On 3/14/25 8:18 AM, Benjamin Coddington wrote:
On 13 Mar 2025, at 7:30, Andrew J. Romero wrote:
Hi
Alexander Bokovoy provided excellent answers to most of my questions on
this topic See: Thread: gssproxy security, configuration and life-cycle
questions on gss-proxy@xxxxxxxxxxxxxxxxxxxxxx
Remaining question:
Prior to RHEL-9 , in the section of the gssd man page ( under the heading
CONFIGURATION FILE ... ....options that can be set on the command line
can also be controlled through .... values set in the [gssd] section of
/etc/nfs.conf ) there was a configuration parameter "use-gss-proxy"
I don't see any git history of gssd.man with use-gss-proxy, but the value
does appear in nfs.conf.man. It has not been removed there. It probably
should be added to gssd.man.
+1
why was this parameter removed from the current man page, can it be
re-added ? ( apparently the parameter is still functional ... if that's
the case , it should not simply be removed from the documentation with no
commentary )
I'm not sure thats what happened. It looks like it wasn't ever in gssd.man
to me. Maybe Steve D can clarify?
My question is does the use-gss-proxy param need to be on
by default... I agree that parameter needs to be documented in the
gssd.man man page... which smayhew as sent a patch.
Does use-gss-proxy=yes add more complexity that is needed?
Personally I would like to turn it off.
steved.
