On 09/03/2012 09:25 PM, Rick Macklem wrote: > Herbert Poeckl wrote: >> On 6/25/12 1:21 PM, Herbert Poeckl wrote: >>> We are getting access denied error on our debian clients when >>> mounting >>> nfsv4 network drives with kerberos 5 authentication. >>> >>> What is wired about this, is that it works with one server, but not >>> with >>> a second server. >> [..] >> >> For the records: >> >> The problem was fixed in this post: >> http://lists.freebsd.org/pipermail/freebsd-fs/2012-August/015047.html >> > Ok, so are you saying that the patch in Attila's email fixed your problem?
Yes it does. Sorry I missed your following post to his message. > If so, please try the attached patch. (It doesn't set the client security > handle stale when DESTROY fails, due to an invalid encrypted checksum. It > is similar to his patch, but only for the DESTROY case, which seems to be > ok to do from my understanding of the RPCSEC_GSS. It doesn't include the > timer changes, which shouldn't affect the outcome from afaik.) Just tried your patch, and it fixes the problem too. > To consider the client security handle still valid when a data (real RPC > in the message) phase entry fails the encrypted checksum seems riskier to > do, so I'd like to avoid that in any patch for head. > > rick Kind regards, Herbert _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
