From: Kevin Coffman Date: Wed, 4 Apr 2007 02:47:35 +0000 (+1000) Subject: NEWS - add info about gssd changes. X-Git-Tag: nfs-utils-1-1-0-rc2~9 X-Git-Url: https://git.decadent.org.uk/gitweb/?a=commitdiff_plain;h=15ac7bc32061a389a111f2c1637640637dcbca29;p=nfs-utils.git NEWS - add info about gssd changes. --- diff --git a/NEWS b/NEWS index ae95c73..4d217b7 100644 --- a/NEWS +++ b/NEWS @@ -32,3 +32,23 @@ Significant changes for nfs-utils 1.1.0 - March/April 2007 not support NFS export. - Comprehensive notes on startup dependencies have been added to the README file. + + - A new option, -n, was added to rpc.gssd which specifies that + accesses by root should not use 'machine credentials' when + accessing NFS file systems mounted with Kerberos. Using this + option allows the root user to access the NFS space using any + Kerberos principal, rather than always using the machine + credentials. However, its use also requires that root manually + authenticate before attempting a mount with Kerberos. + + When rpc.gssd uses machine credentials, the selection algorithm has + been changed. Instead of simply using the first "nfs/*" key in the + keytab, the keytab is now searched for keys in the following + defined order: + + root/@REALM + nfs/@REALM + host/@REALM + root/@REALM + nfs/@REALM + host/@REALM