RHEL4's gssd requires that the server run the portmapper. On a NFSv4 only host
that isn't running it, v4 krb5 mounts fail with an error message similar to:
Feb 6 19:07:40 redhat-22 rpc.gssd: WARNING: can't create rpc_clnt for
server foo.bar.baz for user with uid 0: RPC: Remote system error - No route to
There were some patches that went upstream from Bruce Fields that should fix
this but they need to be backported:
Link to different archive that wont munge the patch.
Created attachment 152566 [details]
patch 1 -- Increase size of rpc send/receive buffers (and skip portmap call)
Actually, this was Kevin Coffman's patch, I think. Description:
Change the clnt_create() to use routines which allow us to set the
send and receive buffer size. This is needed for larger spkm3
exchanges including certificate chains.
This has the side-effect of skipping the portmap call since
we specify the port (by specifying the service) when getting
the server's address information.
Created attachment 152568 [details]
patch -- Use service portion of clp->servicename rather than hard-coding "nfs"
A follow on patch that removes the hardcoded "nfs" in the service name.
Set up a krb5 nfs server (I used a RHEL5 xen guest).
# service nfs restart
# service portmap stop
On client, mount the filesystem using -o sec=krb5. Without the 2 patches above,
the mount will fail, and gssd will throw an error that it can't create the rpc_clnt.
*** Bug 225154 has been marked as a duplicate of this bug. ***
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
Committed in nfs-utils-1.0.6-81.EL4
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.