On Tue, 2009-10-13 at 13:27 -0400, Jeff Layton wrote: > Correct...and gssd actually does check the validity of the cache. If > TGT has expired or it's not valid for some other reason, then it skips > it and moves on. > > The problem comes when you have more than one valid credcache. In that > case it picks the one with the latest mtime. It seems that it should > instead pick the one with the latest TGT expiration time. So why do you think that is a problem? The result should be that rpc.gssd always ends up with a valid credential as long as there is at least one with a valid TGT. IOW: Who cares if the GSS session isn't going to last as long, as long as the RPC client can always instantiate a new one. Trond -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
