From: thomas.wunder@swt-bamberg.de
To: Kevin Coffman <kwc@citi.umich.edu>
Cc: linux-nfs@vger.kernel.org
Subject: Re: NFS-Mount with MIT-Kerberos5 doesn't use user tickets...
Date: Thu, 8 Apr 2010 01:11:29 +0200 [thread overview]
Message-ID: <201004080111.29452.thomas.wunder@swt-bamberg.de> (raw)
In-Reply-To: <p2l4d569c331004070829q7c6148d7kec7d0f93b1a5d2ba@mail.gmail.com>
> By the looks of your /etc/fstab entry, the system (root) will try to
> mount /mnt/net automatically. You could try adding the "noauto"
> option and then manually issuing the mount command as the user. (Or
> use automount?)
> K.C.
I'm pretty sure that it doesn't try to automatically mount the share on
startup since there is no log entry that would indicate such an attempt.
I already tried to do the mount as a user (which is authenticated via kerberos
such that there is a valid ticket for that user) the logs (that i have posted)
are showing what comes out of it. If I try to do the mount without the fstab-
entry (i.e. mount -t nfs4 -o sec=krb5p dnsdhcp:/ /mnt/net) it is being
rejected on the grounds that only root can perform a mount. 'sudo' doesn't
work currently (i've got some problems with my PAM config for sudo) so I
haven't had any chance to try it out...
I've already set up automount but it actually does exactly the same as if I
ran mount manually as described above.
I'm totally confused because I don't understand what people like
http://thread.gmane.org/gmane.linux.nfsv4/5893
might have done to perform a mount with normal user privileges. If it was
really mandatory to be root (as stated by Andy Adamson in the other message)
then I wouldn't really understand why they should have implemented the uid
passing using that pipefs file....
next prev parent reply other threads:[~2010-04-07 23:23 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-07 14:37 NFS-Mount with MIT-Kerberos5 doesn't use user tickets Tom
2010-04-07 15:29 ` Kevin Coffman
2010-04-07 23:11 ` thomas.wunder [this message]
2010-04-08 14:18 ` Kevin Coffman
2010-04-08 15:39 ` Thomas Wunder
2010-04-08 18:58 ` Kevin Coffman
2010-04-09 9:15 ` Thomas Wunder
2010-04-09 14:50 ` Kevin Coffman
[not found] ` <y2o4d569c331004090750zeb56bf58udb7bbfb3277832c-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2010-04-09 15:00 ` William A. (Andy) Adamson
2010-04-09 16:37 ` Chuck Lever
2010-04-10 16:13 ` Thomas Wunder
2010-04-07 15:32 ` Andy Adamson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201004080111.29452.thomas.wunder@swt-bamberg.de \
--to=thomas.wunder@swt-bamberg.de \
--cc=kwc@citi.umich.edu \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox