int
main(int argc, char *argv[])
{
int get_creds = 1;
int fg = 0;
int verbosity = 0;
int rpc_verbosity = 0;
int idmap_verbosity = 0;
int opt, status;
extern char *optarg;
char *progname;
char *principal = NULL;
while ((opt = getopt(argc, argv, "fivrnp:")) != -1) {
switch (opt) {
case 'f':
fg = 1;
break;
case 'i':
idmap_verbosity++;
break;
case 'n':
get_creds = 0;
break;
case 'v':
verbosity++;
break;
case 'r':
rpc_verbosity++;
break;
case 'p':
principal = optarg;
break;
default:
usage(argv[0]);
break;
}
}
if ((progname = strrchr(argv[0], '/')))
progname++;
else
progname = argv[0];
initerr(progname, verbosity, fg);
#ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL
if (verbosity && rpc_verbosity == 0)
rpc_verbosity = verbosity;
authgss_set_debug_level(rpc_verbosity);
#elif HAVE_LIBTIRPC_SET_DEBUG
/*
* Only set the libtirpc debug level if explicitly requested via -r...
* svcgssd is chatty enough as it is.
*/
if (rpc_verbosity > 0)
libtirpc_set_debug(progname, rpc_verbosity, fg);
#else
if (rpc_verbosity > 0)
printerr(0, "Warning: rpcsec_gss library does not "
"support setting debug level\n");
#endif
#ifdef HAVE_NFS4_SET_DEBUG
if (verbosity && idmap_verbosity == 0)
idmap_verbosity = verbosity;
nfs4_set_debug(idmap_verbosity, NULL);
#else
if (idmap_verbosity > 0)
printerr(0, "Warning: your nfsidmap library does not "
"support setting debug level\n");
#endif
if (gssd_check_mechs() != 0) {
printerr(0, "ERROR: Problem with gssapi library\n");
exit(1);
}
daemon_init(fg);
signal(SIGINT, sig_die);
signal(SIGTERM, sig_die);
signal(SIGHUP, sig_hup);
if (get_creds) {
if (principal)
status = gssd_acquire_cred(principal,
((const gss_OID)GSS_C_NT_USER_NAME));
else
status = gssd_acquire_cred(GSSD_SERVICE_NAME,
(const gss_OID)GSS_C_NT_HOSTBASED_SERVICE);
if (status == FALSE) {
printerr(0, "unable to obtain root (machine) credentials\n");
printerr(0, "do you have a keytab entry for "
"nfs/<your.host>@<YOUR.REALM> in "
"/etc/krb5.keytab?\n");
exit(1);
}
} else {
status = gssd_acquire_cred(NULL,
(const gss_OID)GSS_C_NT_HOSTBASED_SERVICE);
if (status == FALSE) {
printerr(0, "unable to obtain nameless credentials\n");
exit(1);
}
}
daemon_ready();
nfs4_init_name_mapping(NULL); /* XXX: should only do this once */
gssd_run();
printerr(0, "gssd_run returned!\n");
abort();
}
int
main(int argc, char *argv[])
{
int fg = 0;
int verbosity = 0;
int rpc_verbosity = 0;
int opt;
int i;
extern char *optarg;
char *progname;
memset(ccachesearch, 0, sizeof(ccachesearch));
while ((opt = getopt(argc, argv, "fvrmnMp:k:d:t:R:")) != -1) {
switch (opt) {
case 'f':
fg = 1;
break;
case 'm':
/* Accept but ignore this. Now the default. */
break;
case 'M':
use_memcache = 1;
break;
case 'n':
root_uses_machine_creds = 0;
break;
case 'v':
verbosity++;
break;
case 'r':
rpc_verbosity++;
break;
case 'p':
strmaxcpy(pipefs_dir, optarg, sizeof(pipefs_dir));
if (pipefs_dir[sizeof(pipefs_dir)-1] != '\0')
errx(1, "pipefs path name too long");
break;
case 'k':
