On 20/11/13 15:49, Simo Sorce wrote: >> I think Solution 3: [nfslog/nfslogout interfaces invoked from PAM or >> > other login system facility] is a good way to go. Note that a PAM >> > based solution where in the PAM would get us most of the way towards >> > providing users with a way to login and logout of NFS kerberized >> > shares. >> > >> > Comments on an NFS PAM that will destroy GSS context for a UID upon >> > logout? > I prefer 3 too, let it to the login system (whether PAM based or other) > to determine when it is time to destroy credentials, that's the only > component that have a chance of guessing right. > Of course you could also provide a user utility to force a purge. > +1 for me on this options as well... But how is it known when somebody logs out? Is that PAM-able as well? steved. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
