[Samba] nfs4 with Samba 4

steve steve at steve-ss.com
Sat Jan 28 02:40:24 MST 2012

Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1

Conventional nfs4 export works fine, but I'm having trouble kerberizing 
it for Samba 4 for my Samba 4 users.

I've setup the nfs4 pseudo stuff like this:
hh3:/ # mkdir /export
hh3:/ # mkdir /export/home
hh3:/ # mount --bind /home /export/home

Here is /etc/exports:
/export        gss/krb5(rw,fsid=0,insecure,no_subtree_check,async)
/export/home    gss/krb5(rw,nohide,insecure,no_subtree_check,async)

/etc/sysconfig/nfs has:

I have used samba-tool to make an nfs service principal and it responds:
Kerberos: TGS-REQ HH3$@HH3.SITE from ipv4: for 
nfs/hh3.hh3.site at HH3.SITE [canonicalize, renewable]
Kerberos: TGS-REQ authtime: 2012-01-28T09:31:37 starttime: 
2012-01-28T09:31:37 endtime: 2012-01-28T19:31:37 renew till: 
when I:
mount -t nfs4 hh3:/home /mnt -o sec=krb5

It mounts OK and mount shows:
hh3:/home/ on /mnt type nfs4 

Autenticated Samba 4 users get 'Permission denied when trying to cd to 
/mnt. Only root can enter. The permissions using ls -la are:
d?????????   ? ?    ?        ?            ? mnt
You can see that /home has indeed been mounted but with strange permissions.

Has anyone tried nfs with Samba 4 Kerberos?
Why the permissions?
What am I missing?


More information about the samba mailing list