[Freeipa-users] Error with kerberos users
Dmitri Pal
dpal at redhat.com
Tue Mar 3 16:15:14 UTC 2015
On 03/03/2015 10:39 AM, Günther J. Niederwimmer wrote:
> Hello,
>
> what is wrong on my setup?
> This is a "normal" install with ipa-server-install and ipa-client install on 5
> KVM clients.
>
> CentOs 7
>
>
>
> WARNING: Failed to create krb5 context for user with uid 225200001 for server
> bbs.gjn.prv
> Mar 3 16:28:22 smtp1 rpc.gssd[6912]: doing error downcall
> Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handling gssd upcall
> (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handle_gssd_upcall: 'mech=krb5
> uid=225200001 enctypes=18,17,16,23,3,1,2 '
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: handling krb5 upcall
> (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: process_krb5_upcall: service is '<null>'
I assume this is a log from the nfs client shoing the attempt to access
NFS server.
Seems like something is misconfigured in the nfs configuration or there
is a mismatch between the acceptable encryption types on the server and
on the client.
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: ERROR: GSS-API: error in
> gss_acquire_cred(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may
> provide more information) - No Kerberos credentials available
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: getting credentials for client with uid
> 225200001 for server bbs.gjn.prv
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: CC '/tmp/krb5ccmachine_GJN.PRV' being
> considered, with preferred realm 'GJN.PRV'
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: CC '/tmp/krb5ccmachine_GJN.PRV' owned by
> 0, not 225200001
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: getting credentials for client with uid
> 225200001 for server bbs.gjn.prv
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: Error doing scandir on directory
> '/run/user/225200001': No such file or directory
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: WARNING: Failed to create krb5 context
> for user with uid 225200001 for server bbs.gjn.prv
> Mar 3 16:28:22 smtp1 rpc.gssd[6913]: doing error downcall
> Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handling gssd upcall
> (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handle_gssd_upcall: 'mech=krb5
> uid=225200001 enctypes=18,17,16,23,3,1,2 '
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: handling krb5 upcall
> (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: process_krb5_upcall: service is '<null>'
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: ERROR: GSS-API: error in
> gss_acquire_cred(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may
> provide more information) - No Kerberos credentials available
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: getting credentials for client with uid
> 225200001 for server bbs.gjn.prv
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: CC '/tmp/krb5ccmachine_GJN.PRV' being
> considered, with preferred realm 'GJN.PRV'
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: CC '/tmp/krb5ccmachine_GJN.PRV' owned by
> 0, not 225200001
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: getting credentials for client with uid
> 225200001 for server bbs.gjn.prv
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: Error doing scandir on directory
> '/run/user/225200001': No such file or directory
> Mar 3 16:28:22 smtp1 rpc.gssd[6914]: WARNING: Failed to create krb5 context
> for user with uid 225200001 for server bbs.gjn.prv
>
> Thank's for answer.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
More information about the Freeipa-users
mailing list