tail head cat sleep
QR code linking to this page

Manual Pages  — GSSD

NAME

gssd – Generic Security Services Daemon

CONTENTS

SYNOPSIS


gssd [-d] [-h] [-o] [-v] [-s dir-list] [-c file-substring] [-r preferred-realm]

DESCRIPTION

The gssd program provides support for the kernel GSS-API implementation.

The options are as follows:
-d
  Run in debug mode. In this mode, gssd will not fork when it starts.
-h
  Enable support for host-based initiator credentials. This permits a kerberized NFS mount to use a service principal in the default Kerberos 5 keytab file for access. Such access is enabled via the gssname option for the mount_nfs(8) command.
-o
  Force use of DES and the associated old style GSS-API initialization token. This may be required to make kerberized NFS mounts work against some non-FreeBSD NFS servers.
-v
  Run in verbose mode. In this mode, gssd will log activity messages to syslog using LOG_INFO | LOG_DAEMON or to stderr, if the -d option has also been specified. The minor status is logged as a decimal number, since it is actually a Kerberos return status, which is signed.
-s dir-list
  Look for an appropriate credential cache file in this list of directories. The list should be full pathnames from root, separated by ':' characters. Usually this list will simply be "/tmp". Without this option, gssd assumes that the credential cache file is called /tmp/krb5cc_<uid>, where <uid> is the effective uid for the RPC caller.
-c file-substring
  Set a file-substring for the credential cache file names. Only files with this substring embedded in their names will be selected as candidates when -s has been specified. If not specified, it defaults to "krb5cc_".
-r preferred-realm
  Use Kerberos credentials for this realm when searching for credentials in directories specified with -s. If not specified, the default Kerberos realm will be used.

FILES

/etc/krb5.keytab
  Contains Kerberos service principals which may be used as credentials by kernel GSS-API services.

EXIT STATUS

The utility exits 0 on success, and >0 if an error occurs.

SEE ALSO

gssapi(3), syslog(3), mount_nfs(8)

HISTORY

The gssd manual page first appeared in FreeBSD 8.0 .

AUTHORS

This manual page was written by Doug Rabson <Mt dfr@FreeBSD.org>.

GSSD (8) July 7, 2013

tail head cat sleep
QR code linking to this page


Please direct any comments about this manual page service to Ben Bullock.

Unix’s “power tools” are more like power switchblades that slice off the operator’s fingers quickly and efficiently.
— The Unix Haters' handbook