Return-Path: linux-nfs-owner@vger.kernel.org Received: from mx12.netapp.com ([216.240.18.77]:37389 "EHLO mx12.netapp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753861Ab3JVQjk convert rfc822-to-8bit (ORCPT ); Tue, 22 Oct 2013 12:39:40 -0400 From: "Adamson, Andy" To: Weston Andros Adamson CC: Simo Sorce , "Adamson, Andy" , "steved@redhat.com" , "linux-nfs@vger.kernel.org" Subject: Re: [PATCH Version 2 0/3] GSSD: Use gss-ctx keys and gsskeyd to sync Kerberos credentials and kernel gss_contexts. Date: Tue, 22 Oct 2013 16:39:14 +0000 Message-ID: <5683A8D0-EDAD-4CF6-8486-45861FB1CDEF@netapp.com> References: <1382451757-3032-1-git-send-email-andros@netapp.com> ,<1382454148.9794.72.camel@willson.li.ssimo.org> <002FCC76-C58E-4B33-B561-6335AB77AAB4@netapp.com> <1382458261.9794.87.camel@willson.li.ssimo.org> <342171A2-EBEA-4EEA-BE80-19DC4F42B9A0@netapp.com> In-Reply-To: <342171A2-EBEA-4EEA-BE80-19DC4F42B9A0@netapp.com> Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Sender: linux-nfs-owner@vger.kernel.org List-ID: On Oct 22, 2013, at 12:14 PM, Weston Andros Adamson wrote: > On Oct 22, 2013, at 12:11 PM, Simo Sorce > wrote: > >> On Tue, 2013-10-22 at 15:46 +0000, Weston Andros Adamson wrote: >>> >>> gsskeyd is a separate daemon only for proof of concept. In the commit >>> message it makes it clear that if this is the way we want to go, it >>> should be incorporated into gssd. >>> >> The more I think of the idea the more I think you'd not get what you >> want using a daemon that tries to poll files and second guess user >> intentions by the way libkrb5 actually operates, you'd probably be >> subject to way too many false positives to be useful. I will approach MIT about the possibility of client-side plugins. -->Andy >> > > I think you're probably right, but this method works well for testing NFS code under near-to-expiry and expired cred conditions. > > -dros