the life of kerberos

[living@the-dream ~]$ ls /mnt/terrafirma/
ls: cannot open directory /mnt/terrafirma/: Permission denied
[living@the-dream ~]$ grep terrafirma /etc/fstab
# read/write NFS terrafirma mount:
terrafirma:/ /mnt/terrafirma/ nfs4 sec=krb5,rw,users,noauto,x-systemd.automount,x-systemd.device-timeout=1imeo=14,noatime 0 0
[living@the-dream ~]$ kinit
Password for living@CALLIGRAPHY.PEN:
[living@the-dream ~]$ ls /mnt/terrafirma/
cost memories footsteps
[living@the-dream ~]$ touch /mnt/terrafirma/
touch: setting times of '/mnt/terrafirma/': Read-only file system
[living@the-dream ~]$ touch /mnt/terrafirma/cost/
touch: setting times of '/mnt/terrafirma/cost/': Permission denied
[living@the-dream ~]$ touch /mnt/terrafirma/memories/
touch: setting times of '/mnt/terrafirma/memories/': Read-only file system
[living@the-dream ~]$ touch /mnt/terrafirma/footsteps/
[living@the-dream ~]$ kdestroy
[living@the-dream ~]$ ls /mnt/terrafirma/
cost memories footsteps
[living@the-dream ~]$ umount /mnt/terrafirma
[living@the-dream ~]$ ls /mnt/terrafirma/
ls: cannot open directory /mnt/terrafirma/: Permission denied
[living@the-dream ~]$ umount /mnt/terrafirma
[living@the-dream ~]$ umount /mnt/terrafirma
umount: /mnt/terrafirma: umount failed: Operation not permitted
[living@the-dream ~]$ sudo systemctl stop mnt-terrafirma.automount
[sudo] password for living:
[living@the-dream ~]$ ls /mnt/terrafirma/
[living@the-dream ~]$ kinit
Password for living@CALLIGRAPHY.PEN:
[living@the-dream ~]$ ls /mnt/terrafirma/
[living@the-dream ~]$ mount /mnt/terrafirma/
[living@the-dream ~]$ ls /mnt/terrafirma/
cost memories footsteps
[living@the-dream ~]$ kdestroy
[living@the-dream ~]$ kinit
Password for living@CALLIGRAPHY.PEN:
[living@the-dream ~]$ kinit
Password for living@CALLIGRAPHY.PEN:
kinit: Password read interrupted while getting initial credentials
[living@the-dream ~]$ klist
Ticket cache: FILE:/tmp/krb5cc_2015
Default principal: living@CALLIGRAPHY.PEN

Valid starting Expires Service principal
20/06/15 22:04:18 21/06/15 08:04:18 krbtgt/CALLIGRAPHY.PEN@CALLIGRAPHY.PEN
renew until 21/06/15 22:04:14
[living@the-dream ~]$ hostname
the-dream
[living@the-dream ~]$ hostname -f
the-dream.calligraphy.pen
[living@the-dream ~]$ id
uid=2015(living) gid=2015(flagrant) groups=2015(flagrant),10(wheel),92(audio),95(storage),1101(printadmin),1108(lp),1109(scanner)
[living@the-dream ~]$


Information

"the life of kerberos"

demonstration of kerberos authentication for nfs share access

Journal entry - 22:25 Saturday 20 June 2015

DISCLAIMER: The opinions and attitudes of James W. Morris as expressed here in the past may or may not accurately reflect the opinions and attitudes of James W. Morris at present, moreover, they may never have.

Comments

this page last updated:22nd August 2015 jwm-art.net (C) 2003 - 2017 James W. Morris

script time:0.0257