error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)

To: debian-user@lists.debian.org
Cc: Mc.Sim@k-max.name
Subject: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)
From: "Kramarenko A. Maksim " <Mc.Sim@k-max.name>
Date: Mon, 14 Nov 2011 13:02:48 +0400
Message-id: <[🔎] op.v4xh2ymnr9kh6q@odmen.sag.local>

Hello, All!
Tired of "fighting" with Kreberos.
The second week I can not properly configure the server  NFSv4 and domain on Win 2k8 R2 via kerberos.
Kinit command, etc. work properly and get tickets from the KDC:
=========================
ARCHIV ~ # kinit -k -t /etc/krb5.keytab nfs/archiv.sag.local
 ARCHIV ~ # klist
 Ticket cache: FILE:/tmp/krb5cc_0
 Default principal: nfs/archiv.sag.local@SAG.LOCAL

Valid starting Expires Service principal
 11/11/11 11:48:25 11/11/11 21:48:30 krbtgt/SAG.LOCAL@SAG.LOCAL
 renew until 11/12/11 11:48:25
=========================
but when connecting remotely exported directory, I get the error:
=============================
...daemon.log.....
Nov 8 13:50:10 archiv rpc.gssd[2067]: WARNING: KDC has no support for encryption type while getting initial ticket for principal 'nfs/archiv.sag.local@SAG.LOCAL' using keytab 'WRFILE:/etc/krb5.keytab'
Nov 8 13:50:10 archiv rpc.gssd[2067]: ERROR: No credentials found for connection to server archiv.SAG.local
=============================
I tried to configure nfs client on a test ddistributive - wheezy. no errors! Mounting occurred without error.
I tried to upgrade nfs-common from backports, while rpc.gssd fell with the following messages:
============================
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d4d0c data 0xbf9d4d8c
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d4d0c data 0xbf9d4d8c
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9cfb8c data 0xbf9cfc0c
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d4d0c data 0xbf9d4d8c
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d4d0c data 0xbf9d4d8c
Nov 13 01:43:25 nfs-client rpc.gssd[573]: handling gssd upcall (/var/lib/nfs/rpc_pipefs/nfs/clnt0)
Nov 13 01:43:25 nfs-client rpc.gssd[573]: handle_gssd_upcall: 'mech=krb5 uid=0 '
Nov 13 01:43:25 nfs-client rpc.gssd[573]: handling krb5 upcall (/var/lib/nfs/rpc_pipefs/nfs/clnt0)
Nov 13 01:43:25 nfs-client rpc.gssd[573]: process_krb5_upcall: service is '<null>'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Full hostname for 'debian.sag.local' is 'debian.sag.local'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Full hostname for 'nfs-client.sag.local' is 'nfs-client.sag.local'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Key table entry not found while getting keytab entry for 'NFS-CLIENT$@SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Key table entry not found while getting keytab entry for 'root/nfs-client.sag.local@SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Success getting keytab entry for 'nfs/nfs-client.sag.local@SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Successfully obtained machine credentials for principal 'nfs/nfs-client.sag.local@SAG.LOCAL' stored in ccache 'FILE:/tmp/krb5cc_machine_SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_SAG.LOCAL' are good until 1321170228
Nov 13 01:43:25 nfs-client rpc.gssd[573]: using FILE:/tmp/krb5cc_machine_SAG.LOCAL as credentials cache for machine creds
Nov 13 01:43:25 nfs-client rpc.gssd[573]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine_SAG.LOCAL
Nov 13 01:43:25 nfs-client rpc.gssd[573]: creating context using fsuid 0 (save_uid 0)
Nov 13 01:43:25 nfs-client rpc.gssd[573]: creating tcp client for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: DEBUG: port already set to 2049
Nov 13 01:43:25 nfs-client rpc.gssd[573]: creating context with server nfs@debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: WARNING: Failed to create krb5 context for user with uid 0 for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: WARNING: Failed to create machine krb5 context with credentials cache FILE:/tmp/krb5cc_machine_SAG.LOCAL for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: WARNING: Machine cache is prematurely expired or corrupted trying to recreate cache for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Full hostname for 'debian.sag.local' is 'debian.sag.local'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Full hostname for 'nfs-client.sag.local' is 'nfs-client.sag.local'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Key table entry not found while getting keytab entry for 'NFS-CLIENT$@SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Key table entry not found while getting keytab entry for 'root/nfs-client.sag.local@SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: Success getting keytab entry for 'nfs/nfs-client.sag.local@SAG.LOCAL'
Nov 13 01:43:25 nfs-client rpc.gssd[573]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_SAG.LOCAL' are good until 1321170228
Nov 13 01:43:25 nfs-client rpc.gssd[573]: INFO: Credentials in CC 'FILE:/tmp/krb5cc_machine_SAG.LOCAL' are good until 1321170228
Nov 13 01:43:25 nfs-client rpc.gssd[573]: using FILE:/tmp/krb5cc_machine_SAG.LOCAL as credentials cache for machine creds
Nov 13 01:43:25 nfs-client rpc.gssd[573]: using environment variable to select krb5 ccache FILE:/tmp/krb5cc_machine_SAG.LOCAL
Nov 13 01:43:25 nfs-client rpc.gssd[573]: creating context using fsuid 0 (save_uid 0)
Nov 13 01:43:25 nfs-client rpc.gssd[573]: creating tcp client for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: DEBUG: port already set to 2049
Nov 13 01:43:25 nfs-client rpc.gssd[573]: creating context with server nfs@debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: WARNING: Failed to create krb5 context for user with uid 0 for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: WARNING: Failed to create machine krb5 context with credentials cache FILE:/tmp/krb5cc_machine_SAG.LOCAL for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: WARNING: Failed to create machine krb5 context with any credentials cache for server debian.sag.local
Nov 13 01:43:25 nfs-client rpc.gssd[573]: doing error downcall
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d483c data 0xbf9d48bc
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d483c data 0xbf9d48bc
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d483c data 0xbf9d48bc
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d483c data 0xbf9d48bc
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d483c data 0xbf9d48bc
Nov 13 01:43:25 nfs-client rpc.gssd[573]: dir_notify_handler: sig 37 si 0xbf9d483c data 0xbf9d48bc
Nov 13 01:43:25 nfs-client rpc.gssd[573]: destroying client /var/lib/nfs/rpc_pipefs/nfs/clnt0
==============================

The same error I received the package upgrade nfs-common repositories of wheezy.

Please help me set up nfs-common in the stable - squeeze?

P.S. sorry for my english))


--
Best Regards

Reply to:

Follow-Ups:
- Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)
  - From: Arno Schuring <aelschuring@hotmail.com>

Prev by Date: iceweasel 8.0 www.bsi.de triggers "The connection was reset"
Next by Date: Re: Whats missing from Gnome3
Previous by thread: Re: iceweasel 8.0 www.bsi.de triggers "The connection was reset"
Next by thread: Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)
Index(es):
- Date
- Thread