lsvcgssd from the current HEAD refuses all remote-realm principals, the
culprit is get_ids() in lustre/utils/gss/svcgssd_proc.c
In the previous revision (1.4):
MDS accepts remote principals with mapping to local user.
OSS accepts remote "lustre_root at SOMEREALM" principals.
Any other remote principals are logged as unmapped and failed.
In the current revision (1.5, since Jan):
MDS fails all remote principals.
OSS fails all remote principals.
Unmapped remote principals are logged, mapped are not.
The attached patch (against 1.5):
Restores previous MDS behavior of accepting remote principals with
mapping to local user.
Modifies OSS behavior to accept remote "lustre_root at SOMEREALM"
and
"lustre_root/hostname at SOMEREALM" principals.
Fixes logging errors in get_ids().
Notice of any problems with this patch, or other suggestions, are
appreciated.
thanks,
--ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lsvcgssd-xrealm.patch
Type: text/x-patch
Size: 3199 bytes
Desc: not available
Url :
http://lists.lustre.org/pipermail/lustre-devel/attachments/20080620/3fd48709/attachment-0001.bin