Bug#1002826: rpc-svcgssd.service fails with "unable to obtain root (machine) credentials"
Package: nfs-common
Version: 1:1.3.4-6
systemd moans about krb5.keytab at boot time
```
# systemctl --failed
UNIT LOAD ACTIVE SUB DESCRIPTION
* rpc-svcgssd.service loaded failed failed RPC security service for NFS server
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
1 loaded units listed.
# systemctl status rpc-svcgssd
* rpc-svcgssd.service - RPC security service for NFS server
Loaded: loaded (/etc/systemd/system/rpc-svcgssd.service; static)
Active: failed (Result: exit-code) since Wed 2021-12-29 14:00:51 CET; 8min ago
Process: 301 ExecStart=/usr/sbin/rpc.svcgssd $SVCGSSDARGS (code=exited, status=1/FAILURE)
CPU: 6ms
Dec 29 14:00:50 nfs00.example.com systemd[1]: Starting RPC security service for NFS server...
Dec 29 14:00:50 nfs00.example.com rpc.svcgssd[302]: ERROR: GSS-API: error in gss_acquire_cred(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may provide more information) - No key table entry found matching nfs/@
Dec 29 14:00:50 nfs00.example.com rpc.svcgssd[302]: unable to obtain root (machine) credentials
Dec 29 14:00:50 nfs00.example.com rpc.svcgssd[302]: do you have a keytab entry for nfs/<your.host>@<YOUR.REALM> in /etc/krb5.keytab?
Dec 29 14:00:51 nfs00.example.com systemd[1]: rpc-svcgssd.service: Control process exited, code=exited, status=1/FAILURE
Dec 29 14:00:51 nfs00.example.com systemd[1]: rpc-svcgssd.service: Failed with result 'exit-code'.
Dec 29 14:00:51 nfs00.example.com systemd[1]: Failed to start RPC security service for NFS server.
```
Shouldn't svcgssd either exit silently with 0 or become optional? Looking at
nfs(5) Kerberos authentication for NFS appears to be optional, regardless if
there is a keytab file with or without NFS credentials.
Regards
Harri
Reply to: