summaryrefslogtreecommitdiffstats
path: root/utils/gssd/gss_util.h
Commit message (Collapse)AuthorAgeFilesLines
* Avoid clobbering root's ccache if possiblefixrootccacheSimo Sorce2017-11-161-1/+2
| | | | | | | | If the gssapi library is modern enough, store the ccache in a process scoped keyring by default. This will avoid clobbering root's default ccache, and keep the creds from littering the filesystem. Signed-off-by: Simo Sorce <simo@redhat.com>
* gssd - move over pipfs scanning codeDavid Hardeman2015-01-231-2/+0
| | | | | | | | Move all rpc_pipefs scanning code from gssd_proc.c to gssd.c in preparation for later patches. Signed-off-by: David Hardeman <david@hardeman.nu> Signed-off-by: Steve Dickson <steved@redhat.com>
* Avoid DNS reverse resolution for server names (take 3)Simo Sorce2013-04-221-0/+2
| | | | | | | | | | | | | | A NFS client should be able to work properly even if the DNS Reverse record for the server is not set. This means a DNS lookup should not be done on server names at are passed to GSSAPI. This patch changes the default behavior to no longer do those types of lookups This change default behavior could negatively impact some current environments, so the -D option is also being added that will re-enable the DNS reverse looks on server names, which are passed to GSSAPI. Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: Steve Dickson <steved@redhat.com>
* gssd: Switch to use standard GSSAPI by defaultSimo Sorce2013-04-021-0/+10
| | | | | | | | | Make libgssglue configurable still but disabled by default. There is no reason to use libgssglue anymore, and modern gssapi supports all needed features for nfs-utils. Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: Steve Dickson <steved@redhat.com>
* svcgssd: Adding a <-p principal> flagEberhard Kuemmerle2010-09-281-1/+1
| | | | | | | | | Allow the principal that is used to get the machines creds definable on the command like with the new '-p <principal>'. This is useful in cluster environments. Signed-off-by: Eberhard Kuemmerle <E.Kuemmerle@fz-juelich.de> Signed-off-by: Steve Dickson <steved@redhat.com>
* Check that the gssapi library is usable early on.kwc@citi.umich.edu2006-07-041-0/+1
| | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Do a call to determine mechanisms supported by the gssapi library early. This allows us to discover early in case the gssapi library is somehow misconfigured. We can bail out early and give a meaningful message rather than getting errors on each attempt at a context negotiation.
* Add gss support from citi @ umichneilbrown2004-10-191-0/+44
generated by cgit (git 2.34.1) at 2025-07-06 01:44:02 +0000