X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fgssd%2Fgssd.c;h=6d8f3b90d7d11e48de887a5387745fbda363675e;hp=319dca4a812c5a3565bdbdc57cf41fe3964358ea;hb=eb3a145789b9eedd39b56e1d76f412435abaa747;hpb=1a5b79866092e5061f3a6d2cd1a644f47e65ba3a diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c index 319dca4..6d8f3b9 100644 --- a/utils/gssd/gssd.c +++ b/utils/gssd/gssd.c @@ -53,11 +53,15 @@ #include "gss_util.h" #include "krb5_util.h" -char pipefsdir[PATH_MAX] = GSSD_PIPEFS_DIR; +char pipefs_dir[PATH_MAX] = GSSD_PIPEFS_DIR; +char pipefs_nfsdir[PATH_MAX] = GSSD_PIPEFS_DIR; char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE; char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR; +char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1]; int use_memcache = 0; int root_uses_machine_creds = 1; +unsigned int context_timeout = 0; +char *preferred_realm = NULL; void sig_die(int signal) @@ -80,7 +84,7 @@ sig_hup(int signal) static void usage(char *progname) { - fprintf(stderr, "usage: %s [-f] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir]\n", + fprintf(stderr, "usage: %s [-f] [-M] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir] [-t timeout] [-R preferred realm]\n", progname); exit(1); } @@ -92,10 +96,12 @@ main(int argc, char *argv[]) int verbosity = 0; int rpc_verbosity = 0; int opt; + int i; extern char *optarg; char *progname; - while ((opt = getopt(argc, argv, "fvrmnMp:k:d:")) != -1) { + memset(ccachesearch, 0, sizeof(ccachesearch)); + while ((opt = getopt(argc, argv, "fvrmnMp:k:d:t:R:")) != -1) { switch (opt) { case 'f': fg = 1; @@ -116,8 +122,8 @@ main(int argc, char *argv[]) rpc_verbosity++; break; case 'p': - strncpy(pipefsdir, optarg, sizeof(pipefsdir)); - if (pipefsdir[sizeof(pipefsdir)-1] != '\0') + strncpy(pipefs_dir, optarg, sizeof(pipefs_dir)); + if (pipefs_dir[sizeof(pipefs_dir)-1] != '\0') errx(1, "pipefs path name too long"); break; case 'k': @@ -130,15 +136,31 @@ main(int argc, char *argv[]) if (ccachedir[sizeof(ccachedir)-1] != '\0') errx(1, "ccachedir path name too long"); break; + case 't': + context_timeout = atoi(optarg); + break; + case 'R': + preferred_realm = strdup(optarg); + break; default: usage(argv[0]); break; } } - strncat(pipefsdir + strlen(pipefsdir), "/" GSSD_SERVICE_NAME, - sizeof(pipefsdir)-strlen(pipefsdir)); - if (pipefsdir[sizeof(pipefsdir)-1] != '\0') - errx(1, "pipefs path name too long"); + + i = 0; + ccachesearch[i++] = strtok(ccachedir, ":"); + do { + ccachesearch[i++] = strtok(NULL, ":"); + } while (ccachesearch[i-1] != NULL && i < GSSD_MAX_CCACHE_SEARCH); + + if (preferred_realm == NULL) + gssd_k5_get_default_realm(&preferred_realm); + + snprintf(pipefs_nfsdir, sizeof(pipefs_nfsdir), "%s/%s", + pipefs_dir, GSSD_SERVICE_NAME); + if (pipefs_nfsdir[sizeof(pipefs_nfsdir)-1] != '\0') + errx(1, "pipefs_nfsdir path name too long"); if ((progname = strrchr(argv[0], '/'))) progname++; @@ -164,10 +186,6 @@ main(int argc, char *argv[]) signal(SIGTERM, sig_die); signal(SIGHUP, sig_hup); - /* Process keytab file and get machine credentials */ - if (root_uses_machine_creds) - gssd_refresh_krb5_machine_creds(); - gssd_run(); printerr(0, "gssd_run returned!\n"); abort();