KRB5 NFS Mount only accessible by root

Kernels & Hardware, configuring network, installing services

KRB5 NFS Mount only accessible by root

Postby foobarry » 2019-08-02 16:06


I have a NFS share which I am mounting on Debian 10 (buster) as follows in the fstab:

Code: Select all /mnt/foo nfs4 defaults,sec=krb5p,noexec,nosuid,_netdev,auto 0 0

On the server, exports reads as follows:
Code: Select all

The NFS share mounts perfectly on the Debian client.
Root can read/write/delete from the share perfectly.

But a "standard" user can't do anything, e.g.

Code: Select all
/mnt$ ls
ls: cannot access 'foo': Permission denied

The purpose of this share is to, for example, allow system services running as lesser users to save files. Therefore non-root access is key.

Where am I going wrong ?

Thanks !
Posts: 1
Joined: 2019-08-02 15:56

Re: KRB5 NFS Mount only accessible by root

Postby ruwolf » 2019-08-07 06:43

Does Wiki not help you? NFS/Kerberos

Note: NFS Access restrictions using kerberos wrote:The client must have a valid ticket, usually obtained by pam_sss, pam_krb5, ssh -K, kinit, or k5start.
The server and the client must both resolve the same kerberos principals to the same usernames.
User avatar
Posts: 392
Joined: 2008-02-18 05:04
Location: Slovakia, Banovce nad Bebravou, Matice slovenskej 1260/4-7

Return to System configuration

Who is online

Users browsing this forum: No registered users and 10 guests