diff options
author | Jacob Shivers <jshivers@redhat.com> | 2021-03-15 09:22:57 -0400 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2021-03-15 10:37:51 -0400 |
commit | 05bacfed6df3f336c50326c7c6f4c3677c7f7d70 (patch) | |
tree | 0722e3cda9d2f92473a502f00b9ccd5b771a704a /nfs.conf | |
parent | 7e559dbddc483a7c2bc7ea8133d8e4ba368d5f61 (diff) | |
download | nfs-utils-05bacfed6df3f336c50326c7c6f4c3677c7f7d70.tar.gz |
gssd: Add options to rpc.gssd to allow for the use of $HOME/.k5identity files
Since commit 2f682f25c642fcfe7c511d04bc9d67e732282348 $HOME
has been set to '/' to avoid a deadlock when accessing
Kerberized NFS shares. While this works for most use cases,
users who depend on the use of $HOME/.k5identity files are
negatively impacted by this commit. This patch allows for
users to use their $HOME/.k5identity to access subsequent
Kerberized resources based on the credentials in said file.
The default set by commit 2f682f25c still remains the same,
but a user can pass '-H' to change rpc.gssd behavior to not
set $HOME to '/'. Setting 'set-home=0' in /etc/nfs.conf
has the same effect as passing '-H' directly to rpc.gssd.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1868087
Signed-off-by: Jacob Shivers <jshivers@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'nfs.conf')
-rw-r--r-- | nfs.conf | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -24,6 +24,7 @@ # keytab-file=/etc/krb5.keytab # cred-cache-directory= # preferred-realm= +# set-home=1 # [lockd] # port=0 |