Добрый день.
Переход на linux сервера в качестве рабочих мест. Тестирую на rosa fresh 12.3.
Сервера в домене - авторизация, sudo, монтирование home на nfs хранилке - всё работает, стролкнулся с проблемой монтирования сетевых шар cifs используя кеш Kerberos:adm69@rosa82 ~ $ sudo mount.cifs --verbose //SRV.DC.TEST/TEST /opt -o"user=adm69,cruid=$USER,sec=krb5,domain=DC.test,multiuser,vers=2.0"
mount.cifs kernel mount options: ip=10.10.1.139,unc=\\SRV.DC.TEST\TEST,sec=krb5,multiuser,vers=2.0,cruid=1760801111,user=adm69,domain=DC.test,pass=********
mount error(2): No such file or directory
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
Если убрать аргумент sec=krb5, монтирование происходит с вводом пароля:
adm69@rosa82 ~ $ sudo mount.cifs --verbose //SRV.DC.TEST/TEST /opt -o "user=adm69,domain=DC.test,multiuser"
Password for adm69@//SRV.DC.TEST/TEST:
mount.cifs kernel mount options: ip=10.10.1.139,unc=\\SRV.DC.TEST\TEST,multiuser,user=adm69,domain=DC.test,pass=********
adm69@rosa82 ~ $ df -h
Файловая система Размер Использовано Дост Использовано% Cмонтировано в
devtmpfs 1,9G 0 1,9G 0% /dev
tmpfs 2,0G 0 2,0G 0% /dev/shm
tmpfs 782M 12M 771M 2% /run
/dev/xvda2 8,8G 6,3G 2,1G 75% /
tmpfs 2,0G 8,0K 2,0G 1% /tmp
tmpfs 391M 92K 391M 1% /run/user/463
tmpfs 391M 72K 391M 1% /run/user/0
tmpfs 391M 80K 391M 1% /run/user/1760801111
//SRV.DC.TEST/TEST 32G 16G 16G 50% /opt
Если только один аргумент sec=krb5 - ошибка
adm69@rosa82 ~ $ sudo mount.cifs --verbose //SRV.DC.TEST/TEST /opt -o sec=krb5
mount.cifs kernel mount options: ip=10.10.1.139,unc=\\SRV.DC.TEST\TEST,sec=krb5,user=root,pass=********
mount error(2): No such file or directory
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
adm69@rosa82 ~ $ klist
Ticket cache: FILE:/tmp/krb5cc_1760801111
Default principal: adm69@DC.TEST
Valid starting Expires Service principal
28.02.2023 10:42:18 28.02.2023 20:42:18 krbtgt/DC.TEST@DC.TEST
renew until 07.03.2023 10:42:18
Если проверить доступность шары smbclient с ключём -k (kerberos), в шару проваливаюсь:
adm69@rosa82 ~ $ smbclient -k //SRV.DC.TEST/TEST
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Fri Feb 17 13:36:15 2023
.. D 0 Fri Feb 17 13:36:15 2023
xxx D 0 Fri Feb 17 12:29:46 2023
xxxx.txt A 0 Fri Feb 17 12:29:53 2023
8247551 blocks of size 4096. 4184846 blocks available
smb: \>
Не работает ни под доменным пользователем, ни под root. Билет выписывается, кеш хранится в файле.
debug mount:
Feb 28 11:02:05 rosa82 kernel: [ 6399.776023] CIFS: fs/cifs/cifsfs.c: Devname: //SRV.DC.TEST/TEST flags: 0
Feb 28 11:02:05 rosa82 kernel: [ 6399.776077] CIFS: fs/cifs/connect.c: Domain name set
Feb 28 11:02:05 rosa82 kernel: [ 6399.776082] CIFS: fs/cifs/connect.c: Username: adm69
Feb 28 11:02:05 rosa82 kernel: [ 6399.776087] CIFS: fs/cifs/connect.c: file mode: 0755 dir mode: 0755
Feb 28 11:02:05 rosa82 kernel: [ 6399.776090] CIFS: fs/cifs/connect.c: VFS: in mount_get_conns as Xid: 91 with uid: 0
Feb 28 11:02:05 rosa82 kernel: [ 6399.776092] CIFS: fs/cifs/connect.c: UNC: \\SRV.DC.TEST\TEST
Feb 28 11:02:05 rosa82 kernel: [ 6399.776100] CIFS: fs/cifs/connect.c: generic_ip_connect: connecting to 10.10.1.139:445
Feb 28 11:02:05 rosa82 kernel: [ 6399.776109] CIFS: fs/cifs/connect.c: Socket created
Feb 28 11:02:05 rosa82 kernel: [ 6399.776111] CIFS: fs/cifs/connect.c: sndbuf 16384 rcvbuf 131072 rcvtimeo 0x834
Feb 28 11:02:05 rosa82 kernel: [ 6399.778458] FS-Cache: Duplicate cookie detected
Feb 28 11:02:05 rosa82 kernel: [ 6399.778465] FS-Cache: O-cookie c=0000000076308f1f [p=00000000af88c56b fl=222 nc=1 na=1]
Feb 28 11:02:05 rosa82 kernel: [ 6399.778468] FS-Cache: O-cookie d=00000000d4534d5d n=00000000a345b9de
Feb 28 11:02:05 rosa82 kernel: [ 6399.778471] FS-Cache: O-key=[8] '020001bd0a0a018b'
