rpc.svcgssd − server-side rpcsec_gss daemon
rpc.svcgssd [-n] [-v] [-r] [-i] [-f] [-p principal]
The rpcsec_gss protocol gives a means of using the gss-api generic security api to provide security for protocols using rpc (in particular, nfs). Before exchanging any rpc requests using rpcsec_gss, the rpc client must first establish a security context with the rpc server. The linux kernel’s implementation of rpcsec_gss depends on the userspace daemon rpc.svcgssd to handle context establishment on the rpc server. The daemon uses files in the proc filesystem to communicate with the kernel.
-f |
Runs rpc.svcgssd in the foreground and sends output to stderr (as opposed to syslogd) | ||
-v |
Increases the verbosity of the output (can be specified multiple times). | ||
-r |
If the rpcsec_gss library supports setting debug level, increases the verbosity of the output (can be specified multiple times). | ||
-i |
If the nfsidmap library supports setting debug level, increases the verbosity of the output (can be specified multiple times). | ||
-p |
Use principal instead of the default nfs/FQDN@REALM. | ||
-n |
Use the system default credentials (host/FQDN@REALM) rather than the default nfs/FQDN@REALM. |
Some of the
options that can be set on the command line can also be
controlled through values set in the [svcgssd]
section of the /etc/nfs.conf configuration file.
Values recognized include:
principal
If set to system this is equivalent to the -n option. If set to any other value, that is used like the -p option.
verbosity
Value which is equivalent to the number of -v.
rpc-verbosity
Value which is equivalent to the number of -r.
idmap-verbosity
Value which is equivalent to the number of -i.
rpc.gssd(8),
Dug Song
<[email protected]>
Andy Adamson <[email protected]>
Marius Aamodt Eriksen <[email protected]>
J. Bruce Fields <[email protected]>