If you turn on rpc.gssd debugging and kernel rpc debugging do you seeOn Wed, 2017-01-04 at 10:16 +0100, Rob Verduijn wrote:
> ---------- Forwarded message ----------
> From: Simo Sorce <simo@redhat.com>
> Date: 2017-01-03 17:32 GMT+01:00
> Subject: [gssproxy] Re: gssproxy broken on fedora
> To: The GSS-Proxy developers and users mailing list <
> gss-proxy@lists.fedorahosted.org >
>
>
> On Mon, 2017-01-02 at 19:22 +0100, Rob Verduijn wrote:
> >
> > Nope that does not work on either fc24 or fc25.
> > I did not try centos73 since it already worked on that one.
>
> Given you tried manually, make sure you delete the ccache before trying
> with the client_keytab setting.
>
> If that doesn't work can you set debug = True in the global section and
> tell me if you get any useful output/error ?
>
> Simo.
>
> --
> Simo Sorce * Red Hat, Inc * New York
> _______________________________________________
> gss-proxy mailing list -- gss-proxy@lists.fedorahosted.org
> To unsubscribe send an email to gss-proxy-leave@lists.fedorahosted.org
>
>
> Hi,
>
> I checked for the cache, but there were no cache files present in
> /var/lib/gssproxy/clients.
> I cleaned the sssd cache.
> I set the debug entry, did a reboot, but also no log entries appeared
>
> current /etc/gssproxy/gssproxy.conf
>
> [gssproxy]
> debug=True
>
> [service/HTTP]
> mechs = krb5
> cred_store = keytab:/etc/gssproxy/http.keytab
> cred_store = ccache:/var/lib/gssproxy/clients/krb5cc_%U
> cred_store = client_keytab:/etc/gssproxy/http.keytab
> euid = 48
>
> and tested it with
> su - apache -s /bin/bash
>
> The mount works fine for a regular ipa user on fedora 24/25
> according to systemctl status gssproxy the service is up and running,
>
> [root@fedora-24 ~]# systemctl status gssproxy
> ● gssproxy.service - GSSAPI Proxy Daemon
> Loaded: loaded (/usr/lib/systemd/system/gssproxy.service; disabled;
> vendor preset: disabled)
> Active: active (running) since Wed 2017-01-04 10:05:55 CET; 8min ago
> Main PID: 987 (gssproxy)
> CGroup: /system.slice/gssproxy.service
> └─987 /usr/sbin/gssproxy -D
>
> systemd[1]: Starting GSSAPI Proxy Daemon...
> gssproxy[972]: [2017/01/04 09:05:55]: Debug Enabled (level: 1)
> gssproxy[972]: [2017/01/04 09:05:55]: Client connected (fd = 10)[2017/01/04
> 09:05:55]: (pid = 987) (uid = 0) (gid = 0)[2017/01/04 09:05:55]: (context
> = system_u:system_r:kernel_t:s0)[2017/01/04 09:05:55]:
> Started GSSAPI Proxy Daemon.
anything relevant ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
gss-proxy mailing list -- gss-proxy@lists.fedorahosted.org
To unsubscribe send an email to gss-proxy-leave@lists.fedorahosted.org