[Freeipa-users] Error with kerberos users
Günther J. Niederwimmer
gjn at gjn.priv.at
Tue Mar 3 17:35:17 UTC 2015
Hello,
Am Dienstag, 3. März 2015, 11:15:14 schrieb Dmitri Pal:
> On 03/03/2015 10:39 AM, Günther J. Niederwimmer wrote:
> > Hello,
> >
> > what is wrong on my setup?
> > This is a "normal" install with ipa-server-install and ipa-client install
> > on 5 KVM clients.
> >
> > CentOs 7
> >
> >
> >
> > WARNING: Failed to create krb5 context for user with uid 225200001 for
> > server bbs.gjn.prv
Can this be correct ??
I make a kinit with this user ?
> > Mar 3 16:28:22 smtp1 rpc.gssd[6912]: doing error downcall
> > Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handling gssd upcall
> > (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> > Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handle_gssd_upcall: 'mech=krb5
> > uid=225200001 enctypes=18,17,16,23,3,1,2 '
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: handling krb5 upcall
> > (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: process_krb5_upcall: service is
> > '<null>'
> I assume this is a log from the nfs client shoing the attempt to access
> NFS server.
> Seems like something is misconfigured in the nfs configuration or there
> is a mismatch between the acceptable encryption types on the server and
> on the client.
Yes this is a log from nfs-client but on the server I have the same Errors.
I have all docs I found read .-(.
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: ERROR: GSS-API: error in
> > gss_acquire_cred(): GSS_S_FAILURE (Unspecified GSS failure. Minor code
> > may
> > provide more information) - No Kerberos credentials available
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: getting credentials for client with
> > uid 225200001 for server bbs.gjn.prv
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: CC '/tmp/krb5ccmachine_GJN.PRV'
> > being
> > considered, with preferred realm 'GJN.PRV'
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: CC '/tmp/krb5ccmachine_GJN.PRV'
> > owned by 0, not 225200001
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: getting credentials for client with
> > uid 225200001 for server bbs.gjn.prv
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: Error doing scandir on directory
> > '/run/user/225200001': No such file or directory
Why I have no User (?) and this is not created by a kinit ?
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: WARNING: Failed to create krb5
> > context for user with uid 225200001 for server bbs.gjn.prv
> > Mar 3 16:28:22 smtp1 rpc.gssd[6913]: doing error downcall
> > Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handling gssd upcall
> > (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> > Mar 3 16:28:22 smtp1 rpc.gssd[32155]: handle_gssd_upcall: 'mech=krb5
> > uid=225200001 enctypes=18,17,16,23,3,1,2 '
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: handling krb5 upcall
> > (/var/lib/nfs/rpc_pipefs/nfs/clnt5)
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: process_krb5_upcall: service is
> > '<null>' Mar 3 16:28:22 smtp1 rpc.gssd[6914]: ERROR: GSS-API: error in
> > gss_acquire_cred(): GSS_S_FAILURE (Unspecified GSS failure. Minor code
> > may
> > provide more information) - No Kerberos credentials available
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: getting credentials for client with
> > uid 225200001 for server bbs.gjn.prv
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: CC '/tmp/krb5ccmachine_GJN.PRV'
> > being
> > considered, with preferred realm 'GJN.PRV'
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: CC '/tmp/krb5ccmachine_GJN.PRV'
> > owned by 0, not 225200001
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: getting credentials for client with
> > uid 225200001 for server bbs.gjn.prv
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: Error doing scandir on directory
> > '/run/user/225200001': No such file or directory
> > Mar 3 16:28:22 smtp1 rpc.gssd[6914]: WARNING: Failed to create krb5
> > context for user with uid 225200001 for server bbs.gjn.prv
Thank's for answer.
--
mit freundlichen Grüßen / best Regards,
Günther J. Niederwimmer
More information about the Freeipa-users
mailing list