|| FreeBSD System Manager's Manual
Generic Security Services Daemon
|| [ -d][ -h][ -o][ -v][ -s dir-list][ -c file-substring][ -r preferred-realm]
program provides support for the kernel GSS-API implementation.
The options are as follows:
Run in debug mode. In this mode,
gssd will not fork when it starts.
Enable support for host-based initiator credentials. This permits a kerberized NFS mount to use a service principal in the default Kerberos 5 keytab file for access. Such access is enabled via the gssname option for the
Force use of DES and the associated old style GSS-API initialization token. This may be required to make kerberized NFS mounts work against some non-FreeBSD NFS servers.
Run in verbose mode. In this mode,
gssd will log activity messages to syslog using LOG_INFO | LOG_DAEMON or to stderr, if the
-d option has also been specified. The minor status is logged as a decimal number, since it is actually a Kerberos return status, which is signed.
Look for an appropriate credential cache file in this list of directories. The list should be full pathnames from root, separated by ':' characters. Usually this list will simply be "/tmp". Without this option,
gssd assumes that the credential cache file is called /tmp/krb5cc_<uid>, where <uid> is the effective uid for the RPC caller.
Set a file-substring for the credential cache file names. Only files with this substring embedded in their names will be selected as candidates when
-s has been specified. If not specified, it defaults to "krb5cc_".
Use Kerberos credentials for this realm when searching for credentials in directories specified with
-s. If not specified, the default Kerberos realm will be used.
Contains Kerberos service principals which may be used as credentials by kernel GSS-API services.
EXIT STATUS The
gssd utility exits 0 on success, and >0 if an error occurs.
gssd manual page first appeared in
AUTHORS This manual page was written by