rpc.svcgssd - server-side rpcsec_gss daemon
rpc.svcgssd [-n] [-v] [-r] [-i] [-f] [-p principal]
The rpcsec_gss protocol gives a means of using the gss-api generic security api
to provide security for protocols using rpc (in particular, nfs). Before
exchanging any rpc requests using rpcsec_gss, the rpc client must first
establish a security context with the rpc server. The linux kernel's
implementation of rpcsec_gss depends on the userspace daemon
rpc.svcgssd to handle context establishment on the rpc server. The
daemon uses files in the proc filesystem to communicate with the kernel.
- -f
- Runs rpc.svcgssd in the foreground and sends output
to stderr (as opposed to syslogd)
- -v
- Increases the verbosity of the output (can be specified
multiple times).
- -r
- If the rpcsec_gss library supports setting debug level,
increases the verbosity of the output (can be specified multiple
times).
- -i
- If the nfsidmap library supports setting debug level,
increases the verbosity of the output (can be specified multiple
times).
- -p
- Use principal instead of the default
nfs/FQDN@REALM.
- -n
- Use the system default credentials
(host/FQDN@REALM) rather than the default
nfs/FQDN@REALM.
Some of the options that can be set on the command line can also be controlled
through values set in the
[svcgssd] section of the
/etc/nfs.conf
configuration file. Values recognized include:
- principal
- If set to system this is equivalent to the -n
option. If set to any other value, that is used like the -p
option.
- verbosity
- Value which is equivalent to the number of -v.
- rpc-verbosity
- Value which is equivalent to the number of -r.
- idmap-verbosity
- Value which is equivalent to the number of -i.
rpc.gssd(8),
Dug Song <
[email protected]>
Andy Adamson <
[email protected]>
Marius Aamodt Eriksen <
[email protected]>
J. Bruce Fields <
[email protected]>