Re: [nfs-utils PATCH v4] systemd: add instructions for disabling gssd to nfs.systemd.man

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jul 20 2017, Scott Mayhew wrote:

> We've had several users complain about gssd automatically starting.  Not
> everyone who has a krb5.keytab want to use secure NFS; the instructions
> for disabling gssd ought to be on the man page in addition to the README
> (which may not even be included in a distro's nfs-utils package).
>
> Signed-off-by: Scott Mayhew <smayhew@xxxxxxxxxx>
> ---
>  systemd/nfs.systemd.man | 17 ++++++++++++++++-
>  1 file changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/systemd/nfs.systemd.man b/systemd/nfs.systemd.man
> index 01801eb..7675320 100644
> --- a/systemd/nfs.systemd.man
> +++ b/systemd/nfs.systemd.man
> @@ -79,11 +79,26 @@ unit should be enabled.
>  Several other units which might be considered to be optional, such as
>  .I rpc-gssd.service
>  are careful to only start if the required configuration file exists.
> -.I rpc-gsdd.service
> +.I rpc-gssd.service
>  will not start if the
>  .I krb5.keytab
>  file does not exist (typically in
>  .IR /etc ).
> +.B rpc.gssd
> +is assumed to be needed if the
> +.I krb5.keytab
> +file is present.  If a site needs this file present but does not want
> +.B rpc.gssd
> +running, it should create
> +.B /etc/systemd/system/rpc-gssd.service.d/01-disable.conf

A substantially simpler approach would be to recommend

  systemctl mask rpc-gssd.service

"mask" is also useful for disabling rpcbind if you use NFSv4 only and
don't want the extra service.

NeilBrown


> +containing
> +.RS
> +.nf
> +[Unit]
> +ConditionNull=false
> +.fi
> +.RE
> +
>  .SS Restarting NFS services
>  Most NFS daemons can be restarted at any time.  They will reload any
>  state that they need, and continue servicing requests.  This is rarely
> -- 
> 2.9.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux