NAME
rpc.svcgssd - server-side rpcsec_gss daemon
SYNOPSIS
rpc.svcgssd [-n] [-v] [-r] [-i] [-f] [-p principal]
DESCRIPTION
The rpcsec_gss protocol gives a means of using the gss-api generic security api to provide security for protocols using rpc (in particular, nfs). Before exchanging any rpc requests using rpcsec_gss, the rpc client must first establish a security context with the rpc server. The linux kernel’s implementation of rpcsec_gss depends on the userspace daemon rpc.svcgssd to handle context establishment on the rpc server. The daemon uses files in the proc filesystem to communicate with the kernel.
OPTIONS
|
-f |
Runs rpc.svcgssd in the foreground and sends output to stderr (as opposed to syslogd) | ||
|
-v |
Increases the verbosity of the output (can be specified multiple times). | ||
|
-r |
If the rpcsec_gss library supports setting debug level, increases the verbosity of the output (can be specified multiple times). | ||
|
-i |
If the nfsidmap library supports setting debug level, increases the verbosity of the output (can be specified multiple times). | ||
|
-p |
Use principal instead of the default nfs/FQDN@REALM. | ||
|
-n |
Use the system default credentials (host/FQDN@REALM) rather than the default nfs/FQDN@REALM. |
CONFIGURATION FILE
Some of the
options that can be set on the command line can also be
controlled through values set in the [svcgssd]
section of the /etc/nfs.conf configuration file.
Values recognized include:
principal
If set to system this is equivalent to the -n option. If set to any other value, that is used like the -p option.
verbosity
Value which is equivalent to the number of -v.
rpc-verbosity
Value which is equivalent to the number of -r.
idmap-verbosity
Value which is equivalent to the number of -i.
SEE ALSO
AUTHORS
Dug Song
<dugsong [AT] umich.edu>
Andy Adamson <andros [AT] umich.edu>
Marius Aamodt Eriksen <marius [AT] umich.edu>
J. Bruce Fields <bfields [AT] umich.edu>