kinit
, then look atklist
. You should see a ticket; if not, look for answers on how to fix Kerberos auth first.- is
rpc.gssd
running? You might want to start the service; also, on some distributions, it doesn't autostart unless you mention NFS mounts with krb5* in their options in your/etc/fstab
. - is
rpc.idmapd
running? (Again, this should typically be launched by a client-side nfs service;ls /etc/init.d/
is a good starting point. - look at
/etc/idmapd.conf
. Does the "Domain" part match the actual domain of your NFS server? (... if nothing else, you could try using the Kerberos realm.) I've seen distributions where this wasn't needed and some where it was; maybe on some, it has more reasonable defaults for an FQDN. - also add
GSS_principal_attr = GSSAuthName
to the file. Just the domain might fix some ownership issues, but looks like this is also needed for e.g. directories. - restart at least
rpc.idmapd
once adjusting the config. A remount shouldn't be necessary after adjusting the config, but it doesn't hurt. - also!
nfsidmap -c
. Apparently, there is a cache that doesn't get cleared even with a restart; this will clear it. (Otherwise you might keep thinking the fix doesn't work even if it did.)
Mounting NFS: owners are nobody:nogroup
猜你喜欢
转载自blog.csdn.net/weixin_39833509/article/details/121434012
今日推荐
周排行