Date: Fri, 17 Feb 2012 22:13:48 -0500 (EST) From: Rick Macklem <rmacklem@uoguelph.ca> To: Giulio Ferro <auryn@zirakzigil.org> Cc: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Subject: Re: kerberized NFS Message-ID: <1224440280.1601713.1329534828468.JavaMail.root@erie.cs.uoguelph.ca> In-Reply-To: <4F3E87A2.80000@zirakzigil.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Giulio Ferro wrote: > Thanks everybody again for your help with setting up a working > kerberized nfsv4 system. > > I was able to user-mount a nfsv4 share with krb5 security, and I was > trying to do the same as root. > > Unfortunately the patch I found here: > http://people.freebsd.org/~rmacklem/rpcsec_gss.patch > > fails to apply cleanly on a 9 stable system. > There is now a patch called: http://people.freebsd.org/~rmacklem/rpcsec_gss-9.patch that should apply to a FreeBSD9 or later kernel. For the kernel to build after applying the patch, you will need a kernel config with options KGSSAPI in it, since the patch adds a function that can't be called via one of the XXX_call() functions using the function pointers. Also, review the section of the wiki where it discusses setting vfs.rpcsec.keytab_enctype because the host based initiator keytab entry won't work unless it is set correctly. Good luck with it, rick > Is there a more recent patch available or some better way to > automatically > mount the share at boot time? > > Thanks again. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to > "freebsd-stable-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1224440280.1601713.1329534828468.JavaMail.root>