When initiating a nfs4/kerberos mount, rpc.gssd fails to obtain the service ticket
Issue
- When setting up NFSv4 with kerberos authentication, my client is not acquiring a service ticket.
rpc.gssd
generates the following messages:
rpc.gssd[42]: Full hostname for 'nfsserver.domain' is 'nfsserver.domain'
rpc.gssd[42]: Full hostname for 'nfsclient.domain' is 'nfsclient.domain'
rpc.gssd[42]: No key table entry found for NFSCLIENT.DOMAIN$@DOMAIN while getting keytab entry for 'NFSCLIENT.DOMAIN$@DOMAIN'
rpc.gssd[42]: Success getting keytab entry for 'root/nfsclient.domain@DOMAIN'
rpc.gssd[42]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_DOMAIN' are good until 1354670166
rpc.gssd[42]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_DOMAIN' are good until 1354670166
rpc.gssd[42]: using FILE:/tmp/krb5cc_machine_DOMAIN as credentials cache for machine creds
rpc.gssd[42]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine_DOMAIN
rpc.gssd[42]: creating context using fsuid 0 (save_uid 0)
rpc.gssd[42]: creating tcp client for server nfsserver.domain
rpc.gssd[42]: DEBUG: port already set to 2049
rpc.gssd[42]: creating context with server nfs@nfsserver.domain
rpc.gssd[42]: WARNING: Failed to create krb5 context for user with uid 0 for server nfsserver.domain
rpc.gssd[42]: WARNING: Failed to create machine krb5 context with credentials cache FILE:/tmp/krb5cc_machine_DOMAIN for server nfsserver.domain
rpc.gssd[42]: WARNING: Failed to create machine krb5 context with any credentials cache for server nfsserver.domain
rpc.gssd[42]: doing error downcall
Environment
- Red Hat Enterprise Linux (RHEL)
- NFSv4
- Kerberos
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.