char pipefsdir[PATH_MAX] = GSSD_PIPEFS_DIR;
char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE;
char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR;
+int use_memcache = 0;
+int root_uses_machine_creds = 1;
void
sig_die(int signal)
{
/* destroy krb5 machine creds */
- gssd_destroy_krb5_machine_creds();
+ if (root_uses_machine_creds)
+ gssd_destroy_krb5_machine_creds();
printerr(1, "exiting on signal %d\n", signal);
exit(1);
}
static void
usage(char *progname)
{
- fprintf(stderr, "usage: %s [-f] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir]\n",
+ fprintf(stderr, "usage: %s [-f] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir]\n",
progname);
exit(1);
}
extern char *optarg;
char *progname;
- while ((opt = getopt(argc, argv, "fvrmp:k:d:")) != -1) {
+ while ((opt = getopt(argc, argv, "fvrmnMp:k:d:")) != -1) {
switch (opt) {
case 'f':
fg = 1;
case 'm':
/* Accept but ignore this. Now the default. */
break;
+ case 'M':
+ use_memcache = 1;
+ break;
+ case 'n':
+ root_uses_machine_creds = 0;
+ break;
case 'v':
verbosity++;
break;
break;
case 'd':
strncpy(ccachedir, optarg, sizeof(ccachedir));
- if (ccachedir[sizeof(ccachedir-1)] != '\0')
+ if (ccachedir[sizeof(ccachedir)-1] != '\0')
errx(1, "ccachedir path name too long");
break;
default:
"support setting debug level\n");
#endif
+ if (gssd_check_mechs() != 0)
+ errx(1, "Problem with gssapi library");
+
if (!fg && daemon(0, 0) < 0)
errx(1, "fork");
signal(SIGHUP, sig_hup);
/* Process keytab file and get machine credentials */
- gssd_refresh_krb5_machine_creds();
+ if (root_uses_machine_creds)
+ gssd_refresh_krb5_machine_creds();
gssd_run();
printerr(0, "gssd_run returned!\n");