Right. the documentation is often not clear. Most Linux client software will try several principals. One of them is host/hostname. So you don’t need nfs/hostname. Since nfs/hostname is one of the principals it tries, some documentation says to use that principal.
> On Jun 19, 2018, at 3:24 AM, Tony Brian Albers via FreeIPA-users > <freeipa-users@lists.fedorahosted.org> wrote: > > In case you haven't found out yet, only the nfs servers need service > principals. > > /tony > > > On 09/06/18 01:29, Zane Zak via FreeIPA-users wrote: >> I know that this is not the ideal list for NFS questions, but I'm not >> sure of a better one. >> >> I'm exploring NFSv4 with kerberos security, all tied into FreeIPA. >> >> My question is whether or not the NFSv4 clients need nfs service >> principals. Obviously the NFSv4 server needs both, but the client side >> is where I'm confused. >> >> Some documentations say the client needs both a host and nfs service >> principal: >> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/storage_administration_guide/s3-nfs-security-hosts-nfsv4 >> >> Other documentations say the client needs just a host principal: >> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/storage_administration_guide/s1-nfs-security#s3-nfs-security-hosts-nfsv4 >> >> Any clarification would be appreciated. >> >> Thanks! >> >> ZZ >> _______________________________________________ >> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org >> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org >> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/XB5RFPK6K2NAMXDGOUIZNQ4HJLGQH2FG/ >> > > > -- > Tony Albers > Systems administrator, IT-development > Royal Danish Library, Victor Albecks Vej 1, 8000 Aarhus C, Denmark. > Tel: +45 2566 2383 / +45 8946 2316 > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/UNKMVLCFE2ZODRXVS6A4OS7HURLN4BRE/ _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/V5HGDYELJ3UQJXSWOZ625JGBDMJSPA7K/
