Thomas Sailer wrote:

After upgrading one IPA client from Fedora12 to Fedora13 (the server
runs Fedora12), I'm experiencing NFS4 problems.

I can still mount the server from the client like this:
mount -t nfs4 -o soft,intr,rsize=8192,wsize=8192,rw,sec=krb5p /tmp/z
root can then successfully list subdirectories with ls /tmp/z. However,
when a normal user tries to do this, he gets -EACCES.

Permissions of /tmp/z should be ok:

# ls -ldZ /tmp/z
drwxr-xr-x. root root system_u:object_r:nfs_t:s0       /tmp/z

# getfacl /tmp/z
getfacl: Removing leading '/' from absolute path names
# file: tmp/z
# owner: root
# group: root

# nfs4_getfacl /tmp/z

It worked under Fedora 12. Does anybody have an idea what went wrong?

I assume the keytab is still valid since the mount succeeds and root works. Kerberos otherwise works ok on this machine, you can kinit, etc?

You might want to check the kdc log on and the 389-ds log, you might see some querying to find the user for authentication.

Do things like 'getent passwd <someuser>' still work?


Freeipa-users mailing list

Reply via email to