Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Either sec=sys or sec=krb5(i,p) work but not both

Description

When exporting NFS shares, I would like to have shares with sec=krb5i and shares with sec=sys at the same time.

But for some reason, this does not work anymore since the upgrade to freenas 11.3. 

 

I can either enable "Require Kerberos for NFSv4" and mount the shares using sec=krb5i or disable it and only mount the shares with sec=sys. In the latter case, nfsd complains:  nfsd: can't register svc name. A sample /etc/exports looks like this:

V4: / -sec=sys:krb5:krb5i:krb5p /mnt/data/folder1 -maproot="root":"wheel" -sec=krb5:krb5i:krb5p HOST /mnt/data/folder2 -maproot="root":"wheel" -sec=sys IP

The aforementioned checkbox only seems to affect the first line and determines whether "sys" is present or not.

 

How can the old behavior (freenas 11.2 and older) be restored, that both work at the same time?

Problem/Justification

None

Impact

None

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Show:
Bug Clerk
May 4, 2020 at 2:12 PM
William Gryzbowski
May 4, 2020 at 1:31 PM

12.0 PR will be merged later

Bug Clerk
May 1, 2020 at 4:55 PM
Hannes Stoll
May 1, 2020 at 9:34 AM

The /etc/exports actually looks like expected. However, it is impossible to mount sec=sys shares with "Require Kerberos for NFSv4" enabled, which is obviously the expected behaviour. 

But it is impossible to mount sec=krb when "Require Kerberos for NFSv4" is disabled, which should not be the case.

Overall, it is only possible to use one of these shares at the same type. Both are different exports mounted by different clients.

This issue (as I am aware) only exists since Freenas 11.3, with earlier versions, it worked for me.

Vladimir Vinogradenko
April 30, 2020 at 7:27 PM

 I do not quiet understand what issue are you having. Does /etc/exports file look different from what you're expecting or is it NFS daemon itself that works incorrectly?

Complete

Details

Assignee

Reporter

Labels

Due date

Components

Fix versions

Affects versions

Priority

More fields

Katalon Platform

Created April 30, 2020 at 11:23 AM
Updated May 11, 2020 at 3:33 PM
Resolved May 4, 2020 at 1:31 PM