From ffe1a9badb6f247b3314ef570573739d3f91f429 Mon Sep 17 00:00:00 2001
From: Kevin Coffman <kwc@citi.umich.edu>
Date: Fri, 30 Mar 2007 18:32:14 -0400
Subject: Use newly added keytab functions

Use the new functions added in the previous patch.

Obtain machine credentials in a pre-determined order

Look for appropriate machine credentials in the following order:
     root/<fqdn>@REALM
     nfs/<fqdn>@REALM
     host/<fqdn>@REALM
     root/<any-name>@REALM
     nfs/<any-name>@REALM
     host/<any-name>@REALM

The first matching credential will be used.

Also, the machine credentials to be used are now determined
"on-demand" rather than at gssd startup.  This allows keytab
additions to be noticed and used without requiring a restart of gssd.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
---
 utils/gssd/gssd.c | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'utils/gssd/gssd.c')

diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index 747637c..b6c4ee4 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -165,10 +165,6 @@ main(int argc, char *argv[])
 	signal(SIGTERM, sig_die);
 	signal(SIGHUP, sig_hup);
 
-	/* Process keytab file and get machine credentials */
-	if (root_uses_machine_creds)
-		gssd_refresh_krb5_machine_creds();
-
 	gssd_run();
 	printerr(0, "gssd_run returned!\n");
 	abort();
-- 
cgit