Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

gssd(8) [freebsd man page]

GSSD(8) 						    BSD System Manager's Manual 						   GSSD(8)

NAME
gssd -- Generic Security Services Daemon SYNOPSIS
gssd [-d] [-h] [-o] [-v] [-s dir-list] [-c file-substring] [-r preferred-realm] DESCRIPTION
The gssd program provides support for the kernel GSS-API implementation. The options are as follows: -d Run in debug mode. In this mode, gssd will not fork when it starts. -h Enable support for host-based initiator credentials. This permits a kerberized NFS mount to use a service principal in the default Kerberos 5 keytab file for access. Such access is enabled via the gssname option for the mount_nfs(8) command. -o Force use of DES and the associated old style GSS-API initialization token. This may be required to make kerberized NFS mounts work against some non-FreeBSD NFS servers. -v Run in verbose mode. In this mode, gssd will log activity messages to syslog using LOG_INFO | LOG_DAEMON or to stderr, if the -d option has also been specified. The minor status is logged as a decimal number, since it is actually a Kerberos return status, which is signed. -s dir-list Look for an appropriate credential cache file in this list of directories. The list should be full pathnames from root, separated by ':' characters. Usually this list will simply be "/tmp". Without this option, gssd assumes that the credential cache file is called /tmp/krb5cc_<uid>, where <uid> is the effective uid for the RPC caller. -c file-substring Set a file-substring for the credential cache file names. Only files with this substring embedded in their names will be selected as candidates when -s has been specified. If not specified, it defaults to "krb5cc_". -r preferred-realm Use Kerberos credentials for this realm when searching for credentials in directories specified with -s. If not specified, the default Kerberos realm will be used. FILES
/etc/krb5.keytab Contains Kerberos service principals which may be used as credentials by kernel GSS-API services. EXIT STATUS
The gssd utility exits 0 on success, and >0 if an error occurs. SEE ALSO
gssapi(3), syslog(3), mount_nfs(8) HISTORY
The gssd manual page first appeared in FreeBSD 8.0. AUTHORS
This manual page was written by Doug Rabson <dfr@FreeBSD.org>. BSD
July 7, 2013 BSD

Check Out this Related Man Page

gssd(1M)						  System Administration Commands						  gssd(1M)

NAME
gssd - generates and validates GSS-API tokens for kernel RPC SYNOPSIS
/usr/lib/gss/gssd DESCRIPTION
gssd is the user mode daemon that operates between the kernel rpc and the Generic Security Service Application Program Interface (GSS-API) to generate and validate GSS-API security tokens. In addition, gssd maps the GSS-API principal names to the local user and group ids. By default, all groups that the requested user belongs to will be included in the grouplist credential. gssd is invoked by the Internet daemon inetd(1m) the first time that the kernel RPC requests GSS-API services. EXIT STATUS
The following exit values are returned: 0 Successful completion. >0 An error occurred. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWgssk | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
kill(1), pkill(1), svcs(1), inetadm(1M), inetd(1M), gsscred(1M), svcadm(1M), gsscred.conf(4), attributes(5), smf(5) RFC 2078 NOTES
The following signal has the specified effect when sent to the server process using the kill(1) command: SIGHUP gssd rereads the gsscred.conf(4) options. The gssd service is managed by the service management facility, smf(5), under the service identifier: svc:/network/rpc/gss:default Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). Responsibil- ity for initiating and restarting this service is delegated to inetd(1M). Use inetadm(1M) to make configuration changes and to view config- uration information for this service. The service's status can be queried using the svcs(1) command. SunOS 5.10 11 Aug 2004 gssd(1M)
Man Page