From 7201cabaf0c59b2f50c1a86a47465daaafff6cb4 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 19 Jun 2013 11:41:29 -0400
Subject: Split nfs server and client services
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The NFS server uses a special socket for the kernel communication.
Split configuration in 2 distinct services so we can use specific options that
may be different between server and client.

The 3 main differences so far are:
1. socket: default for client, custom for server
2. kernel_nfd option only for server
3. ccache and client keytab options only for client

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
---
 proxy/examples/gssproxy.conf.in | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/proxy/examples/gssproxy.conf.in b/proxy/examples/gssproxy.conf.in
index b30d39a..0f8339e 100644
--- a/proxy/examples/gssproxy.conf.in
+++ b/proxy/examples/gssproxy.conf.in
@@ -1,12 +1,17 @@
 [gssproxy]
 
-[service/nfs]
+[service/nfs-server]
   mechs = krb5
   socket = /run/gssproxy.sock
   cred_store = keytab:/etc/krb5.keytab
-  cred_store = ccache:FILE:@gpstatedir@/clients/krb5cc_%U
-  cred_store = client_keytab:@gpstatedir@/clients/%U.keytab
   trusted = yes
   kernel_nfsd = yes
   euid = 0
 
+[service/nfs-client]
+  mechs = krb5
+  cred_store = keytab:/etc/krb5.keytab
+  cred_store = ccache:FILE:@gpstatedir@/clients/krb5cc_%U
+  cred_store = client_keytab:@gpstatedir@/clients/%U.keytab
+  trusted = yes
+  euid = 0
-- 
cgit