X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fgssd%2Fgssd.c;h=bbcad20d1c7ae50882edd8f6afba93141c475c09;hp=8e9c72acdfd8e47d46a8b00ecd74cf44496379f3;hb=d29bdad048c13ba8ae3f095464598b75a3cf67fe;hpb=a6037e23a8c9d649bf5946ac9d23114f9097b997

diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index 8e9c72a..bbcad20 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -53,15 +53,19 @@
 #include "gss_util.h"
 #include "krb5_util.h"
 
-char pipefsdir[PATH_MAX] = GSSD_PIPEFS_DIR;
+char pipefs_dir[PATH_MAX] = GSSD_PIPEFS_DIR;
+char pipefs_nfsdir[PATH_MAX] = GSSD_PIPEFS_DIR;
 char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE;
 char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR;
+int  use_memcache = 0;
+int  root_uses_machine_creds = 1;
 
 void
 sig_die(int signal)
 {
 	/* destroy krb5 machine creds */
-	gssd_destroy_krb5_machine_creds();
+	if (root_uses_machine_creds)
+		gssd_destroy_krb5_machine_creds();
 	printerr(1, "exiting on signal %d\n", signal);
 	exit(1);
 }
@@ -77,7 +81,7 @@ sig_hup(int signal)
 static void
 usage(char *progname)
 {
-	fprintf(stderr, "usage: %s [-f] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir]\n",
+	fprintf(stderr, "usage: %s [-f] [-M] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir]\n",
 		progname);
 	exit(1);
 }
@@ -92,7 +96,7 @@ main(int argc, char *argv[])
 	extern char *optarg;
 	char *progname;
 
-	while ((opt = getopt(argc, argv, "fvrmp:k:d:")) != -1) {
+	while ((opt = getopt(argc, argv, "fvrmnMp:k:d:")) != -1) {
 		switch (opt) {
 			case 'f':
 				fg = 1;
@@ -100,6 +104,12 @@ main(int argc, char *argv[])
 			case 'm':
 				/* Accept but ignore this. Now the default. */
 				break;
+			case 'M':
+				use_memcache = 1;
+				break;
+			case 'n':
+				root_uses_machine_creds = 0;
+				break;
 			case 'v':
 				verbosity++;
 				break;
@@ -107,8 +117,8 @@ main(int argc, char *argv[])
 				rpc_verbosity++;
 				break;
 			case 'p':
-				strncpy(pipefsdir, optarg, sizeof(pipefsdir));
-				if (pipefsdir[sizeof(pipefsdir)-1] != '\0')
+				strncpy(pipefs_dir, optarg, sizeof(pipefs_dir));
+				if (pipefs_dir[sizeof(pipefs_dir)-1] != '\0')
 					errx(1, "pipefs path name too long");
 				break;
 			case 'k':
@@ -118,7 +128,7 @@ main(int argc, char *argv[])
 				break;
 			case 'd':
 				strncpy(ccachedir, optarg, sizeof(ccachedir));
-				if (ccachedir[sizeof(ccachedir-1)] != '\0')
+				if (ccachedir[sizeof(ccachedir)-1] != '\0')
 					errx(1, "ccachedir path name too long");
 				break;
 			default:
@@ -126,10 +136,10 @@ main(int argc, char *argv[])
 				break;
 		}
 	}
-	strncat(pipefsdir + strlen(pipefsdir), "/" GSSD_SERVICE_NAME,
-		sizeof(pipefsdir)-strlen(pipefsdir));
-	if (pipefsdir[sizeof(pipefsdir)-1] != '\0')
-		errx(1, "pipefs path name too long");
+	snprintf(pipefs_nfsdir, sizeof(pipefs_nfsdir), "%s/%s",
+		 pipefs_dir, GSSD_SERVICE_NAME);
+	if (pipefs_nfsdir[sizeof(pipefs_nfsdir)-1] != '\0')
+		errx(1, "pipefs_nfsdir path name too long");
 
 	if ((progname = strrchr(argv[0], '/')))
 		progname++;
@@ -145,6 +155,9 @@ main(int argc, char *argv[])
 			    "support setting debug level\n");
 #endif
 
+	if (gssd_check_mechs() != 0)
+		errx(1, "Problem with gssapi library");
+
 	if (!fg && daemon(0, 0) < 0)
 		errx(1, "fork");
 
@@ -152,9 +165,6 @@ main(int argc, char *argv[])
 	signal(SIGTERM, sig_die);
 	signal(SIGHUP, sig_hup);
 
-	/* Process keytab file and get machine credentials */
-	gssd_refresh_krb5_machine_creds();
-
 	gssd_run();
 	printerr(0, "gssd_run returned!\n");
 	abort();