When initiating a nfs4/kerberos mount, rpc.gssd fails to obtain the service ticket
Issue
- When setting up NFSv4 with kerberos authentication, my client is not acquiring a service ticket.
rpc.gssdgenerates the following messages:
rpc.gssd[42]: Full hostname for 'nfsserver.domain' is 'nfsserver.domain'
rpc.gssd[42]: Full hostname for 'nfsclient.domain' is 'nfsclient.domain'
rpc.gssd[42]: No key table entry found for NFSCLIENT.DOMAIN$@DOMAIN while getting keytab entry for 'NFSCLIENT.DOMAIN$@DOMAIN'
rpc.gssd[42]: Success getting keytab entry for 'root/nfsclient.domain@DOMAIN'
rpc.gssd[42]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_DOMAIN' are good until 1354670166
rpc.gssd[42]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_DOMAIN' are good until 1354670166
rpc.gssd[42]: using FILE:/tmp/krb5cc_machine_DOMAIN as credentials cache for machine creds
rpc.gssd[42]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine_DOMAIN
rpc.gssd[42]: creating context using fsuid 0 (save_uid 0)
rpc.gssd[42]: creating tcp client for server nfsserver.domain
rpc.gssd[42]: DEBUG: port already set to 2049
rpc.gssd[42]: creating context with server nfs@nfsserver.domain
rpc.gssd[42]: WARNING: Failed to create krb5 context for user with uid 0 for server nfsserver.domain
rpc.gssd[42]: WARNING: Failed to create machine krb5 context with credentials cache FILE:/tmp/krb5cc_machine_DOMAIN for server nfsserver.domain
rpc.gssd[42]: WARNING: Failed to create machine krb5 context with any credentials cache for server nfsserver.domain
rpc.gssd[42]: doing error downcall
Environment
- Red Hat Enterprise Linux (RHEL)
- NFSv4
- Kerberos
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
