On 09/20/2014 05:19 PM, Simo Sorce wrote:
On Sat, 20 Sep 2014 19:44:28 +0200
Rob Verduijn rob.verdu...@gmail.com wrote:
Hi again,
Thank you for the quick response.
I've removed the credstore entries that are not necessary for the nfs
access.
Now the users no longer go through gssproxy, but
On Mon, 22 Sep 2014 15:09:42 -0400
Dmitri Pal d...@redhat.com wrote:
On 09/20/2014 05:19 PM, Simo Sorce wrote:
On Sat, 20 Sep 2014 19:44:28 +0200
Rob Verduijn rob.verdu...@gmail.com wrote:
Hi again,
Thank you for the quick response.
I've removed the credstore entries that are not
Hello all,
I've managed to get the gssproxy to work on my installation.
I can now mount my apache document root using sec=krb5p and apache
automagically mounts the share when needed.
However I noticed that now all nfs credentials are going through gssproxy.
Is there a way to disable this for
On Sat, 20 Sep 2014 16:53:48 +0200
Rob Verduijn rob.verdu...@gmail.com wrote:
Hello all,
I've managed to get the gssproxy to work on my installation.
I can now mount my apache document root using sec=krb5p and apache
automagically mounts the share when needed.
However I noticed that now
On Saturday, September 20, 2014 12:15:04 PM Simo Sorce wrote:
[service/nfs-client]
mechs = krb5
cred_store = keytab:/etc/krb5.keytab
cred_store = ccache:FILE:/var/lib/gssproxy/clients/krb5cc_%U
cred_store = client_keytab:/etc/gssproxy/%U.keytab
cred_usage = initiate
Hi again,
Thank you for the quick response.
I've removed the credstore entries that are not necessary for the nfs
access.
Now the users no longer go through gssproxy, but apache does.
I've googled around quite a bit and and it seems that your presentation on
youtube and the gssproxy page
On Sat, 20 Sep 2014 11:38:16 -0500
Anthony Messina amess...@messinet.com wrote:
On Saturday, September 20, 2014 12:15:04 PM Simo Sorce wrote:
[service/nfs-client]
mechs = krb5
cred_store = keytab:/etc/krb5.keytab
cred_store = ccache:FILE:/var/lib/gssproxy/clients/krb5cc_%U
On Sat, 20 Sep 2014 19:44:28 +0200
Rob Verduijn rob.verdu...@gmail.com wrote:
Hi again,
Thank you for the quick response.
I've removed the credstore entries that are not necessary for the nfs
access.
Now the users no longer go through gssproxy, but apache does.
I've googled around quite
2014-09-16 20:57 GMT+02:00 Nordgren, Bryce L -FS bnordg...@fs.fed.us:
Also opened https://fedorahosted.org/freeipa/ticket/4544
Tried to summarize this thread on that ticket.
Back to the OP's concern, whenever I use NFS as a documentroot for apache
(even a WebDAV server), I make a separate
Hi Rob,
How does the NFS server map the apache user to “something” it recognizes? I
would suggest that the easiest solution may be to use an IPA account called
“apache”, so that the mappings would just work, but currently I’m having
trouble running a service as a domain user via systemd.
On Monday, September 15, 2014 06:10:13 PM Nordgren, Bryce L -FS wrote:
How does the NFS server map the apache user to “something” it recognizes? I
would suggest that the easiest solution may be to use an IPA account called
“apache”, so that the mappings would just work, but currently I’m having
11 matches
Mail list logo