Going back to previous posts where our unix admin has exported the homedirs from our netapp filer with krb security, I have picked back up the lab image, and implemented src=krb5 in the fstab.
Now, when I ssh into the box, I get Could not chdir to home directory /xxxx/mikec: Permission denied
If I do a mount, the box has mounted the export
server:/xxx/xxxx/export/home on /xxxxx type nfs (rw,nosuid,nodev,noatime,sec=krb5,rsize=32768,wsize=32768,intr,tcp,addr=x.x.x.x)
I assume this is because no kinit has been performed, and therefor no valid kerberos credentials exist to get into the home directory?
So, I tried to get credentials :-
mikec@pc:/$ /opt/quest/bin/vastool kinit mikec
Password for mikec@domain:
mikec@pc:/$ /opt/quest/bin/vastool klist
Credentials cache: FILE:/tmp/krb5cc_1672
Principal: mikec@domain
Issued Expires Principal
Aug 11 21:02:05 Aug 12 07:02:05 pc-LNX$@realm
Aug 11 21:06:15 Aug 12 07:06:15 krbtgt/realm@realm
you will see that a ticket was obtained, but when I try and go back into the home directory, it is still denied, even though credentials now exist.
mikec@pc:/$ cd
-bash: cd: /xxxx/mikec: Permission denied
If I do an actual kinit, which I got from the krb5-user package
mikec@pc:/$ kinit
Password for mikec@realm:
kinit: KDC has no support for encryption type while getting initial credentials
mikec@pc:~$ kinit
Password for mikec@realm:
first time the error regarding encryption,second time straight through, and then success
mikec@pc:~$ cd
mikec@pc:~$ pwd
/xxxx/mikec
Any ideas why the vastool kinit is not working but the standard kinit is?
I know I have removed certain personal information regarding domain names etc, but please feel free to ask me to any questions if it helps to offer me a solution, because this seems very strange to me.