[Samba] [CentOS] Samba4 and NFSv4

Steve Thompson smt at vgersoft.com
Thu Jun 20 15:44:18 MDT 2013

On Thu, 20 Jun 2013, John Hodrien wrote:

> Is it possible that Samba4 includes a large PAC on the kerberos 
> credential and you're going over the limit in kernel?

Well, that is a good avenue to explore. The user that I am testing with 
(me) is only in five groups, but nevertheless I will take a further look 
at that....

Five minutes later: holy crap! That is it. I took a user in only one 
group: permission denied. I set the NO_AUTH_DATA_REQUIRED flag in 
userAccountControl (via ldbedit), and hey presto NFSv4+krb5 now works. You 
sir are a steely-eyed missile man!

> I'm not convinced your comment about having to run svcgssd on clients is 
> enforced due to CentOS init scripts, but it shouldn't cause any bother 
> as you say.

No, it doesn't cause any bother. It just seems that the start of both 
rpc.gssd and rpc.svcgssd are conditional on SECURE_NFS being set to "yes".
There are no NEED_GSSD or NEED_SVCGSSD or whatever to filter it further.


More information about the samba mailing list