FreeBSD 9.0 + ZFS + NFSv4 + Kerberos
Rick Macklem
rmacklem at uoguelph.ca
Fri Jul 6 11:27:37 UTC 2012
Tim Gustafson wrote:
> Hi,
>
> I'd like to set up a FreeBSD 9.0 box as a ZFS+NFSv4+Kerberos server.
> So far, I can mount a file system from a client machine, but whenever
> I try to do anything on that file system, I get errors that look like
> this:
>
> tjg at junta: cd /mnt
> nfsv4 err=10016
> nfsv4 err=10016
> /mnt: Input/output error.
>
Read this:
http://code.google.com/p/macnfsv4/wiki/FreeBSD8KerberizedNFSSetup
(Still basically applies to FreeBSD9.)
> I can kinit on both boxes, and have done so on my client box; klist
> shows a valid ticket on the client box. I can "mount /mnt" on the
> client without any problems.
>
The client must have the appropriate TGT at time of mount. Unless you
apply the patch mentioned in the above wiki and have the correct /etc/keytab
entry in the client,the mount can only be done by a non-root user after
they have done a kinit. (vfs.usermount=1)
> Here are the relevant configuration files:
>
> server:/etc/rc.conf:
>
> nfs_server_enable="yes"
> nfsv4_server_enable="yes"
> mountd_enable="yes"
> mountd_flags="-r"
> rpcbind_enable="yes"
> rpc_lockd_enable="yes"
> rpc_statd_enable="yes"
> gssd_enable="yes"
>
> server:/etc/exports:
>
> V4: /tank/export -sec=krb5p
>
> client:/etc/rc.conf:
>
> nfs_client_enable="yes"
> rpc_lockd_enable="yes"
> rpc_statd_enable="yes"
> rpcbind_enable="yes"
> devfs_enable="yes"
> gssd_enable="yes"
>
> client:/etc/fstab:
>
> server:/ /mnt nfs rw,noauto,nfsv4,sec=krb5p 0 0
>
Won't work unless the client has the above mentioned patch and the
correct /etc/keytab entry.
Good luck with it, rick
> --
>
> Tim Gustafson
> tjg at soe.ucsc.edu
> 831-459-5354
> Baskin Engineering, Room 313A
> _______________________________________________
> freebsd-fs at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-fs
> To unsubscribe, send any mail to "freebsd-fs-unsubscribe at freebsd.org"
More information about the freebsd-fs
mailing list