diff options
author | Kevin Coffman <kwc@citi.umich.edu> | 2007-04-04 12:47:35 +1000 |
---|---|---|
committer | Neil Brown <neilb@suse.de> | 2007-04-04 12:47:35 +1000 |
commit | 15ac7bc32061a389a111f2c1637640637dcbca29 (patch) | |
tree | f49be52d6723ac1c35a382c05012fb3cffbbd3c9 /NEWS | |
parent | 75fbf31c20fac02e14b6c0cb7dcbfef8286f2ff1 (diff) | |
download | nfs-utils-15ac7bc32061a389a111f2c1637640637dcbca29.tar.gz nfs-utils-15ac7bc32061a389a111f2c1637640637dcbca29.tar.xz nfs-utils-15ac7bc32061a389a111f2c1637640637dcbca29.zip |
NEWS - add info about gssd changes.
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 20 |
1 files changed, 20 insertions, 0 deletions
@@ -32,3 +32,23 @@ Significant changes for nfs-utils 1.1.0 - March/April 2007 not support NFS export. - Comprehensive notes on startup dependencies have been added to the README file. + + - A new option, -n, was added to rpc.gssd which specifies that + accesses by root should not use 'machine credentials' when + accessing NFS file systems mounted with Kerberos. Using this + option allows the root user to access the NFS space using any + Kerberos principal, rather than always using the machine + credentials. However, its use also requires that root manually + authenticate before attempting a mount with Kerberos. + + When rpc.gssd uses machine credentials, the selection algorithm has + been changed. Instead of simply using the first "nfs/*" key in the + keytab, the keytab is now searched for keys in the following + defined order: + + root/<fqdn>@REALM + nfs/<fqdn>@REALM + host/<fqdn>@REALM + root/<any-name>@REALM + nfs/<any-name>@REALM + host/<any-name>@REALM |