My brother, Dave, is a Java developer. In fact I think he is a very good developer, and he has decided to blog some of his stuff.
Monthly Archive for January, 2009
We have nfs4 mounted home directories, using kerb5 authentication.
Problem is, the apache user wasn’t kerberos authenticated so could not read any of the home directories. Which of course means no user homepages.
The fix is easy, but I could not find it documented so it took me a while. I do not know if you need it, but I have mod_auth_kerb5 installed, and it pointed me to the solution.
Basically add a kerberos principle for HTTP/fqdn.
kadmin> addprinc -randkey HTTP/server.domain.com
Then put this into a keytab
kadmin> ktadd -k /etc/httpd/conf/keytab HTTP/server.domain.com
The keytab needs to be readable by apache. Restart httpd and user homepages should work.