Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticketexpiry

[Steve Dickson]

On 11/18/2011 06:32 AM, John Hughes wrote:
> By adding a new option to rpc.gssd the administrator can choose whether she wants the old "EACCESS on ticket expiry" or the new "wait for new ticket" behaviour.
> 
> 
I am not too keen this idea at all.... I've never been a fan of
added command line arguments for this purpose... Plus there 
is no man page update... Also please post patches in-line
the email not as email attachments...

If commit 2c64348 which causes the process to hang when 
its kerberos ticket expires is a regression... then so
be it... lets revert that commit and have the process error
out with EPERM.... It sounds like the apps would rather
have the error than the hanging... 

I think the answer to all this is have the ticket
renewed before it expires. There is a daemon call sssd
that is part of the FreeIPA project that will supposedly
do that for us... I'm looking into it... 

steved.
 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/