cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
magoyal
Flight Engineer Flight Engineer
Flight Engineer
‎01-02-2019 12:13 PM
  • 10.6K Views

access denied while mounting nfs with krb5p

Jump to solution

Hi Team, when i am trying to setup nfs server with krb5p then it gives me error "access denied while mounting server1:/nfs"

steps that i have done:-

server side

1:- firewall-cmd --add-port=0-65535/tcp --permanent

2: -firewall-cmd --reload

3:- yum install nfs* -y

4:- systemctl restart/enable nfs-server

5:- downlaoded the krb5.keytab in /etc

6:- systemctl restart/enable nfs-secure-server

7:- done entry in /etc/exports  eg: /nfs   desktop1(rw,sec=krb5p)

8:- exportfs -avf

at client

mkdir /mnt/nfs

yum install nfs*

download the krb5.keytab in /etc

systemctl restart/enable nfs-secure

mount -o sec=krb5p server1:/nfs /mnt/nfs

 

then it gives me error 

access denied while mounting

 

what can be the reason

 

0 Kudos
Join the discussion
1 Solution

Accepted Solutions
magoyal
Flight Engineer Flight Engineer
Flight Engineer
‎01-04-2019 06:07 AM
  • 8,582 Views

Jump to solution

got the solution, need to do entry in /etc/sysconfig/nfs RPCNFSDARGS="-V 4.2" .

View solution in original post

0 Kudos
14 Replies
Scott
Starfighter Starfighter
Starfighter
‎01-02-2019 04:53 PM
  • 8,649 Views

Jump to solution

I would suggest validating the keytab.  Often, I see students using the wrong option and as a result they save the "OUTPUT" of wget to the file, rather than downloading the keytab file as an output.  Specifically, they confuse -o with -O, be sure to use the right one.

-STM

0 Kudos
magoyal
Flight Engineer Flight Engineer
Flight Engineer
‎01-02-2019 05:02 PM
  • 8,647 Views

Jump to solution

i used -O only eg:- wget -O /etc/krb5.keytab www.xyz.com/server1.keytabs

0 Kudos
Scott
Starfighter Starfighter
Starfighter
‎01-02-2019 05:12 PM
  • 8,645 Views

Jump to solution

Anything more descriptive in one of the logs like /var/log/messages or /var/log/secure?  that may direct your search further.

-STM

0 Kudos
magoyal
Flight Engineer Flight Engineer
Flight Engineer
‎01-03-2019 03:50 AM
  • 8,635 Views

Jump to solution

i am using this in RedHat online lab .

 

0 Kudos
Scott
Starfighter Starfighter
Starfighter
‎01-03-2019 03:27 PM
  • 8,622 Views

Jump to solution

That doesn't change my suggestion of next steps.

-STM

0 Kudos
Traxtopel
Flight Engineer Flight Engineer
Flight Engineer
‎01-03-2019 03:40 PM
  • 8,618 Views

Jump to solution

Did you perform a restorecon on that file?

0 Kudos
LesCorbett
Cadet
Cadet
‎01-04-2019 01:59 AM
  • 8,593 Views

Jump to solution

I agree with Traxtopel's line of thinking. disable selinux to see if there's a context issue.

1. check if selinux is enforcing

# getenforce

# Enforcing

2. if so, temporarily disable

# setenforce 0

#getenforce

# Permissive

then try again

0 Kudos
magoyal
Flight Engineer Flight Engineer
Flight Engineer
‎01-04-2019 05:07 AM
  • 8,588 Views

Jump to solution

if I do this in permissive mode. then what is the meaning of security.  while doing setup of nfs with krb5p  i run this command also setsebool -P nfs_export_all_rw=1

0 Kudos
magoyal
Flight Engineer Flight Engineer
Flight Engineer
‎01-04-2019 06:07 AM
  • 8,583 Views

Jump to solution

got the solution, need to do entry in /etc/sysconfig/nfs RPCNFSDARGS="-V 4.2" .

0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use