<div dir="auto">What's kinit show for your second user? It sounds like it needs a token (or access to one).<div dir="auto"><br></div><div dir="auto">Usually every user that requires access needs a ticket (so kinit needs to reflect that, or it will bounce)</div><div dir="auto"><br></div><div dir="auto">/Chris </div><br><br><div class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">On Thu, 16 Jul 2020, 1:16 pm Alex, <<a href="mailto:alex@spottedmouse.com">alex@spottedmouse.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-AU" link="#0563C1" vlink="#954F72"><div class="m_4651952467571885076WordSection1"><p class="MsoNormal">Hi all,<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">I am looking at running a service under a local system account on a linux server, but need to be able to access a NFS v4 share with Kerberos enabled security. As root user I can see that using the machine’s Kerberos ticket access to the share works successfully. However as soon as I try to access the share using another local system account access to the share is denied.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">I am hoping we have a local Kerberos expert who might be able to point me in the direction on how this is usually done. Any pointers on how to allow local system users access to the Kerberos tickets and the share would really help me out.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Kind regards<u></u><u></u></p><p class="MsoNormal">Alex<u></u><u></u></p></div></div>_______________________________________________<br>
PLUG discussion list: <a href="mailto:plug@plug.org.au" target="_blank" rel="noreferrer">plug@plug.org.au</a><br>
<a href="http://lists.plug.org.au/mailman/listinfo/plug" rel="noreferrer noreferrer" target="_blank">http://lists.plug.org.au/mailman/listinfo/plug</a><br>
Committee e-mail: <a href="mailto:committee@plug.org.au" target="_blank" rel="noreferrer">committee@plug.org.au</a><br>
PLUG Membership: <a href="http://www.plug.org.au/membership" rel="noreferrer noreferrer" target="_blank">http://www.plug.org.au/membership</a></blockquote></div></div>