[Samba] Samba, Kerberos, Autofs: Shares get disconnected
Rowland Penny
rpenny at samba.org
Wed Feb 28 11:18:10 UTC 2024
On Wed, 28 Feb 2024 11:56:13 +0100
"Pluess, Tobias via samba" <samba at lists.samba.org> wrote:
> Hi Rowland,
>
> I tried that. As follows:
>
>
>
> [root at machinename mnt]# kinit -k MACHINENAME$
Fairly sure I have said this already, but if I haven't, I will say it
now:
Do not use kinit to get the machines kerberos ticket, winbind has
already acquired one for you.
> [root at machinename mnt]# klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: MACHINENAME$@CAMPUS
>
> Valid starting Expires Service principal
> 02/28/2024 11:50:55 02/28/2024 21:50:55 krbtgt/CAMPUS at CAMPUS
> renew until 02/29/2024 11:50:55
> [root at machinename mnt]# mount -t cifs //server/share /mnt/test
> -osec=krb5,multiuser,username=MACHINENAME$
> mount error(13): Permission denied
> Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
>
>
> I don't understand this
I do.
Lets look at this line from your klist output:
Ticket cache: FILE:/tmp/krb5cc_0
The number(s) after the '_' is the Unix ID of the owner.
Now we all know who '0' is (at least I hope we do) ;-)
I do not have a kerberos ticket for the machine in /tmp , but the
share is still mounted.
Rowland
More information about the samba
mailing list