debian/patches/11-root-on-krb5-mounts.patch

   1 Index: nfs-utils-1.0.11~git-20060117/utils/gssd/krb5_util.c
   2 ===================================================================
   3 --- nfs-utils-1.0.11~git-20060117.orig/utils/gssd/krb5_util.c
   4 +++ nfs-utils-1.0.11~git-20060117/utils/gssd/krb5_util.c
   5 @@ -120,6 +120,9 @@
   6  #include "gss_oids.h"
   7  #include "krb5_util.h"
   8
   9 +#define GSSD_MACHINE_CRED_NAME "root"
  10 +#define GSSD_MACHINE_CRED_NAME_LEN 4
  11 +
  12  /* Global list of principals/cache file names for machine credentials */
  13  struct gssd_k5_kt_princ *gssd_k5_kt_princ_list = NULL;
  14
  15 @@ -496,13 +499,13 @@ gssd_process_krb5_keytab(krb5_context co
  16                 printerr(2, "Processing keytab entry for principal '%s'\n",
  17                          pname);
  18  #ifdef HAVE_KRB5
  19 -               if ( (kte.principal->data[0].length == GSSD_SERVICE_NAME_LEN) &&
  20 -                    (strncmp(kte.principal->data[0].data, GSSD_SERVICE_NAME,
  21 -                             GSSD_SERVICE_NAME_LEN) == 0) &&
  22 +               if ( (kte.principal->data[0].length == GSSD_MACHINE_CRED_NAME_LEN) &&
  23 +                    (strncmp(kte.principal->data[0].data, GSSD_MACHINE_CRED_NAME,
  24 +                             GSSD_MACHINE_CRED_NAME_LEN) == 0) &&
  25  #else
  26 -               if ( (strlen(kte.principal->name.name_string.val[0]) == GSSD_SERVICE_NAME_LEN) &&
  27 -                    (strncmp(kte.principal->name.name_string.val[0], GSSD_SERVICE_NAME,
  28 -                             GSSD_SERVICE_NAME_LEN) == 0) &&
  29 +               if ( (strlen(kte.principal->name.name_string.val[0]) == GSSD_MACHINE_CRED_NAME_LEN) &&
  30 +                    (strncmp(kte.principal->name.name_string.val[0], GSSD_MACHINE_CRED_NAME,
  31 +                             GSSD_MACHINE_CRED_NAME_LEN) == 0) &&
  32
  33  #endif
  34                      (!gssd_have_realm_ple((void *)&kte.principal->realm)) ) {
  35 @@ -714,7 +717,7 @@ gssd_refresh_krb5_machine_creds(void)
  36                         printerr(0, "Do you have a valid keytab entry for "
  37                                     "%s/<your.host>@<YOUR.REALM> in "
  38                                     "keytab file %s ?\n",
  39 -                                   GSSD_SERVICE_NAME, keytabfile);
  40 +                                   GSSD_MACHINE_CRED_NAME, keytabfile);
  41                         printerr(0, "Continuing without (machine) credentials "
  42                                     "- nfs4 mounts with Kerberos will fail\n");
  43                 }