int main(int argc, char *argv[]) { int get_creds = 1; int fg = 0; int verbosity = 0; int rpc_verbosity = 0; int idmap_verbosity = 0; int opt, status; extern char *optarg; char *progname; char *principal = NULL; while ((opt = getopt(argc, argv, "fivrnp:")) != -1) { switch (opt) { case 'f': fg = 1; break; case 'i': idmap_verbosity++; break; case 'n': get_creds = 0; break; case 'v': verbosity++; break; case 'r': rpc_verbosity++; break; case 'p': principal = optarg; break; default: usage(argv[0]); break; } } if ((progname = strrchr(argv[0], '/'))) progname++; else progname = argv[0]; initerr(progname, verbosity, fg); #ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL if (verbosity && rpc_verbosity == 0) rpc_verbosity = verbosity; authgss_set_debug_level(rpc_verbosity); #elif HAVE_LIBTIRPC_SET_DEBUG /* * Only set the libtirpc debug level if explicitly requested via -r... * svcgssd is chatty enough as it is. */ if (rpc_verbosity > 0) libtirpc_set_debug(progname, rpc_verbosity, fg); #else if (rpc_verbosity > 0) printerr(0, "Warning: rpcsec_gss library does not " "support setting debug level\n"); #endif #ifdef HAVE_NFS4_SET_DEBUG if (verbosity && idmap_verbosity == 0) idmap_verbosity = verbosity; nfs4_set_debug(idmap_verbosity, NULL); #else if (idmap_verbosity > 0) printerr(0, "Warning: your nfsidmap library does not " "support setting debug level\n"); #endif if (gssd_check_mechs() != 0) { printerr(0, "ERROR: Problem with gssapi library\n"); exit(1); } daemon_init(fg); signal(SIGINT, sig_die); signal(SIGTERM, sig_die); signal(SIGHUP, sig_hup); if (get_creds) { if (principal) status = gssd_acquire_cred(principal, ((const gss_OID)GSS_C_NT_USER_NAME)); else status = gssd_acquire_cred(GSSD_SERVICE_NAME, (const gss_OID)GSS_C_NT_HOSTBASED_SERVICE); if (status == FALSE) { printerr(0, "unable to obtain root (machine) credentials\n"); printerr(0, "do you have a keytab entry for " "nfs/<your.host>@<YOUR.REALM> in " "/etc/krb5.keytab?\n"); exit(1); } } else { status = gssd_acquire_cred(NULL, (const gss_OID)GSS_C_NT_HOSTBASED_SERVICE); if (status == FALSE) { printerr(0, "unable to obtain nameless credentials\n"); exit(1); } } daemon_ready(); nfs4_init_name_mapping(NULL); /* XXX: should only do this once */ gssd_run(); printerr(0, "gssd_run returned!\n"); abort(); }
int main(int argc, char *argv[]) { int fg = 0; int verbosity = 0; int rpc_verbosity = 0; int opt; int i; extern char *optarg; char *progname; memset(ccachesearch, 0, sizeof(ccachesearch)); while ((opt = getopt(argc, argv, "fvrmnMp:k:d:t:R:")) != -1) { switch (opt) { case 'f': fg = 1; break; case 'm': /* Accept but ignore this. Now the default. */ break; case 'M': use_memcache = 1; break; case 'n': root_uses_machine_creds = 0; break; case 'v': verbosity++; break; case 'r': rpc_verbosity++; break; case 'p': strmaxcpy(pipefs_dir, optarg, sizeof(pipefs_dir)); if (pipefs_dir[sizeof(pipefs_dir)-1] != '\0') errx(1, "pipefs path name too long"); break; case 'k': strmaxcpy(keytabfile, optarg, sizeof(keytabfile)); if (keytabfile[sizeof(keytabfile)-1] != '\0') errx(1, "keytab path name too long"); break; case 'd': strmaxcpy(ccachedir, optarg, sizeof(ccachedir)); if (ccachedir[sizeof(ccachedir)-1] != '\0') errx(1, "ccachedir path name too long"); break; case 't': context_timeout = atoi(optarg); break; case 'R': preferred_realm = strdup(optarg); break; default: usage(argv[0]); break; } } i = 0; ccachesearch[i++] = strtok(ccachedir, ":"); do { ccachesearch[i++] = strtok(NULL, ":"); } while (ccachesearch[i-1] != NULL && i < GSSD_MAX_CCACHE_SEARCH); if (preferred_realm == NULL) gssd_k5_get_default_realm(&preferred_realm); if ((progname = strrchr(argv[0], '/'))) progname++; else progname = argv[0]; initerr(progname, verbosity, fg); #ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL if (verbosity && rpc_verbosity == 0) rpc_verbosity = verbosity; authgss_set_debug_level(rpc_verbosity); #else if (rpc_verbosity > 0) printerr(0, "Warning: rpcsec_gss library does not " "support setting debug level\n"); #endif if (gssd_check_mechs() != 0) errx(1, "Problem with gssapi library"); if (!fg && daemon(0, 0) < 0) errx(1, "fork"); signal(SIGINT, sig_die); signal(SIGTERM, sig_die); signal(SIGHUP, sig_hup); gssd_run(); printerr(0, "gssd_run returned!\n"); abort(); }
int main(int argc, char *argv[]) { int fg = 0; int verbosity = 0; int rpc_verbosity = 0; int opt; extern char *optarg; char *progname; while ((opt = getopt(argc, argv, "fvrmp:k:d:")) != -1) { switch (opt) { case 'f': fg = 1; break; case 'm': /* Accept but ignore this. Now the default. */ break; case 'v': verbosity++; break; case 'r': rpc_verbosity++; break; case 'p': strncpy(pipefsdir, optarg, sizeof(pipefsdir)); if (pipefsdir[sizeof(pipefsdir)-1] != '\0') errx(1, "pipefs path name too long"); break; case 'k': strncpy(keytabfile, optarg, sizeof(keytabfile)); if (keytabfile[sizeof(keytabfile)-1] != '\0') errx(1, "keytab path name too long"); break; case 'd': strncpy(ccachedir, optarg, sizeof(ccachedir)); if (ccachedir[sizeof(ccachedir-1)] != '\0') errx(1, "ccachedir path name too long"); break; default: usage(argv[0]); break; } } strncat(pipefsdir + strlen(pipefsdir), "/" GSSD_SERVICE_NAME, sizeof(pipefsdir)-strlen(pipefsdir)); if (pipefsdir[sizeof(pipefsdir)-1] != '\0') errx(1, "pipefs path name too long"); if ((progname = strrchr(argv[0], '/'))) progname++; else progname = argv[0]; initerr(progname, verbosity, fg); #ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL authgss_set_debug_level(rpc_verbosity); #else if (rpc_verbosity > 0) printerr(0, "Warning: rpcsec_gss library does not " "support setting debug level\n"); #endif if (gssd_check_mechs() != 0) errx(1, "Problem with gssapi library"); if (!fg && daemon(0, 0) < 0) errx(1, "fork"); signal(SIGINT, sig_die); signal(SIGTERM, sig_die); signal(SIGHUP, sig_hup); /* Process keytab file and get machine credentials */ gssd_refresh_krb5_machine_creds(); gssd_run(); printerr(0, "gssd_run returned!\n"); abort(); }