The rpcsec_gss protocol gives a means of using the gss-api generic security
api to provide security for protocols using rpc (in particular, nfs). Before
exchanging any rpc requests using rpcsec_gss, the rpc client must first
establish a security context. The linux kernel's implementation of rpcsec_gss
depends on the userspace daemon
rpc.gssd
to establish security contexts. The
rpc.gssd
daemon uses files in the rpc_pipefs filesystem to communicate with the kernel.
OPTIONS
-f
Runs
rpc.gssd
in the foreground and sends output to stderr (as opposed to syslogd)
-k keytab
Tells
rpc.gssd
to use the keys for principals nfs/hostname in
keytab
to obtain machine credentials.
The default value is "/etc/krb5.keytab".
-p path
Tells
rpc.gssd
where to look for the rpc_pipefs filesystem. The default value is
"/var/lib/nfs/rpc_pipefs".
-d directory
Tells
rpc.gssd
where to look for kerberos credential files. The default value is "/tmp".
-v
Increases the verbosity of the output (can be specified multiple times).
-r
If the rpcsec_gss library supports setting debug level,
increases the verbosity of the output (can be specified multiple times).