Feb 28 11:02:05 rosa82 kernel: [ 6399.778486] FS-Cache: N-cookie c=0000000090b9ca51 [p=00000000af88c56b fl=2 nc=0 na=1]
Feb 28 11:02:05 rosa82 kernel: [ 6399.778488] FS-Cache: N-cookie d=00000000d4534d5d n=000000004994f759
Feb 28 11:02:05 rosa82 kernel: [ 6399.778490] FS-Cache: N-key=[8] '020001bd0a0a018b'
Feb 28 11:02:05 rosa82 kernel: [ 6399.778506] CIFS: fs/cifs/fscache.c: cifs_fscache_get_client_cookie: (0x000000004994f759/0x0000000000000000)
Feb 28 11:02:05 rosa82 kernel: [ 6399.778513] CIFS: fs/cifs/connect.c: VFS: in cifs_get_smb_ses as Xid: 92 with uid: 0
Feb 28 11:02:05 rosa82 kernel: [ 6399.778516] CIFS: fs/cifs/connect.c: Existing smb sess not found
Feb 28 11:02:05 rosa82 kernel: [ 6399.778525] CIFS: fs/cifs/smb2pdu.c: Negotiate protocol
Feb 28 11:02:05 rosa82 kernel: [ 6399.778545] CIFS: fs/cifs/connect.c: Demultiplex PID: 11642
Feb 28 11:02:05 rosa82 kernel: [ 6399.778552] CIFS: fs/cifs/transport.c: Sending smb: smb_len=106
Feb 28 11:02:05 rosa82 kernel: [ 6399.780389] CIFS: fs/cifs/connect.c: RFC1002 header 0xf8
Feb 28 11:02:05 rosa82 kernel: [ 6399.780399] CIFS: fs/cifs/smb2misc.c: SMB2 data length 120 offset 128
Feb 28 11:02:05 rosa82 kernel: [ 6399.780400] CIFS: fs/cifs/smb2misc.c: SMB2 len 248
Feb 28 11:02:05 rosa82 kernel: [ 6399.780492] CIFS: fs/cifs/transport.c: cifs_sync_mid_result: cmd=0 mid=0 state=4
Feb 28 11:02:05 rosa82 kernel: [ 6399.780500] CIFS: fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release
Feb 28 11:02:05 rosa82 kernel: [ 6399.780504] CIFS: fs/cifs/smb2pdu.c: mode 0x3
Feb 28 11:02:05 rosa82 kernel: [ 6399.780506] CIFS: fs/cifs/smb2pdu.c: negotiated smb2.0 dialect
Feb 28 11:02:05 rosa82 kernel: [ 6399.780511] CIFS: fs/cifs/asn1.c: OID len = 10 oid = 0x1 0x3 0x6 0x1
Feb 28 11:02:05 rosa82 kernel: [ 6399.780513] CIFS: fs/cifs/asn1.c: OID len = 7 oid = 0x1 0x2 0x348 0xbb92
Feb 28 11:02:05 rosa82 kernel: [ 6399.780515] CIFS: fs/cifs/asn1.c: OID len = 7 oid = 0x1 0x2 0x348 0x1bb92
Feb 28 11:02:05 rosa82 kernel: [ 6399.780517] CIFS: fs/cifs/asn1.c: OID len = 8 oid = 0x1 0x2 0x348 0x1bb92
Feb 28 11:02:05 rosa82 kernel: [ 6399.780519] CIFS: fs/cifs/asn1.c: OID len = 10 oid = 0x1 0x3 0x6 0x1
Feb 28 11:02:05 rosa82 kernel: [ 6399.780522] CIFS: fs/cifs/connect.c: Security Mode: 0x3 Capabilities: 0x300001 TimeAdjust: 0
Feb 28 11:02:05 rosa82 kernel: [ 6399.780523] CIFS: fs/cifs/smb2pdu.c: Session Setup
Feb 28 11:02:05 rosa82 kernel: [ 6399.780525] CIFS: fs/cifs/smb2pdu.c: sess setup type 5
Feb 28 11:02:05 rosa82 kernel: [ 6399.780530] CIFS: fs/cifs/cifs_spnego.c: key description = ver=0x2;host=SRV.DC.TEST;ip4=10.10.1.139;sec=krb5;uid=0x0;creduid=0x68f3b157;user=adm69;pid=0x2d78
Feb 28 11:02:05 rosa82 kernel: [ 6399.781029] CIFS: VFS: \\SRV.DC.TEST Send error in SessSetup = -2
Feb 28 11:02:05 rosa82 kernel: [ 6399.781033] CIFS: fs/cifs/connect.c: VFS: leaving cifs_get_smb_ses (xid = 92) rc = -2
Feb 28 11:02:05 rosa82 kernel: [ 6399.781038] CIFS: fs/cifs/dfs_cache.c: __dfs_cache_find: search path: \SRV.DC.TEST\TEST
Feb 28 11:02:05 rosa82 kernel: [ 6399.781042] CIFS: fs/cifs/dfs_cache.c: get_dfs_referral: get an DFS referral for \SRV.DC.TEST\TEST
Feb 28 11:02:05 rosa82 kernel: [ 6399.781049] CIFS: fs/cifs/fscache.c: cifs_fscache_release_client_cookie: (0x000000004994f759/0x0000000000000000)
Feb 28 11:02:05 rosa82 kernel: [ 6399.781064] CIFS: fs/cifs/connect.c: VFS: leaving mount_put_conns (xid = 91) rc = 0
Feb 28 11:02:05 rosa82 kernel: [ 6399.781066] CIFS: VFS: cifs_mount failed w/return code = -2
Есть кто сталкивался с данной проблемой?
Перейти на другой домен пока не получится, первое время будут существовать и Windows и Linux рабочие места с ActiveDirectory.
Вариант для распечатки
(ok), 28-Фев-23, 11:07 
