On 28/01/12 12:21, steve wrote:
On 28/01/12 11:03, Gémes Géza wrote:
Summary:
1. kerberized /etc/exports
/export gss/krb5(rw,fsid=0,insecure,no_subtree_check,async)
/export/home gss/krb5(rw,nohide,insecure,no_subtree_check,async)
then:
mount -t nfs4 hh3:/home /mnt -o sec=krb5
no write access
2. conventional /etc/exports
/export *(rw,fsid=0,insecure,no_subtree_check,async)
/export/home *(rw,nohide,insecure,no_subtree_check,async)
then:
mount -t nfs4 hh3:/home /mnt
write access OK
3. kerberized variation on /etc/exports
/export
*(rw,fsid=0,crossmnt,insecure,no_subtree_check,async,sec=krb5)
/export/home *(rw,insecure,no_subtree_check,async,sec=krb5)
then:
mount -t nfs4 hh3:/home /mnt -o sec=krb5
no write access
I have tried all combos of crossmnt and nohide
idmapd seems to be mapping correctly and id <user> gives what getent gives
Any ideas? Why does the kerberized mount not allow rw access?
Steve
Geza, do you think it's worth sticking this on samba technical?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
