Hi Joachim,
Thank you! As you pointed out, a similar issue exists with rpc.svcgssd but that daemon honors the default keytab location specified in /etc/krb5.conf. The systemd service file simply tests for the wrong condition. Since our issues are related but different, I am cloning the bug. A patch for my issue is attached.
As a side note, anyone using a custom keytab on the server must pass arguments to rpc.svsgssd, yet the daemon runs as root and any separation of privileges, for example by providing /etc/keytabs/nfs.keytab, may not provide additional security benefits.
Your patch is also very much needed. For consistency, I would probably go with RPCSVCGSSDARGS in /lib/systemd/system/rpc-svcgssd.service and provide a default entry for RPCSVCGSSDOPTS in /etc/default/nfs-kernel-server. Thank you!
Best regards,
Felix