strmaxcpy(keytabfile, optarg, sizeof(keytabfile));
if (keytabfile[sizeof(keytabfile)-1] != '\0')
errx(1, "keytab path name too long");
break;
case 'd':
strmaxcpy(ccachedir, optarg, sizeof(ccachedir));
if (ccachedir[sizeof(ccachedir)-1] != '\0')
errx(1, "ccachedir path name too long");
break;
case 't':
context_timeout = atoi(optarg);
break;
case 'R':
preferred_realm = strdup(optarg);
break;
default:
usage(argv[0]);
break;
}
}
i = 0;
ccachesearch[i++] = strtok(ccachedir, ":");
do {
ccachesearch[i++] = strtok(NULL, ":");
} while (ccachesearch[i-1] != NULL && i < GSSD_MAX_CCACHE_SEARCH);
if (preferred_realm == NULL)
gssd_k5_get_default_realm(&preferred_realm);
if ((progname = strrchr(argv[0], '/')))
progname++;
else
progname = argv[0];
initerr(progname, verbosity, fg);
#ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL
if (verbosity && rpc_verbosity == 0)
rpc_verbosity = verbosity;
authgss_set_debug_level(rpc_verbosity);
#else
if (rpc_verbosity > 0)
printerr(0, "Warning: rpcsec_gss library does not "
"support setting debug level\n");
#endif
if (gssd_check_mechs() != 0)
errx(1, "Problem with gssapi library");
if (!fg && daemon(0, 0) < 0)
errx(1, "fork");
signal(SIGINT, sig_die);
signal(SIGTERM, sig_die);
signal(SIGHUP, sig_hup);
gssd_run();
printerr(0, "gssd_run returned!\n");
abort();
}
int
main(int argc, char *argv[])
{
int fg = 0;
int verbosity = 0;
int rpc_verbosity = 0;
int opt;
extern char *optarg;
char *progname;
while ((opt = getopt(argc, argv, "fvrmp:k:d:")) != -1) {
switch (opt) {
case 'f':
fg = 1;
break;
case 'm':
/* Accept but ignore this. Now the default. */
break;
case 'v':
verbosity++;
break;
case 'r':
rpc_verbosity++;
break;
case 'p':
strncpy(pipefsdir, optarg, sizeof(pipefsdir));
if (pipefsdir[sizeof(pipefsdir)-1] != '\0')
errx(1, "pipefs path name too long");
break;
case 'k':
strncpy(keytabfile, optarg, sizeof(keytabfile));
if (keytabfile[sizeof(keytabfile)-1] != '\0')
errx(1, "keytab path name too long");
break;
case 'd':
strncpy(ccachedir, optarg, sizeof(ccachedir));
if (ccachedir[sizeof(ccachedir-1)] != '\0')
errx(1, "ccachedir path name too long");
break;
default:
usage(argv[0]);
break;
}
}
strncat(pipefsdir + strlen(pipefsdir), "/" GSSD_SERVICE_NAME,
sizeof(pipefsdir)-strlen(pipefsdir));
if (pipefsdir[sizeof(pipefsdir)-1] != '\0')
errx(1, "pipefs path name too long");
if ((progname = strrchr(argv[0], '/')))
progname++;
else
progname = argv[0];
initerr(progname, verbosity, fg);
#ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL
authgss_set_debug_level(rpc_verbosity);
#else
if (rpc_verbosity > 0)
printerr(0, "Warning: rpcsec_gss library does not "
"support setting debug level\n");
#endif
if (gssd_check_mechs() != 0)
errx(1, "Problem with gssapi library");
if (!fg && daemon(0, 0) < 0)
errx(1, "fork");
signal(SIGINT, sig_die);
signal(SIGTERM, sig_die);
signal(SIGHUP, sig_hup);
/* Process keytab file and get machine credentials */
gssd_refresh_krb5_machine_creds();
gssd_run();
printerr(0, "gssd_run returned!\n");
abort();
}
