Docker Community Forums

Share and learn in the Docker community.

How do I enable Kerberos for the mount command


(Koryd) #1

Hi,

Can someone tell me how to make mount recognize -o sec=krb5 as a valid option in a container or dockerfile?

Below is the dockerfile I’ve been using to try and figure it out.

FROM ubuntu:16.04

ADD krb5.conf /etc/
ADD krb5.keytab /etc/krb5.keytab

RUN apt-get update && apt-get install -y krb5-user nfs-common

I launch the new image in a container using the following.

sudo docker run --name test --privileged -it image /bin/bash

Below is the mount command I’ve been running inside of the container along with the output.

$ mount -vo sec=krb5,port=2050 <hostname>:/ /mnt/nfs
mount.nfs: timeout set for Thu Sep 20 04:06:45 2018
mount.nfs: trying text-based options 'sec=krb5,port=2050,vers=4,addr=X.X.X.X,clientaddr=X.X.X.X'
mount.nfs: mount(2): Invalid argument
mount.nfs: an incorrect mount option was specified

I’ve tried this in a VM running the same commands and it failed as well until I rebooted the VM. A reboot appears to be necessary to make this work, but I’m not sure how to accomplish this in a container/dockerfile.

Thanks