Author: Jackman Date: To: DNG Subject: [DNG] NFS+Kerberos on Beowulf
Has anyone successfully gotten NFS and Kerberos working together on
Beowulf? I was able to get a working setup going in a fresh Debian Buster
VM in about 10 minutes. On the other hand, I've been working on trying to
get it working on Beowulf for two days without success.
I had to change the 'NEED_GSSD' value to get the gssd service running. I
think (I'd have to check) it was enabled by default on Buster.
➜ ~ mount -t nfs4 storage0:/srv/nfs-test /mnt/test -v
mount.nfs4: timeout set for Sun Feb 14 00:15:18 2021
mount.nfs4: trying text-based options
'vers=4.2,addr=10.1.0.100,clientaddr=10.1.0.100'
mount.nfs4: mount(2): Operation not permitted
mount.nfs4: trying text-based options 'addr=10.1.0.100'
mount.nfs4: prog 100003, trying vers=3, prot=6
mount.nfs4: trying 10.1.0.100 prog 100003 vers 3 prot TCP port 2049
mount.nfs4: prog 100005, trying vers=3, prot=17
mount.nfs4: trying 10.1.0.100 prog 100005 vers 3 prot UDP port 53016
mount.nfs4: mount(2): Permission denied
mount.nfs4: access denied by server while mounting storage0:/srv/nfs-test
That above mount command is being issued on the same machine as the
kerberos and NFS host. Changing the 'vers' and 'sec' mount options has
little effect, but I'd be happy to post in variations if you think there's
a clue to be had there.
I find this interesting in the logs:
==> syslog <==
Feb 14 00:15:10 storage0 rpc.mountd[30724]: authenticated mount request
from 10.1.0.100:830 for /srv/nfs-test (/srv/nfs-test)