NFS (Network File System) protocol

NFS stands for Network File System protocol.

This page will serve as an entry point for all things NFS within CSCF.

NFS Filesystems using K"> Mounting NFS Filesystems using Kerberos Security

A preliminary examination of would seem to be advisable.

This section is incomplete and assumes you have the general notes AD interaction with UNIX.

Questions include whether the NFS server still has to have general host permissions setup, i.e., based only on IP addresses?

  • Run apt-get install nfs-common.
  • Edit /etc/default/nfs-common and set both NEED_IDMAPD and NEED_GSSD to yes.
  • Create an account in AD representing the nfs service principal and generate a keytab file.
  • Merge the keytab file with /etc/krb5.keytab:
      # ktutil
      ktutil: rkt /location/of/nfs-keytab
      ktutil: l
      slot KVNO Principal
      ---- ---- ---------------------------------------------------------------------
         1    2 nfs/
      ktutil: wkt /etc/krb5.keytab
      ktutul: quit
      # ktutil
      ktutil: rkt /etc/krb5.keytab
      ktutil: l
      slot KVNO Principal
      ---- ---- ---------------------------------------------------------------------
         1    2 host/
         2    2 nfs/
      ktutil: quit

  • Mount a file system with something like mount -t nfs -o sec=krb5 fileserver:/path /path

External Links

-- WalterTautz - 10 Jun 2008

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r3 - 2008-06-13 - WalterTautz
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback