Package: gssproxy
Version: 0.8.0-1.1
Severity: normal
Hi,
The default configuration file looks for kerberos credentials
in ccache:FILE:/var/lib/gssproxy/clients/krb5cc_%U but they usually
are in ccache:FILE:/tmp/krb5cc_%U
Is this configuration intended? Why? I had to change it, I found
the solution on several internet forum where it said that this is
an error in the default configuration. I'm not sure if this is the
case (an error) or if the default configuration file targets another
usage.
Regards
Vincent
-- System Information:
Debian Release: 10.3
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500,
'oldstable-updates'), (500, 'testing'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.3.0-0.bpo.2-amd64 (SMP w/30 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gssproxy depends on:
ii libc6 2.28-10
ii libgssapi-krb5-2 1.17-3
ii libgssrpc4 1.17-3
ii libini-config5 0.6.1-2
ii libk5crypto3 1.17-3
ii libkrb5-3 1.17-3
ii libpopt0 1.16-12
ii libref-array1 0.6.1-2
ii libselinux1 2.8-1+b1
ii libverto1 0.3.0-2
gssproxy recommends no packages.
gssproxy suggests no packages.
-- Configuration Files:
/etc/gssproxy/99-nfs-client.conf changed:
[service/nfs-client]
mechs = krb5
cred_store = keytab:/etc/krb5.keytab
cred_store = ccache:FILE:/tmp/krb5cc_%U
cred_store = client_keytab:/var/lib/gssproxy/clients/%U.keytab
cred_usage = initiate
allow_any_uid = yes
trusted = yes
euid = 0
-- no debconf information