Hi Olga

This is great info !

Can you make sure that the host principal is not granted any
read or write access ( via  ACL entry, owner, group or Everyone access) 
to the actual directory and file being opened.

If, by spec or well established convention,  the client host principal just needs to submit the "close request"
to the NFS server ; but, needs no access to the actual directory tree or files, then
my NAS vendor will need to take action.

If I need to grant directory / file access to all host principals on-site
I will probably get serious computer-security opposition.

Thanks !

Andy

What you describe  --- having different views of state on the client
and server -- is not a known common behaviour.

I have tried it on my Kerberos setup.
Gotten a 5min ticket.
As a user opened a file in a process that went to sleep.
My user credentials have expired (after 5mins). I verified that by
doing an "ls" on a mounted filesystem which resulted in permission
denied error.
Then I killed the application that had an opened file. This resulted
in a NFS CLOSE being sent to the server using the machine's gss
context (which is a default behaviour of the linux client regardless
of whether or not user's credentials are valid).

Basically as far as I can tell, a linux client can handle cleaning up
state when user's credentials have expired.

quoted

Andy