summaryrefslogtreecommitdiffstats
path: root/upstream/debian-bookworm/man8/svcgssd.8
blob: 8771c035263c35b9c84863de2492ef8a99240b2f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
.\"
.\" rpc.svcgssd(8)
.\"
.\" Copyright (C) 2003 J. Bruce Fields <bfields@umich.edu>
.TH rpc.svcgssd 8 "12 Jan 2007"
.SH NAME
rpc.svcgssd \- server-side rpcsec_gss daemon
.SH SYNOPSIS
.B "rpc.svcgssd [-n] [-v] [-r] [-i] [-f] [-p principal]"
.SH DESCRIPTION
The rpcsec_gss protocol gives a means of using the gss-api generic security
api to provide security for protocols using rpc (in particular, nfs).  Before
exchanging any rpc requests using rpcsec_gss, the rpc client must first
establish a security context with the rpc server.  The linux kernel's
implementation of rpcsec_gss depends on the userspace daemon
.B rpc.svcgssd
to handle context establishment on the rpc server.  The
daemon uses files in the proc filesystem to communicate with
the kernel.

.SH OPTIONS
.TP
.B -f
Runs
.B rpc.svcgssd
in the foreground and sends output to stderr (as opposed to syslogd)
.TP
.B -v
Increases the verbosity of the output (can be specified multiple times).
.TP
.B -r
If the rpcsec_gss library supports setting debug level,
increases the verbosity of the output (can be specified multiple times).
.TP
.B -i
If the nfsidmap library supports setting debug level,
increases the verbosity of the output (can be specified multiple times).
.TP
.B -p
Use \fIprincipal\fR instead of the default
.RI nfs/ FQDN @ REALM .
.TP
.B -n
Use the system default credentials
.RI (host/ FQDN @ REALM )
rather than the default
.RI nfs/ FQDN @ REALM .
.SH CONFIGURATION FILE
Some of the options that can be set on the command line can also be
controlled through values set in the
.B [svcgssd]
section of the
.I /etc/nfs.conf
configuration file.  Values recognized include:
.TP
.B principal
If set to
.B system
this is equivalent to the
.B -n
option.  If set to any other value, that is used like the
.B -p
option.
.TP
.B verbosity
Value which is equivalent to the number of
.BR -v .
.TP
.B rpc-verbosity
Value which is equivalent to the number of
.BR -r .
.TP
.B idmap-verbosity
Value which is equivalent to the number of
.BR -i .


.SH SEE ALSO
.BR rpc.gssd(8),
.SH AUTHORS
.br
Dug Song <dugsong@umich.edu>
.br
Andy Adamson <andros@umich.edu>
.br
Marius Aamodt Eriksen <marius@umich.edu>
.br
J. Bruce Fields <bfields@umich.edu>