diff options
| author | Simo Sorce <simo@redhat.com> | 2013-06-19 11:41:29 -0400 |
|---|---|---|
| committer | Günther Deschner <gdeschner@redhat.com> | 2013-06-21 16:26:38 +0200 |
| commit | 7201cabaf0c59b2f50c1a86a47465daaafff6cb4 (patch) | |
| tree | 2a944c5db6fb7265f7b3a7da4f116f08881083fb | |
| parent | 86207c193506e4cbef6868474188233e0b1dd77a (diff) | |
| download | gss-proxy-7201cabaf0c59b2f50c1a86a47465daaafff6cb4.tar.gz gss-proxy-7201cabaf0c59b2f50c1a86a47465daaafff6cb4.tar.xz gss-proxy-7201cabaf0c59b2f50c1a86a47465daaafff6cb4.zip | |
Split nfs server and client services
The NFS server uses a special socket for the kernel communication.
Split configuration in 2 distinct services so we can use specific options that
may be different between server and client.
The 3 main differences so far are:
1. socket: default for client, custom for server
2. kernel_nfd option only for server
3. ccache and client keytab options only for client
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
| -rw-r--r-- | proxy/examples/gssproxy.conf.in | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/proxy/examples/gssproxy.conf.in b/proxy/examples/gssproxy.conf.in index b30d39a..0f8339e 100644 --- a/proxy/examples/gssproxy.conf.in +++ b/proxy/examples/gssproxy.conf.in @@ -1,12 +1,17 @@ [gssproxy] -[service/nfs] +[service/nfs-server] mechs = krb5 socket = /run/gssproxy.sock cred_store = keytab:/etc/krb5.keytab - cred_store = ccache:FILE:@gpstatedir@/clients/krb5cc_%U - cred_store = client_keytab:@gpstatedir@/clients/%U.keytab trusted = yes kernel_nfsd = yes euid = 0 +[service/nfs-client] + mechs = krb5 + cred_store = keytab:/etc/krb5.keytab + cred_store = ccache:FILE:@gpstatedir@/clients/krb5cc_%U + cred_store = client_keytab:@gpstatedir@/clients/%U.keytab + trusted = yes + euid = 0 |