On 10/16/07, Ido Levy <[EMAIL PROTECTED]> wrote: > > Hello All, > > We are trying to understand the behavior of a system that support automount > by NFSv4 with security flavor krb5. > We have both Linux and AIX clients and when logging to these clients as the > root user we have noticed that: > > 1) From the Linux client as the "root" user we are able to access (cd, > ls, df ) NFSv4 mount point without any kerberos ticket. > 2) From the AIX client as the "root" user without any kerberos ticket we > got "permission denied" error when trying to cd to the mount point and its > sub-dirs. > > We are using AIX-5.3 as NFSv4 server and RHEL 5/AIX-5.3 as NFSv4 clients. > We are wondering what should be the normal behavior of such scenario. > > We would appreciate your advice
This is more an NFS question than a Kerberos question. The reason that access works on Linux is that the current default behavior on Linux is to always use the machine credentials (the nfs/<hostname> keytab) on the client for accesses from root. This behavior can be disabled, which then requires that root obtain Kerberos credentials before mounting. K.C. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
