nfs and afterwards here is what we see in the /var/log/messages:

WARNING: Decrypt integrity check failed while getting initial ticket for principal 'nfs/client.example.com@EXAMPLE.COM' from keytab 'FILE:/etc/krb5.keytab' 
May 20 16:48:17 client rpc.gssd[5955]: ERROR: No usable machine credentials obtained 
May 20 16:58:31 client rpc.gssd[5955]: handling krb5 upcall 
May 20 16:58:31 client rpc.gssd[5955]: Using keytab file '/etc/krb5.keytab' 
May 20 16:58:31 client rpc.gssd[5955]: WARNING: Decrypt integrity check failed while getting initial ticket for principal 'nfs/client.example.com@EXAMPLE.COM' from keytab 'FILE:/etc/krb5.keytab' 
May 20 16:58:31 client rpc.gssd[5955]: ERROR: No usable machine credentials obtained 
May 20 16:58:31 client rpc.gssd[5955]: WARNING: Failed to obtain machine credentials for connection to server server.example.com 
May 20 16:58:31 client rpc.gssd[5955]: doing error downcall 
May 20 16:58:31 client rpc.gssd[5955]: destroying client clnt1d 
May 20 16:58:33 client rpc.gssd[5955]: destroying client clnt1c

Environment

  • Red Hat Enterprise Linux 5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.