Launchpad has imported 2 comments from the remote bug at https://bugzilla.kernel.org/show_bug.cgi?id=93891.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2015-02-26T15:30:41+00:00 bryan.quigley+bugs wrote: The NFS client caches credentials and doesn't expose a way for kdestroy (or any other tool AFAIK to clear them). How to reproduce: Start as unpriviledged (in a kerberos sense) user with access to a kerberos protected NFS share (in this case it contains home directories) kinit user1 ls ~user1 #Test user1 permissions, this should always succeed (and does) kdestroy #should destroy user1 permissions kinit user2 ls ~user2# this should succeed, but it fails ls ~user1# this should fail, but it still works! This appears to be known upstream: http://www.citi.umich.edu/projects/nfsv4/linux/faq/#krb5_006 Bits and pieces of an earlier attempt at a fix: http://www.spinics.net/lists/linux-nfs/msg34236.html nfslogin/logout prototype http://www.citi.umich.edu/projects/asci/icsi-alpha/nfs-utils-patches/1.0.10-asci-2/nfs-utils-1.0.10-asci-017-add_nfslogin.dif Another bug request: https://fedorahosted.org/gss-proxy/ticket/1 (and linked discussion) Launchpad bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1424727 Workarounds: Unmount/Mount NFS share Reply at: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1424727/comments/5 ------------------------------------------------------------------------ On 2015-03-30T16:27:01+00:00 bryan.quigley+bugs wrote: If spinics is down use http://linux- nfs.vger.kernel.narkive.com/JHXBEH6t/patch-0-2-rfc-enable-the-use-of- the-keyring-credential-cache [PATCH 0/2] RFC: enable the use of the KEYRING credential cache Reply at: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1424727/comments/6 ** Changed in: linux Status: Unknown => Confirmed ** Changed in: linux Importance: Unknown => Medium ** Bug watch added: fedorahosted.org/gss-proxy/ #1 https://fedorahosted.org/gss-proxy/ticket/1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1424727 Title: NFS access not revoked on kdestroy To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1424727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
