rpc-timeout option on nfs.conf not working as expected

Solution In Progress - Updated -

Issue

According on man page rpc.gssd.conf(8), rpc-timeout is equivalent to -t :

       -t timeout
              Timeout, in seconds, for kernel GSS contexts. This option allows you to force new kernel contexts to be negotiated after timeout seconds, which allows changing  Kerberos  tickets
              and identities frequently.  The default is no explicit timeout, which means the kernel context will live the lifetime of the Kerberos service ticket used in its creation.
...
       rpc-timeout
              Equivalent to -t.

But setting it on nfs.conf does not work as expected, kernel security contexts last for the duration of the Kerberos ticket instead of being refreshed earlier.

Environment

  • RHEL7
  • RHEL8
  • problem is more visible on RHEL8 since/etc/nfs.conf is the preferred way to customize rpc.gssd service

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content