Date: Fri, 6 Jul 2012 06:04:22 -0400 (EDT) From: Rick Macklem <rmacklem@uoguelph.ca> To: Tim Gustafson <tjg@soe.ucsc.edu> Cc: freebsd-fs@freebsd.org Subject: Re: FreeBSD 9.0 + ZFS + NFSv4 + Kerberos Message-ID: <1060732353.47610.1341569062083.JavaMail.root@erie.cs.uoguelph.ca> In-Reply-To: <CAG27QgTyYpSsc4x-U28W75bvifnfW-LFXPM%2BA=zKtEP7cLUDMQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tim Gustafson wrote: > Hi, > > I'd like to set up a FreeBSD 9.0 box as a ZFS+NFSv4+Kerberos server. > So far, I can mount a file system from a client machine, but whenever > I try to do anything on that file system, I get errors that look like > this: > > tjg@junta: cd /mnt > nfsv4 err=10016 > nfsv4 err=10016 > /mnt: Input/output error. > Read this: http://code.google.com/p/macnfsv4/wiki/FreeBSD8KerberizedNFSSetup (Still basically applies to FreeBSD9.) > I can kinit on both boxes, and have done so on my client box; klist > shows a valid ticket on the client box. I can "mount /mnt" on the > client without any problems. > The client must have the appropriate TGT at time of mount. Unless you apply the patch mentioned in the above wiki and have the correct /etc/keytab entry in the client,the mount can only be done by a non-root user after they have done a kinit. (vfs.usermount=1) > Here are the relevant configuration files: > > server:/etc/rc.conf: > > nfs_server_enable="yes" > nfsv4_server_enable="yes" > mountd_enable="yes" > mountd_flags="-r" > rpcbind_enable="yes" > rpc_lockd_enable="yes" > rpc_statd_enable="yes" > gssd_enable="yes" > > server:/etc/exports: > > V4: /tank/export -sec=krb5p > > client:/etc/rc.conf: > > nfs_client_enable="yes" > rpc_lockd_enable="yes" > rpc_statd_enable="yes" > rpcbind_enable="yes" > devfs_enable="yes" > gssd_enable="yes" > > client:/etc/fstab: > > server:/ /mnt nfs rw,noauto,nfsv4,sec=krb5p 0 0 > Won't work unless the client has the above mentioned patch and the correct /etc/keytab entry. Good luck with it, rick > -- > > Tim Gustafson > tjg@soe.ucsc.edu > 831-459-5354 > Baskin Engineering, Room 313A > _______________________________________________ > freebsd-fs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1060732353.47610.1341569062083.JavaMail.root>