From owner-freebsd-stable@FreeBSD.ORG Fri Jan 27 18:15:43 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BD657106566C; Fri, 27 Jan 2012 18:15:43 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from mx1.giulioferro.ch (mx1.giulioferro.ch [217.150.252.208]) by mx1.freebsd.org (Postfix) with ESMTP id 681C78FC0A; Fri, 27 Jan 2012 18:15:43 +0000 (UTC) Received: from mailscan.giulioferro.ch (unknown [192.168.115.2]) by mx1.giulioferro.ch (Postfix) with ESMTP id 7F19736F31; Fri, 27 Jan 2012 18:58:51 +0100 (CET) X-Virus-Scanned: amavisd-new at example.com Received: from mx1.giulioferro.ch ([192.168.114.4]) by mailscan.giulioferro.ch (mailscan.giulioferro.ch [192.168.115.2]) (amavisd-new, port 10024) with ESMTP id iCK4WqAniHtD; Fri, 27 Jan 2012 18:58:48 +0100 (CET) Received: from mail.zirakzigil.org (net-93-70-48-129.cust.dsl.vodafone.it [93.70.48.129]) by mx1.giulioferro.ch (Postfix) with ESMTP id 9929036F1B; Fri, 27 Jan 2012 18:58:48 +0100 (CET) Received: from ext.zirakzigil.org (unknown [192.168.1.2]) by mail.zirakzigil.org (Postfix) with ESMTP id 5BDF519282F; Fri, 27 Jan 2012 18:58:48 +0100 (CET) X-Virus-Scanned: amavisd-new at zirakzigil.org Received: from mail.zirakzigil.org ([192.168.1.2]) by ext.zirakzigil.org (ext.zirakzigil.org [192.168.1.2]) (amavisd-new, port 10024) with ESMTP id otg5R2JXZrzg; Fri, 27 Jan 2012 18:58:47 +0100 (CET) Received: from [192.168.10.83] (ext [192.168.1.2]) (Authenticated sender: auryn@zirakzigil.org) by mail.zirakzigil.org (Postfix) with ESMTPA id C0F3D192829; Fri, 27 Jan 2012 18:58:47 +0100 (CET) Message-ID: <4F22E5D7.4000707@zirakzigil.org> Date: Fri, 27 Jan 2012 18:58:47 +0100 From: Giulio Ferro User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111229 Thunderbird/9.0 MIME-Version: 1.0 To: "freebsd-net@freebsd.org" , freebsd-stable@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: kerberized NFS X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2012 18:15:43 -0000 I'm trying to setup a kerberized NFS system made of a server and a client (both freebsd 9 amd64 stable) I've tried to follow this howto: http://code.google.com/p/macnfsv4/wiki/FreeBSD8KerberizedNFSSetup But couldn't get much out of it. First question : is this howto still valid or something more recent should be followed? I've searched with Google but I've come up empty. I've set up kerberos heimdal, created the dns entries for both client and server, set up krb5.keytab and copied it to client, set up nfs4 according to man nfsv4: (server) cat /etc/exports V4: /usr/src -sec=krb5:krb5i:krb5p and then tried to mount it from the client: mount_nfs -o ntfsv4,sec=krb5i,gssname=nfs nfsinternal1.dcssrl.it:/usr/src /usr/src but it failed with : [tcp] nfsinternal1.dcssrl.it:/usr/src: Permission denied Can you point me to something that I might have got wrong? Thanks in advance.