From owner-freebsd-fs@freebsd.org Mon May 2 13:51:10 2016 Return-Path: Delivered-To: freebsd-fs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B90EFB29D3B for ; Mon, 2 May 2016 13:51:10 +0000 (UTC) (envelope-from juan@tf.uni-kiel.de) Received: from mhost.tf.uni-kiel.de (mhost.tf.uni-kiel.de [134.245.247.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 473921897 for ; Mon, 2 May 2016 13:51:09 +0000 (UTC) (envelope-from juan@tf.uni-kiel.de) Received: from amavis.tf.uni-kiel.de (unknown [192.168.247.79]) by mhost.tf.uni-kiel.de (Postfix) with ESMTP id D2CCFBA946E for ; Mon, 2 May 2016 15:41:08 +0200 (CEST) X-Virus-Scanned: amavisd-new at tf.uni-kiel.de Received: from mhost.tf.uni-kiel.de ([134.245.247.71]) by amavis.tf.uni-kiel.de (amavis.tf.uni-kiel.de [192.168.247.79]) (amavisd-new, port 10025) with ESMTP id Qu9I2Qv0lO0k for ; Mon, 2 May 2016 15:40:59 +0200 (CEST) Received: from mail-oi0-f51.google.com (mail-oi0-f51.google.com [209.85.218.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mhost.tf.uni-kiel.de (Postfix) with ESMTPSA id 09D2EBA943C for ; Mon, 2 May 2016 15:40:59 +0200 (CEST) Received: by mail-oi0-f51.google.com with SMTP id x19so189277332oix.2 for ; Mon, 02 May 2016 06:40:58 -0700 (PDT) X-Gm-Message-State: AOPr4FXytrpkO9DULaKGulmwOWx9J3bhMTny6lHuQ/1EaVJBTUaNJ3ppbxfurhabEqIj4szI65wL29uB8x8d5g== MIME-Version: 1.0 X-Received: by 10.157.59.3 with SMTP id z3mr13456789otb.173.1462196457227; Mon, 02 May 2016 06:40:57 -0700 (PDT) Received: by 10.157.9.8 with HTTP; Mon, 2 May 2016 06:40:57 -0700 (PDT) Date: Mon, 2 May 2016 15:40:57 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Mounting FreeBSD NFSv4 share on Linux using krb5 From: Julian Andrej To: freebsd-fs@freebsd.org, rmacklem@uoguelph.ca Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 May 2016 13:51:10 -0000 Hello, i'm desperately trying to mount a nfsv4 export from FreeBSD on a Linux client using sec=krb5. So my setup is as follows: FreeBSD host which is the KDC. Linux client which can auth via kerberos and should be able to mount the nfs share. Mounting the share with sec=krb5 from FreeBSD on another FreeBSD box is no problem, but it fails on the linux client. The client fails with $ sudo mount -t nfs4 -o sec=krb5 ***:/tank/homes mnt -vv mount.nfs4: timeout set for Mon May 2 15:39:19 2016 mount.nfs4: trying text-based options 'sec=krb5,addr=***,clientaddr=***' mount.nfs4: mount(2): Input/output error mount.nfs4: mount system call failed and on the FreeBSD host i get the message gssd_pname_to_uid: failed major=0xd0000 minor=-1765328227 gssd_release_name: done major=0x0 minor=0 gssd_release_cred: done major=0x0 minor=0 which translates to KRB5_NO_LOCALNAME. I have the appropriate principals with nfs/* for the host and client! I have tried heimdal from base and MIT krb5 from ports. Both show the same behavior. The actual kernel log from linux is: Mai 02 15:37:19 *** kernel: NFS: nfs4_discover_server_trunking unhandled error -121. Exiting with error EIO Can anyone guide me to a possible solution here? Regards Julian