| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 Nov 2011 08:44:40 -0500 From: Steve Dickson <SteveD@...hat.com> To: John Hughes <john@...va.COM> CC: Trond Myklebust <Trond.Myklebust@...app.com>, linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticket expiry On 11/18/2011 06:32 AM, John Hughes wrote: > By adding a new option to rpc.gssd the administrator can choose whether she wants the old "EACCESS on ticket expiry" or the new "wait for new ticket" behaviour. > > I am not too keen this idea at all.... I've never been a fan of added command line arguments for this purpose... Plus there is no man page update... Also please post patches in-line the email not as email attachments... If commit 2c64348 which causes the process to hang when its kerberos ticket expires is a regression... then so be it... lets revert that commit and have the process error out with EPERM.... It sounds like the apps would rather have the error than the hanging... I think the answer to all this is have the ticket renewed before it expires. There is a daemon call sssd that is part of the FreeIPA project that will supposedly do that for us... I'm looking into it... steved. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists