diff options
| author | Kevin Coffman <kwc@citi.umich.edu> | 2007-03-16 10:27:46 -0400 |
|---|---|---|
| committer | Neil Brown <neilb@suse.de> | 2007-03-19 09:47:37 +1100 |
| commit | fbff46da25a0a578136fd92a6b66e807b6599ca3 (patch) | |
| tree | 9e09a7e6d7a69d881edfd8ec324f090ab8585819 /utils/gssd/gssd.man | |
| parent | 1a5b79866092e5061f3a6d2cd1a644f47e65ba3a (diff) | |
| download | nfs-utils-fbff46da25a0a578136fd92a6b66e807b6599ca3.tar.gz nfs-utils-fbff46da25a0a578136fd92a6b66e807b6599ca3.tar.xz nfs-utils-fbff46da25a0a578136fd92a6b66e807b6599ca3.zip | |
Allow any credential to be used for machine credentials
Don't restrict machine credentials to be "nfs/<machine.name>".
Use any usable credentials contained in the keytab file.
[We actually attempt to use the first entry found for each
realm, not every entry, in the keytab.]
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Diffstat (limited to 'utils/gssd/gssd.man')
| -rw-r--r-- | utils/gssd/gssd.man | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/utils/gssd/gssd.man b/utils/gssd/gssd.man index 1a30d69..f2ecd69 100644 --- a/utils/gssd/gssd.man +++ b/utils/gssd/gssd.man @@ -41,10 +41,18 @@ authentication. .B -k keytab Tells .B rpc.gssd -to use the keys for principals nfs/hostname in +to use the keys found in .I keytab -to obtain machine credentials. +to obtain "machine credentials". The default value is "/etc/krb5.keytab". +Previous versions of +.B rpc.gssd +used only "nfs/*" keys found within the keytab. +Now, the first keytab entry for each distinct Kerberos realm +within the keytab is used. This means that an NFS client +no longer needs an "nfs/hostname" principal and keytab entry, +but can instead use a "host/hostname" (or any other) keytab +entry that is available. .TP .B -p path Tells |