This was actually requested by the Red Hat QA group, who sometimes work
with multiple krb5.conf files when testing.
Requested-by: Marko Myllynen <myllynen@xxxxxxxxxx>
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxx>
---
cifs.upcall.8.in | 8 +++++++-
cifs.upcall.c | 13 ++++++++++---
2 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/cifs.upcall.8.in b/cifs.upcall.8.in
index 0d79a99..3ae0562 100644
--- a/cifs.upcall.8.in
+++ b/cifs.upcall.8.in
@@ -22,7 +22,7 @@
cifs.upcall \- Userspace upcall helper for Common Internet File System (CIFS)
.SH "SYNOPSIS"
.HP \w'\ 'u
-cifs\&.upcall [\-\-trust\-dns|\-t] [\-\-version|\-v] [\-\-legacy\-uid|\-l] {keyid}
+cifs\&.upcall [\-\-trust\-dns|\-t] [\-\-version|\-v] [\-\-legacy\-uid|\-l] [--krb5conf=/path/to/krb5.conf|-k /path/to/...] {keyid}
.SH "DESCRIPTION"
.PP
This tool is part of the cifs-utils suite\&.
@@ -38,6 +38,12 @@ for a particular key type\&. While it can be run directly from the command\-line
This option is deprecated and is currently ignored\&.
.RE
.PP
+\--krb5conf=/path/to/krb5.conf|-k /path/to/krb5.conf
+.RS 4
+This option allows administrators to set an alternate location for the
+krb5.conf file that cifs.upcall will use.
+.RE
+.PP
\-\-trust\-dns|\-t
.RS 4
With krb5 upcalls, the name used as the host portion of the service principal defaults to the hostname portion of the UNC\&. This option allows the upcall program to reverse resolve the network address of the server in order to get the hostname\&.
diff --git a/cifs.upcall.c b/cifs.upcall.c
index f560d21..0d222cb 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -759,12 +759,13 @@ lowercase_string(char *c)
static void usage(void)
{
- fprintf(stderr, "Usage: %s [-t] [-v] [-l] key_serial\n", prog);
+ fprintf(stderr, "Usage: %s [-k /path/to/krb5.conf] [-t] [-v] [-l] key_serial\n", prog);
}
const struct option long_options[] = {
- {"trust-dns", 0, NULL, 't'},
+ {"krb5conf", 1, NULL, 'k'},
{"legacy-uid", 0, NULL, 'l'},
+ {"trust-dns", 0, NULL, 't'},
{"version", 0, NULL, 'v'},
{NULL, 0, NULL, 0}
};
@@ -792,7 +793,7 @@ int main(const int argc, char *const argv[])
openlog(prog, 0, LOG_DAEMON);
- while ((c = getopt_long(argc, argv, "cltv", long_options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "ck:ltv", long_options, NULL)) != -1) {
switch (c) {
case 'c':
/* legacy option -- skip it */
@@ -800,6 +801,12 @@ int main(const int argc, char *const argv[])
case 't':
try_dns++;
break;
+ case 'k':
+ if (setenv("KRB5_CONFIG", optarg, 1) != 0) {
+ syslog(LOG_ERR, "unable to set $KRB5_CONFIG: %d", errno);
+ goto out;
+ }
+ break;
case 'l':
legacy_uid++;
break;
--
1.7.7.4
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
