I actually ended up figuring this out. For whatever reasons NFS_SECURE=“yes” was not in
the configuration file (/etc/sysconfig/nfs). Once I added that to the configuration on the
NFS server and the client (not sure if it’s needed there or not) but it started working
after resetting all the services.
Thanks for the reply.
-Kevin
> On Nov 8, 2018, at 12:46 PM, Robbie Harwood <rharwood(a)redhat.com> wrote:
>
> Kevin Vasko via FreeIPA-users <freeipa-users(a)lists.fedorahosted.org>
> writes:
>
>> I followed these instructions to enable kerberos within my realm/domain.
>>
>> My FreeIPA, NFS server and my NFS client is CentOS 7.4
>>
>>
https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/kerb-nf...
>>
>> I’m completely stuck in that when I mount the NFS share I get
>>
>> Sudo mount -o sec=krb5p share.example.com:/data/shared /mnt/shared
>>
>> “mount.nfs: access denied by server while mounting
share.example.com:/data/shared”
>>
>> My /etc/exports file
>> /data/shared 172.16.0.0/24(sec=krb5p, rw, ...)
>>
>> On my nfs server /var/log/messages all i see is
>>
>> rpc.mountd[1674]: authenticated mount request from 172.16.0.23:819 for
/data/shared (/data/shared)
>>
>> If i remove the “sec=krb5p” from the mount and the exports file it mounts just
fine.
>
> What messages to you see from rpc.gssd on the client (assuming you're
> using gssproxy)? Also, anything in gssproxy logs on the server or
> client?
>
> Thanks,
> --Robbie