From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tuhs-bounces@minnie.tuhs.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.9 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no
	version=3.4.2
Received: from minnie.tuhs.org (minnie.tuhs.org [45.79.103.53])
	by inbox.vuxu.org (OpenSMTPD) with ESMTP id 40accf66
	for <ml@inbox.vuxu.org>;
	Wed, 26 Dec 2018 02:08:42 +0000 (UTC)
Received: by minnie.tuhs.org (Postfix, from userid 112)
	id 82E9BA3667; Wed, 26 Dec 2018 12:08:41 +1000 (AEST)
Received: from minnie.tuhs.org (localhost [127.0.0.1])
	by minnie.tuhs.org (Postfix) with ESMTP id 2763DA366C;
	Wed, 26 Dec 2018 12:08:08 +1000 (AEST)
Received: by minnie.tuhs.org (Postfix, from userid 112)
 id 2CB2193EA4; Wed, 26 Dec 2018 12:08:07 +1000 (AEST)
X-Greylist: delayed 403 seconds by postgrey-1.36 at minnie.tuhs.org;
 Wed, 26 Dec 2018 12:08:03 AEST
Received: from mcvoy.com (mcvoy.com [192.169.23.250])
 by minnie.tuhs.org (Postfix) with ESMTPS id 312F0A3667
 for <tuhs@minnie.tuhs.org>; Wed, 26 Dec 2018 12:08:03 +1000 (AEST)
Received: by mcvoy.com (Postfix, from userid 3546)
 id 7762E35E0F0; Tue, 25 Dec 2018 18:01:19 -0800 (PST)
Date: Tue, 25 Dec 2018 18:01:19 -0800
From: Larry McVoy <lm@mcvoy.com>
To: Grant Taylor <gtaylor@tnetconsulting.net>
Message-ID: <20181226020119.GF18199@mcvoy.com>
References: <bd626b01-b74a-14d9-c31e-6b5437464387@spamtrap.tnetconsulting.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <bd626b01-b74a-14d9-c31e-6b5437464387@spamtrap.tnetconsulting.net>
User-Agent: Mutt/1.5.24 (2015-08-30)
Subject: Re: [TUHS] NFS & Kerberos woes...
X-BeenThere: tuhs@minnie.tuhs.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: The Unix Heritage Society mailing list <tuhs.minnie.tuhs.org>
List-Unsubscribe: <https://minnie.tuhs.org/cgi-bin/mailman/options/tuhs>,
 <mailto:tuhs-request@minnie.tuhs.org?subject=unsubscribe>
List-Archive: <http://minnie.tuhs.org/pipermail/tuhs/>
List-Post: <mailto:tuhs@minnie.tuhs.org>
List-Help: <mailto:tuhs-request@minnie.tuhs.org?subject=help>
List-Subscribe: <https://minnie.tuhs.org/cgi-bin/mailman/listinfo/tuhs>,
 <mailto:tuhs-request@minnie.tuhs.org?subject=subscribe>
Cc: The Unix Heritage Society <tuhs@minnie.tuhs.org>
Errors-To: tuhs-bounces@minnie.tuhs.org
Sender: "TUHS" <tuhs-bounces@minnie.tuhs.org>

I'm an NFS guy, learned it a bit at uwisc and then a lot more at Sun. 
But Sun didn't do the Kerberos stuff, at least while I was there.

Didn't Kerberos come from MIT?  If so, I bet anything that Ted Ts'o
would know the details.  My guess is it was part of project athena
and I think that overlaps with Ted.  Yo, Ted, Merry Christmas,
what about this Kerberos authentication stuff?  :)

On Tue, Dec 25, 2018 at 05:49:49PM -0700, Grant Taylor via TUHS wrote:
> Do any fellow TUHS subscribers have any experience with NFS, particularly in
> combination with Kerberos authentication?
> 
> I'm messing with something that is making me think that Kerberos
> authentication (sec=krb5{,i,p}) usurps no_root_squash.
> 
> Meaning that root can't access files owned by other users with go-rwx.
> Almost as if no_root_squash wasn't configured on the export.
> 
> Does anyone have a spare bone that they would be willing to throw my way?
> 
> 
> 
> -- 
> Grant. . . .
> unix || die
> 



-- 
---
Larry McVoy            	     lm at mcvoy.com             http://www.mcvoy.com/lm